Augmented threat detection using an attack matrix and data lake queries

Augmented threat detection using an attack matrix and data lake queries

A threat management system stores an attack matrix characterizing tactics and techniques, and provides threat detection based on patterns of traversal of the attack matrix. Where the threat management system provides a data lake of security events and a query interface for using the data lake to inv...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Talreja, Prakash Kumar, Thomas, Andrew J, Rayment, Timothy, Vankadaru, Mangal Rakesh
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page
container_title
container_volume
creator Talreja, Prakash Kumar
Thomas, Andrew J
Rayment, Timothy
Vankadaru, Mangal Rakesh
description A threat management system stores an attack matrix characterizing tactics and techniques, and provides threat detection based on patterns of traversal of the attack matrix. Where the threat management system provides a data lake of security events and a query interface for using the data lake to investigate security issues, useful inferences may also be drawn by comparing query activity in the query interface with the patterns of traversal of the attack matrix, such as by using a malicious pattern of traversal to identify a concurrent chain of queries indicative of a threat, or by presenting separate threat scores to an analyst based on query activity and patterns of traversal.
format Patent
fullrecord <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US12101334B2</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US12101334B2</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US12101334B23</originalsourceid><addsrcrecordid>eNqNyk0KwjAQhuFsXIh6h_EAgmm8gIo_e3VdhuSzDW2nNZmAx9eFB3D1wsM7N5d9aQaIIpC2CawUoPAaR6GSozTEQqzKvqOBNcX3FwIFVqaeO9CrIEXkpZk9uc9Y_bow6_PpfrxuMI018sQeAq0fN1vZrXVud6jcP88HWoczyw</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Augmented threat detection using an attack matrix and data lake queries</title><source>esp@cenet</source><creator>Talreja, Prakash Kumar ; Thomas, Andrew J ; Rayment, Timothy ; Vankadaru, Mangal Rakesh</creator><creatorcontrib>Talreja, Prakash Kumar ; Thomas, Andrew J ; Rayment, Timothy ; Vankadaru, Mangal Rakesh</creatorcontrib><description>A threat management system stores an attack matrix characterizing tactics and techniques, and provides threat detection based on patterns of traversal of the attack matrix. Where the threat management system provides a data lake of security events and a query interface for using the data lake to investigate security issues, useful inferences may also be drawn by comparing query activity in the query interface with the patterns of traversal of the attack matrix, such as by using a malicious pattern of traversal to identify a concurrent chain of queries indicative of a threat, or by presenting separate threat scores to an analyst based on query activity and patterns of traversal.</description><language>eng</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRIC DIGITAL DATA PROCESSING ; ELECTRICITY ; PHYSICS ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2024</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20240924&amp;DB=EPODOC&amp;CC=US&amp;NR=12101334B2$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,780,885,25563,76418</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20240924&amp;DB=EPODOC&amp;CC=US&amp;NR=12101334B2$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>Talreja, Prakash Kumar</creatorcontrib><creatorcontrib>Thomas, Andrew J</creatorcontrib><creatorcontrib>Rayment, Timothy</creatorcontrib><creatorcontrib>Vankadaru, Mangal Rakesh</creatorcontrib><title>Augmented threat detection using an attack matrix and data lake queries</title><description>A threat management system stores an attack matrix characterizing tactics and techniques, and provides threat detection based on patterns of traversal of the attack matrix. Where the threat management system provides a data lake of security events and a query interface for using the data lake to investigate security issues, useful inferences may also be drawn by comparing query activity in the query interface with the patterns of traversal of the attack matrix, such as by using a malicious pattern of traversal to identify a concurrent chain of queries indicative of a threat, or by presenting separate threat scores to an analyst based on query activity and patterns of traversal.</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>ELECTRICITY</subject><subject>PHYSICS</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2024</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNqNyk0KwjAQhuFsXIh6h_EAgmm8gIo_e3VdhuSzDW2nNZmAx9eFB3D1wsM7N5d9aQaIIpC2CawUoPAaR6GSozTEQqzKvqOBNcX3FwIFVqaeO9CrIEXkpZk9uc9Y_bow6_PpfrxuMI018sQeAq0fN1vZrXVud6jcP88HWoczyw</recordid><startdate>20240924</startdate><enddate>20240924</enddate><creator>Talreja, Prakash Kumar</creator><creator>Thomas, Andrew J</creator><creator>Rayment, Timothy</creator><creator>Vankadaru, Mangal Rakesh</creator><scope>EVB</scope></search><sort><creationdate>20240924</creationdate><title>Augmented threat detection using an attack matrix and data lake queries</title><author>Talreja, Prakash Kumar ; Thomas, Andrew J ; Rayment, Timothy ; Vankadaru, Mangal Rakesh</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US12101334B23</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2024</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>ELECTRICITY</topic><topic>PHYSICS</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>Talreja, Prakash Kumar</creatorcontrib><creatorcontrib>Thomas, Andrew J</creatorcontrib><creatorcontrib>Rayment, Timothy</creatorcontrib><creatorcontrib>Vankadaru, Mangal Rakesh</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Talreja, Prakash Kumar</au><au>Thomas, Andrew J</au><au>Rayment, Timothy</au><au>Vankadaru, Mangal Rakesh</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Augmented threat detection using an attack matrix and data lake queries</title><date>2024-09-24</date><risdate>2024</risdate><abstract>A threat management system stores an attack matrix characterizing tactics and techniques, and provides threat detection based on patterns of traversal of the attack matrix. Where the threat management system provides a data lake of security events and a query interface for using the data lake to investigate security issues, useful inferences may also be drawn by comparing query activity in the query interface with the patterns of traversal of the attack matrix, such as by using a malicious pattern of traversal to identify a concurrent chain of queries indicative of a threat, or by presenting separate threat scores to an analyst based on query activity and patterns of traversal.</abstract><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier
ispartof
issn
language eng
recordid cdi_epo_espacenet_US12101334B2
source esp@cenet
subjects CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
title Augmented threat detection using an attack matrix and data lake queries
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-08T21%3A52%3A12IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=Talreja,%20Prakash%20Kumar&rft.date=2024-09-24&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS12101334B2%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true