Systems and methods for threat visualization with signature composure, spatial scale and temporal expansion
US10805326B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 21, 2017 |
| Grant date | Oct 13, 2020 |
| Priority date | — |
| Expiry date | Oct 30, 2038 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1416
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A network security system collects event data over a long duration and mines the event data to identify unique conversations between each unique pair of a source network address and a destination network address. Events in each unique conversation are associated with signature identifiers that identify different types of attacks. Each signature thus identified is assigned with a unique visual clue. The unique visual clue has a particular visual character that reflects a number of occurrences of a particular event. For payload sizes associated with the event, a spatial scale representation is determined. The network security system generates a visualization relative to a conversation timeline for presentation on a user interface. The visualization contains unique visual clues for the different types of attacks associated with the signature identifiers and the spatial scale representation of the payload sizes associated with the events associated with the signature identifiers.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.