Automated mitigation of cyber threats using a semantic cybersecurity database

Assignee

• Trend Micro Incorporated · JP

Inventors

• Josiah Dede Hagen · Austin, US
• David Girard · Montréal, CA
• Jonathan Edward Andersson · Round Rock, US
• Vincenzo Ciancaglini · Avignon, FR
• Jannis Weigend · Taipei, TW
• Ahmed M. Ibrahim · Ottawa, CA
• Mikhail Gorbulev · Praha, CZ

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F16/906
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Systems and methods are presented for mitigating cyber threats. Cybersecurity-related data are stored in a semantic cybersecurity database. A user interface converts a user input to a command utterance. A command node that corresponds to the command utterance is identified in the cybersecurity database. The command node is resolved to one or more action nodes that are connected to the command node, and each action node is resolved to one or more parameter nodes that are connected to the action node. The command node has a command that implements actions indicated in the action nodes. Each action can have one or more required parameters indicated in the parameter nodes. The values of the required parameters are obtained from the command utterance, prompted from the user, or obtained from the cybersecurity database. Actions with their parameter values are executed to mitigate a cyber threat in accordance with the user input.