Capability based insider threat detection
US11757918B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Feb 11, 2021 |
| Grant date | Sep 12, 2023 |
| Priority date | — |
| Expiry date | May 6, 2041 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/20
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Systems and methods for mitigating cybersecurity threats are provided. A system for mitigating cybersecurity threats may be configured to identify, based on a model of a system, future states, wherein the model depicts a plurality of states for the system and a plurality of capabilities enabling transitions between the plurality of states. Identifying future states may be based on a current state of the system, and the future states may comprise an undesirable state. The system may determine, based on the model of the system, whether the undesirable state is a reachable state, wherein the determination is based on capabilities possessed by an insider entity. In accordance with a determination that the undesirable state is a reachable state, the system may modify a capability possessed by the insider entity, wherein modifying the capability prevents the insider entity from causing the system to transition to the undesirable state.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.