Feedback-based prioritized cognitive analysis
US10681061B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 14, 2017 |
| Grant date | Jun 9, 2020 |
| Priority date | — |
| Expiry date | Mar 25, 2038 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1441
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
An automated method for processing security event data in association with a cybersecurity knowledge graph having nodes and edges. It begins by receiving from a security system (e.g., a SIEM) information representing an offense. An offense context graph is built. Thereafter, and to enhance the offense context graph, given nodes and edges of the knowledge graph are prioritized for traversal based on an encoding captured from a security analyst workflow. This prioritization is defined in a set of weights associated to the graph nodes and edges, and these weights may be derived using machine learning. The offense context graph is then refined by traversing the nodes and edges of the knowledge graph according to a prioritization tailored at least in part by the encoding. In addition to using security analyst workflow to augment generation of weights, preferably the machine learning system provides recommendations back to the security analysts to thereby influence their workflow.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.