Systems and methods for identifying malicious actors or activities
US11522877B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Dec 16, 2019 |
| Grant date | Dec 6, 2022 |
| Priority date | — |
| Expiry date | Jan 29, 2041 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06N20/00
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
With the systems and methods described herein, one or more security counter measures can be applied to received security data, e.g., by an initial detector, for identifying signatures or patterns in the received security data and determining whether to promote identifiers (e.g., URLs, IP addresses, domains, etc.) to an attacker learning system. If the identified signatures or patterns and/or the identifiers related thereto are determined to meet a threshold criterion, the identifiers are promoted to the attacker learning system. At the attacker learning system, a machine learning model is applied to promoted identifiers and security data associated therewith for determining whether the identifiers are malicious and should be added or otherwise included in an attacker database. Other aspects also are described.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.