Apparatus and method for monitoring of data for attack detection and prevention
US11734423B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Oct 27, 2022 |
| Grant date | Aug 22, 2023 |
| Priority date | — |
| Expiry date | Oct 27, 2042 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/034
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A stream of cybersecurity alerts is received. Each cybersecurity alert from the stream of cybersecurity alerts is associated with a set of attributes. Each cybersecurity alert from the stream of cybersecurity alerts is associated, based on the set of attributes and as that cybersecurity alert is received, to a bucket from a set of buckets. Each bucket from the set of buckets is associated with (1) an attribute from the set of attributes different than remaining buckets from the set of buckets and (2) a set cybersecurity alerts from the stream of cybersecurity alerts having the attribute. For each bucket from the set of buckets, a set of correlations between cybersecurity alerts included in the set of cybersecurity alerts for that bucket are determined, based on the set of cybersecurity alerts for that bucket, to generate an attack graph associated with that bucket.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.