首页>
外国专利>
Corroborating threat assertions by consolidating security and threat intelligence with kinetics data
Corroborating threat assertions by consolidating security and threat intelligence with kinetics data
展开▼
机译:通过将动力学数据与安全性和威胁情报相结合来确认威胁断言
展开▼
页面导航
摘要
著录项
相似文献
摘要
A cognitive security analytics platform is enhanced by providing a computationally- and storage-efficient data mining technique to improve the confidence and support for one or more hypotheses presented to a security analyst. The approach herein enables the security analyst to more readily validate a hypothesis and thereby corroborate threat assertions to identify the true causes of a security offense or alert. The data mining technique is entirely automated but involves an efficient search strategy that significantly reduces the number of data queries to be made against a data store of historical data. To this end, the algorithm makes use of maliciousness information attached to each hypothesis, and it uses a confidence schema to sequentially test indicators of a given hypothesis to generate a rank-ordered (by confidence) list of hypotheses to be presented for analysis and response by the security analyst.
展开▼