Attack kill chain generation and utilization for threat analysis
US11334666B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 15, 2019 |
| Grant date | May 17, 2022 |
| Priority date | — |
| Expiry date | Apr 15, 2039 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/034
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
The present disclosure relates to methods, systems, and computer program products for generating an attack kill chain for threat analysis. The method comprises receiving a first security event captured by a first security operation associated with a computing device, and receiving a second security event captured by a second security operation associated with the computing device. The first security event and the second security event are associated with an attack campaign. The method further comprises mapping the first security event to first security data in an attack repository, and mapping the second security event to second security data in the attack repository. The method also comprises determining based on the mapping, one or more attack execution operations for executing the attack campaign associated with the first security event and the second security event. Additionally, the method sequences the one or more attack execution operations to form an attack kill chain.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.