Multi-tenant threat intelligence service
US-10887333-B1 · Jan 5, 2021 · US
Methods and systems for generating recommendations based on threat model knowledge graphs comprising crowdsourced modeling contributions
US12184684B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12184684-B2 |
| Application number | US-202117542185-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 3, 2021 |
| Priority date | Dec 3, 2021 |
| Publication date | Dec 31, 2024 |
| Grant date | Dec 31, 2024 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
The methods and systems relate to improvements to threat modeling systems through the use of crowdsourcing. Specifically, the methods and systems relate to generating recommendations based on crowdsourced threat modeling contributions. For example, the methods and systems automate the threat modeling process by leveraging data in order to drive consistent and measurable quality of threat models and enable threat models to provide aggregated views of risk concentration at any altitude.
First claim
Opening claim text (preview).
What is claimed is: 1. A system for generating recommendations based on threat model knowledge graphs comprising crowdsourced modeling contributions, the system comprising: cloud-based storage circuitry configured to store a threat model knowledge graph, wherein the threat model knowledge graph is a graph-structured data model for integrating threat model contributions; control circuitry configured to: receive a first threat model contribution from a first user, wherein the first threat model contribution has a first contribution characteristic, and wherein the first threat model contribution comprises first content for publishing in a first threat modeling system; determine, based on the first contribution characteristic, a first location in the threat model knowledge graph for the first threat model contribution; receive a second threat model contribution from a second user, wherein the second threat model contribution has a second contribution characteristic, and wherein the second threat model contribution comprises second content for publishing in the first threat modeling system; determine, based on the second contribution characteristic, a second location in the threat model knowledge graph for the second threat model contribution; add the first threat model contribution and the second threat model contribution to the threat model knowledge graph at the first location and the second location, respectively; in response to adding the first threat model contribution and the second threat model contribution to the threat model knowledge graph, update a threat modeling system based on the threat model knowledge graph; receive a user request for a recommendation based on the threat modeling system, wherein the recommendation compares the first threat modeling system to a second threat modeling system; and input/output circuitry configured to: generate for display, in a user interface, the recommendation. 2. A method of generating recommendations based on threat model knowledge graphs comprising crowdsourced modeling contributions, the method comprising: receiving a first threat model contribution from a first user, wherein the first threat model contribution has a first contribution characteristic; determining, based on the first contribution characteristic, a first location in a threat model knowledge graph for the first threat model contribution; receiving a second threat model contribution from a second user, wherein the second threat model contribution has a second contribution characteristic; determining, based on the second contribution characteristic, a second location in the threat model knowledge graph for the second threat model contribution; adding the first threat model contribution and the second threat model contribution to the threat model knowledge graph at the first location and the second location, respectively; in response to adding the first threat model contribution and the second threat model contribution to the threat model knowledge graph, updating a first threat modeling system based on the threat model knowledge graph; and generating for display, in a user interface, a recommendation based on the first threat modeling system, wherein the recommendation compares the first threat modeling system to a second threat modeling system. 3. The method of claim 2 , wherein the first contribution characteristic indicates a first software architecture upon which the first threat model contribution is based, and wherein the second contribution characteristic indicates a second software architecture upon which the second threat model contribution is based. 4. The method of claim 2 , wherein the first contribution characteristic indicates a first mitigation technique upon which the first threat model contribution is based, and wherein the second contribution characteristic indicates a second mitigation technique upon which the second threat model contribution is based. 5. The method of claim 2 , wherein the first contribution characteristic indicates a first data flow upon which the first threat model contribution is based, and wherein the second contribution characteristic indicates a second data flow upon which the second threat model contribution is based. 6. The method of claim 2 , wherein determining, based on the first contribution characteristic, the first location, further comprises: retrieving a first contribution characteristic keyword for the first contribution characteristic; retrieving a second contribution characteristic keyword for available locations in the threat model knowledge graph; determining a first similarity between the first contribution characteristic keyword and the second contribution characteristic keyword; comparing the first similarity to a threshold similarity; and determining that the first contribution characteristic keyword and the second contribution characteristic keyword correspond based on the first similarity equaling or exceeding the threshold similarity. 7. The method of claim 2 , further comprising: determining a third location in the threat model knowledge graph that is unpopulated; retrieving a third contribution characteristic for the third location; identifying a third user corresponding to the third contribution characteristic; and transmitting a request to the third user for a third threat model contribution for adding to the threat model knowledge graph at the third location. 8. The method of claim 2 , further comprising: receiving a third threat model contribution, wherein the third threat model contribution has a third contribution characteristic; inputting the third threat model contribution into a machine learning model, wherein the machine learning model is trained to selection locations for adding threat model contributions to the threat model knowledge graph; and receiving an output of the machine learning model indicating a third location for adding the third threat model contribution to the threat model knowledge graph. 9. The method of claim 2 , wherein updating the first threat modeling system comprises: receiving a first user characteristic for the first user; comparing the first user characteristic to user characteristics required for updating the first threat modeling system; and validating the first threat model contribution at the first location based on the first user characteristic corresponding to user characteristics required for updating the first threat modeling system. 10. The method of claim 2 , wherein updating the first threat modeling system comprises: generating for display, in the user interface, a request to add the first threat model contribution to the threat model knowledge graph; receiving a number of user confirmations for adding the first threat model contribution to the threat model knowledge graph; comparing the number of user confirmations to a threshold number; and validating the first threat model contribution based on the number of user confirmations corresponding to the threshold number. 11. The method of claim 2 , wherein the first threat model contribution comprises first content for publishing in the first threat modeling system, and wherein the second threat model contribution comprises second content for publishing in the first threat modeling system. 12. A non-transitory, computer-readable medium for generating recommendations based on threat model knowledge graphs comprising crowdsourced modeling contributions, comprising instructions that, when executed by one or more processors, cause operations comprising: receiving a first threat model contribution from a first user, wherein the first threat model contribution ha
Assignees
Inventors
Classifications
Network analysis or design · CPC title
- H04L63/1441Primary
Countermeasures against malicious traffic (countermeasures against attacks on cryptographic mechanisms H04L9/002) · CPC title
using machine learning or artificial intelligence · CPC title
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
Assessing vulnerabilities and evaluating computer system security · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12184684B2 cover?
- The methods and systems relate to improvements to threat modeling systems through the use of crowdsourcing. Specifically, the methods and systems relate to generating recommendations based on crowdsourced threat modeling contributions. For example, the methods and systems automate the threat modeling process by leveraging data in order to drive consistent and measurable quality of threat models…
- Who is the assignee on this patent?
- Capital One Services Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/1441. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Dec 31 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).