Attack path and graph creation based on user and system profiling
US12413615B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 8, 2024 |
| Grant date | Sep 9, 2025 |
| Priority date | — |
| Expiry date | Mar 8, 2044 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1433
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Methods and systems for generating an attack path based on user and system risk profiles are presented. A method comprises determining user information associated with a computing device; determining system exploitability information of the computing device; determining system criticality information of the computing device; determining a risk profile for the computing device based on the user information, the system exploitability information, and the system criticality information; and generating an attack path based on the risk profile. The attack path indicates a route through which an attacker accesses the computing device. The system exploitability information is associated with or based on one or more of the vulnerability associated with the computing device, an exposure window associated with the computing device, and a protection window associated with the computing device. The system criticality information is associated with or based on one or more assets and services associated with the computing device.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.