Discovering cyber-attack process model based on analytical attack graphs
US11895150B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 28, 2021 |
| Grant date | Feb 6, 2024 |
| Priority date | — |
| Expiry date | Aug 11, 2042 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/20
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Implementations of the present disclosure include receiving analytical attack graph data representative of an analytical attack graph, the analytical attack graph including: one or more rule nodes each representing a network configuration rule; and one or more impact nodes each representing an impact of one or more respective network configuration rules; converting the analytical attack graph to a tactic graph including one or more tactic nodes, each tactic node representing at least one rule node and at least one impact node; determining one or more paths of the tactic graph that lead to a particular network impact; generating a process model based on the paths that lead to the particular network impact, the process model representing network activity for execution of a process that leads to the particular network impact; and executing one or more remedial actions based on the process model to mitigate cyber-security risk to the enterprise network.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.