Cumulative trajectory of cyber reconnaissance indicators
US11848940B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Aug 28, 2015 |
| Grant date | Dec 19, 2023 |
| Priority date | — |
| Expiry date | Jun 21, 2036 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1483
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
This disclosure is directed to detecting cybersecurity attacks in data processing systems. Methods, systems, and computer program products perform operations including determining baseline event clusters using baseline event data obtained from deterministic target systems. The operations also include determining a baseline cumulative trajectory of an event over time based on the baseline event clusters. The operations further include determining operational event clusters using operational event data from the deterministic target systems. Additionally, the operations include determining an operational cumulative trajectory of the event over time based on the operational event clusters. Further, the operations include detecting a cyber-attack by comparing the baseline cumulative trajectory of the event with the operational cumulative trajectory of the event.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.