首页> 外国专利> Profiling cyber threats detected in a target environment and automatically generating one or more rule bases for an expert system usable to profile cyber threats detected in a target environment

Profiling cyber threats detected in a target environment and automatically generating one or more rule bases for an expert system usable to profile cyber threats detected in a target environment

机译：对目标环境中检测到的网络威胁进行概要分析，并为专家系统自动生成一个或多个规则库，可用于分析在目标环境中检测到的网络威胁

页面导航

摘要
著录项
相似文献

摘要

A computer implemented method of profiling cyber threats detected in a target environment, comprising: receiving, from a Security Information and Event Manager (SIEM) monitoring the target environment, alerts triggered by a detected potential cyber threat, and, for each alert: retrieving captured packet data related to the alert; extracting data pertaining to a set of attributes from captured packet data triggering the alert; applying fuzzy logic to data pertaining to one or more of the attributes to determine values for one or more output variables indicative of a level of an aspect of risk attributable to the cyber threat.

机译：一种计算机实现的对目标环境中检测到的网络威胁进行概要分析的方法，包括：从监视目标环境的安全信息和事件管理器（SIEM）接收由检测到的潜在网络威胁触发的警报，并且对于每个警报：检索捕获的与警报有关的分组数据;从捕获的触发警报的分组数据中提取与一组属性有关的数据;将模糊逻辑应用于与一个或多个属性有关的数据，以确定一个或多个输出变量的值，这些值指示可归因于网络威胁的风险方面的水平。

著录项

公开/公告号US9807109B2

专利类型
公开/公告日2017-10-31

原文格式PDF
申请/专利权人 CYBERLYTIC LIMITED;
展开▼

申请/专利号US201615337120
发明设计人 MARK HILLICK;ST. JOHN HAROLD;STUART LAIDLAW;
展开▼

申请日2016-10-28
分类号G06F11/00;H04L29/06;G06F21/55;G06N5/04;G06F21/57;G06N7/02;
国家 US
入库时间 2022-08-21 13:44:26

相似文献

专利
外文文献
中文文献