System and method for monitoring security attack chains

System and method for monitoring security attack chains

A cybersecurity platform is described that processes collected data using a data model to identify and link anomalies and in order to identify generate security events and intrusions. The platform generates graph data structures using the security anomalies extended using additional data. The graph...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Gamble, Jamie, Rahmani, Sahar, Tiwari, Amitkumar
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A cybersecurity platform is described that processes collected data using a data model to identify and link anomalies and in order to identify generate security events and intrusions. The platform generates graph data structures using the security anomalies extended using additional data. The graph data structures represent links between nodes, the links being events, the nodes being machines and user accounts. The platform processes the graph data structures by combining similar nodes or grouping security events with common features to behaviour indicative of a single or multiple security events to identify chains of events which together represent an attack.