Cyber Threat Attenuation Using Multi-source Threat Data Analysis

Cyber Threat Attenuation Using Multi-source Threat Data Analysis

A cyber threat attenuation system. The system comprises a cyber threat data store, a plurality of sensor control points (SCPs), wherein at least one SCP is located in each local area network (LAN) segment of an enterprise network, and an analytics correlation system (ACS). Each SCP comprises a plura...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Weinberger, Michael, Millis, Scott E, Jones, Devin, Bay, J. Kirsten
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A cyber threat attenuation system. The system comprises a cyber threat data store, a plurality of sensor control points (SCPs), wherein at least one SCP is located in each local area network (LAN) segment of an enterprise network, and an analytics correlation system (ACS). Each SCP comprises a plurality of sensor applications that analyze data packets transported by the LAN segment in which the SCP is located and transmits a notification identifying the transmitting sensor, an identity of the source of the data packet, an identity of the destination of the data packet, and a notification reason to the data store. The ACS comprises an application that determines unusual data packet traffic in the enterprise network and transmits a notification comprising information about the unusual data packet traffic and an identity of a host computer associated with the unusual data packet traffic to the data store.