首页> 外国专利> USING NEURAL NETWORKS TO PROCESS FORENSICS AND GENERATE THREAT INTELLIGENCE INFORMATION

USING NEURAL NETWORKS TO PROCESS FORENSICS AND GENERATE THREAT INTELLIGENCE INFORMATION

机译:使用神经网络处理取证并生成威胁情报信息

摘要

Aspects of the disclosure relate to generating threat intelligence information. A computing platform may receive forensics information corresponding to message attachments. For each message attachment, the computing platform may generate a feature representation. The computing platform may input the feature representations into a neural network, which may result in a numeric representation for each message attachments. The computing platform may apply a clustering algorithm to cluster each message attachments based on the numeric representations, which may result in clustering information. The computing platform may extract, from the clustering information, one or more indicators of compromise indicating that one or more attachments corresponds to a threat campaign. The computing platform may send, to an enterprise user device, user interface information comprising the one or more indicators of compromise, which may cause the enterprise user device to display a user interface identifying the one or more indicators of compromise.
机译:披露内容涉及生成威胁情报信息。计算平台可以接收与消息附件相对应的取证信息。对于每个消息附件,计算平台可以生成特征表示。计算平台可以将特征表示输入到神经网络中,这可能导致每个消息附件的数字表示。计算平台可以应用聚类算法来基于数字表示对每个消息附件进行聚类,这可能导致聚类信息。计算平台可以从集群信息中提取指示一个或多个附件对应于威胁活动的一个或多个危害指标。计算平台可以向企业用户设备发送包括一个或多个危害指标的用户界面信息,这可能导致企业用户设备显示识别一个或多个危害指标的用户界面。

著录项

相似文献

  • 专利
  • 外文文献
  • 中文文献
获取专利

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号