Electronic crime detection and tracking
US-9904955-B2 · Feb 27, 2018 · US
System and method of mitigating cyber attack risks
US10063583B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10063583-B2 |
| Application number | US-201715688453-A |
| Country | US |
| Kind code | B2 |
| Filing date | Aug 28, 2017 |
| Priority date | Apr 3, 2014 |
| Publication date | Aug 28, 2018 |
| Grant date | Aug 28, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A security system comprising a computer, a memory, a data store comprising a cyber threat intent dictionary and a technology dictionary; and an application stored in the memory. When executed by the computer, the application generates a report that comprises an identification of a cyber threat intent and the identification of a cyber threat technology, wherein the cyber threat intent is selected from a plurality of cyber threat intents listed in the cyber threat intent dictionary and wherein the cyber threat technology is selected from the technology dictionary. The application also populates values in a cyber threat progression vector, where the cyber threat progression vector comprises elements that each corresponds to an action in a chain of actions associated with a cybercrime, where the values correspond to one of present or not present. The vector is used to manage the cyber risk of an enterprise or organization.
First claim
Opening claim text (preview).
What is claimed is: 1. A security system, comprising: a computer system; a memory accessible to the computer system; an application stored in the memory that, when executed by the computer system: populates, in the memory for each of a plurality of different cyber threats, a cyber threat progression vector comprising a plurality of predefined elements that each correspond to a step of a plurality of separate steps that are taken in carrying out a corresponding cyber threat of the plurality of different cyber threats, determines, based on the cyber threat progression vector for each of the plurality of different cyber threats, a plurality of electronic or procedural controls or countermeasures to mitigate cyber risks, and effects at least a first electronic or procedural control or countermeasure of the determined plurality of electronic or procedural controls or countermeasures for a first cyber threat of the plurality of different cyber threats and at least a second electronic or procedural control or countermeasure of the determined plurality of electronic or procedural controls or countermeasures for a second cyber threat of the plurality of different cyber threats to interdict the first and second cyber threats at different steps corresponding to different predefined elements of the plurality of predefined elements on the cyber threat progression vectors for the first and second cyber threats; and a computer system interface to provide the cyber threat progression vectors, and the plurality of electronic or procedural controls or countermeasures to mitigate cyber risks. 2. The system of claim 1 , wherein the cyber threat progression vector is populated based on a threat report. 3. The system of claim 1 , wherein the cyber threat progression vector is populated based on analysis of threat intelligence. 4. The system of claim 1 , wherein each cyber threat progression vector for each of the plurality of different cyber threats has the same predefined elements. 5. The system of claim 4 , wherein each of the plurality of predefined elements has a value corresponding to one of present or not present. 6. The system of claim 5 , wherein the cyber threat progression vectors for the first and second cyber threats comprise a different value in at least one of the plurality of pre-defined elements. 7. The system of claim 1 , wherein the first and second cyber threats are interdicted at the different steps based on a value of different predefined elements of the plurality of predefined elements corresponding to present. 8. The system of claim 1 , wherein at least one of the plurality of different cyber threats comprises a cyber attack. 9. The system of claim 1 , wherein at least one of the effected first electronic or procedural control or countermeasure and the effected second electronic or procedural control or countermeasure is implemented electronically using a computer system. 10. The system of claim 1 , wherein at least one of the effected first electronic or procedural control or countermeasure and the effected second electronic or procedural control or countermeasure is implemented manually using human actions. 11. The system of claim 1 , wherein the first electronic or procedural control or countermeasure and the second electronic or procedural control or countermeasure are different. 12. A method of mitigating cyber attack risk, comprising: receiving, by a computer system, and analyzing cyber threat intelligence; populating, in memory for each of a plurality of different cyber threats, a cyber threat progression vector comprising a plurality of predefined elements that each correspond to a step of a plurality of separate steps that are taken in carrying out a corresponding cyber threat of the plurality of different cyber threats; determining, based on the cyber threat progression vector for each of the plurality of different cyber threats, a plurality of electronic or procedural controls or countermeasures to mitigate cyber risks; and effecting at least a first electronic or procedural control or countermeasure of the determined plurality of electronic or procedural controls or countermeasures for a first cyber threat of the plurality of different cyber threats and at least a second electronic or procedural control or countermeasure of the determined plurality of electronic or procedural controls or countermeasures for a second cyber threat of the plurality of different cyber threats to interdict the first and second cyber threats at different steps corresponding to different predefined elements of the plurality of predefined elements on the cyber threat progression vectors for the first and second cyber threats. 13. The method of claim 12 , wherein the cyber threat progression vector is populated based on a threat report. 14. The method of claim 12 , wherein the cyber threat progression vector is populated based on the analysis of the cyber threat intelligence. 15. The method of claim 12 , wherein each cyber threat progression vector for each of the plurality of different cyber threats has the same predefined elements. 16. The method of claim 15 , wherein the cyber threat progression vectors for the first and second cyber threats comprise a different value in at least one of the plurality of pre-defined elements. 17. The method of claim 12 , wherein the first and second cyber threats are interdicted at the different steps based on a value of different elements of the plurality of predefined elements. 18. The method of claim 12 , wherein at least one of the plurality of different cyber threats comprises a cyber attack. 19. The method of claim 12 , wherein at least one of the effected first electronic or procedural control or countermeasure and the effected second electronic or procedural control or countermeasure is implemented electronically using a computer system. 20. The method of claim 12 , wherein at least one of the effected first electronic or procedural control or countermeasure and the effected second electronic or procedural control or countermeasure is implemented manually using human actions.
Assignees
Inventors
Classifications
- H04L63/1433Primary
Vulnerability analysis · CPC title
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
Countermeasures against malicious traffic (countermeasures against attacks on cryptographic mechanisms H04L9/002) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10063583B2 cover?
- A security system comprising a computer, a memory, a data store comprising a cyber threat intent dictionary and a technology dictionary; and an application stored in the memory. When executed by the computer, the application generates a report that comprises an identification of a cyber threat intent and the identification of a cyber threat technology, wherein the cyber threat intent is selecte…
- Who is the assignee on this patent?
- Fireeye Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/1433. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Aug 28 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).