Cyber threat attenuation using multi-source threat data analysis
US9894036B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 17, 2015 |
| Grant date | Feb 13, 2018 |
| Priority date | — |
| Expiry date | Jan 13, 2036 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/033
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A cyber threat attenuation system. The system comprises a cyber threat data store, a plurality of sensor control points (SCPs), wherein at least one SCP is located in each local area network (LAN) segment of an enterprise network, and an analytics correlation system (ACS). Each SCP comprises a plurality of sensor applications that analyze data packets transported by the LAN segment in which the SCP is located and transmits a notification identifying the transmitting sensor, an identity of the source of the data packet, an identity of the destination of the data packet, and a notification reason to the data store. The ACS comprises an application that determines unusual data packet traffic in the enterprise network and transmits a notification comprising information about the unusual data packet traffic and an identity of a host computer associated with the unusual data packet traffic to the data store.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.