System and method for associating cybersecurity intelligence to cyberthreat actors through a similarity matrix
US12063229B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 21, 2022 |
| Grant date | Aug 13, 2024 |
| Priority date | — |
| Expiry date | Aug 9, 2042 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F18/22
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A computerized method for associating cyberthreat actor groups responsible for different cyberthreats is described. The method involves generating a similarity matrix based on content from received clusters of cybersecurity information. Each received cluster of cybersecurity information is assumed to be associated with a cyberthreat. The similarity matrix is composed via an optimized equation combining separate similarity metrics, where each similarity metric of the plurality of similarity metrics represents a level of correlation between at least two clusters of cybersecurity information, with respect to a particular aspect of operations described in the clusters. The method further involves that, in response to queries directed to the similarity matrix, generating a listing of a subset of the clusters of cybersecurity information having a greater likelihood of being associated with cyberthreats caused by the same cyberthreat actor group.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.