System and method for automatically associating cybersecurity intelligence to cyberthreat actors
US11258806B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 24, 2019 |
| Grant date | Feb 22, 2022 |
| Priority date | — |
| Expiry date | Jul 7, 2040 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F18/22
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A computerized method for associating cyberthreat actor groups responsible for different cyberthreats is described. The method involves generating a similarity matrix based on content from received clusters of cybersecurity information. Each received cluster of cybersecurity information is assumed to be associated with a cyberthreat. The similarity matrix is composed via an optimized equation combining separate similarity metrics, where each similarity metric of the plurality of similarity metrics represents a level of correlation between at least two clusters of cybersecurity information, with respect to a particular aspect of operations described in the clusters. The method further involves that, in response to queries directed to the similarity matrix, generating a listing of a subset of the clusters of cybersecurity information having a greater likelihood of being associated with cyberthreats caused by the same cyberthreat actor group.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.