Artificially intelligent security incident and event management

Assignee

• International Business Machines Corporation · US

Inventors

• Jeb R. Linton · Manassas, US
• Darrel HASWELL · Austin, US
• Satya Sreenivas · Los Alamos, US
• Naeem Altaf · Round Rock, US
• Sanjay Nadhavajhala · Cupertino, US
• Ron Williams · Owasso, US
• Bradley E. Harris · Sandy Springs, US
• John Walter Morris · Atlanta, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/1425
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Methods and systems for artificially intelligent security incident and event management using an attention-based deep neural network and transfer learning are disclosed. A method includes: collecting, by a computing device, system and network activity events in bulk; forming, by the computing device, a corpus using the collected system and network activity events; correlating, by the computing device, discrete events of the system and network activity events into offenses; adding, by the computing device, additional features to the corpus representing the offenses and disposition decisions regarding the offenses; training, by the computing device, a deep neural network using the corpus; and tuning, by the computing device, the deep neural network for a monitored computing environment using transfer learning.