Scheduling of defensive security actions in information processing systems
US9471777B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 24, 2012 |
| Grant date | Oct 18, 2016 |
| Priority date | — |
| Expiry date | Jul 18, 2034 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1441
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A processing device is configured to identify a plurality of defensive security actions to be taken to address a persistent security threat to a system comprising information technology infrastructure, and to determine a schedule for performance of the defensive security actions based at least in part on a selected distribution derived from a game-theoretic model, such as a delayed exponential distribution or other type of modified exponential distribution. The system subject to the persistent security threat is configured to perform the defensive security actions in accordance with the schedule in order to deter the persistent security threat. The distribution may be selected so as to optimize defender benefit in the context of the game-theoretic model, where the game-theoretic model may comprise a stealthy takeover game in which attacker and defender entities can take actions at any time but cannot determine current game state without taking an action.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.