System and method for cybersecurity threat monitoring using dynamically-updated semantic graphs
US12074902B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 20, 2023 |
| Grant date | Aug 27, 2024 |
| Priority date | — |
| Expiry date | Jun 20, 2043 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1416
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method for performing cyber-security analysis includes generating a semantic graph in which each object is represented as a node, and each event associated with an object is represented as an edge. A cyber-threat related alert, with an associated alert type, is received from a source. A first object from the plurality of objects is modified based on the alert. A plurality of threat scores, each associated with an object, are calculated, substantially concurrently, based on the alert type. Subsequently, a plurality of modified threat scores are determined for each object, based on: (1) the threat score for that object, (2) a connectivity of that object to each of the remaining objects within the semantic graph; and (3) the threat score for each remaining object from the plurality of objects. A subgraph of the semantic graph is identified based on normalized versions of the modified threat scores.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.