Genetic fuzzing for customization of security operations center rules per organization
US11720802B2 · kind B2 · utility
Inventors
Key dates
| Filing date | Feb 26, 2020 |
| Grant date | Aug 8, 2023 |
| Priority date | — |
| Expiry date | Jul 2, 2041 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/034
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Embodiments may provide techniques that that may automatically generate a customized SOC rule set for an organization. For example, in an embodiment, a method may be implemented in a computer comprising a processor, memory accessible by the processor, and computer program instructions stored in the memory and executable by the processor, the method may comprise simulating operation of a security incident and event management system by running a plurality of rules of the system on labeled data, determining fitness metrics of the plurality of rules, selecting at least one rule of the plurality of rules based on the determined fitness metrics; modifying the selected rule to form an updated rule, and repeating running the updated rule on the labeled data, determining fitness metrics of the updated rule, and mutating the updated rule.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.