FAST FORWARDED SECURITY ISSUE IDENTIFICATION USING DIGITAL TWINS

Organization Name

international business machines corporation

Inventor(s)

Sudheesh S. Kairali of Kozhikode (IN)

Sarbajit K. Rakshit of Kolkata (IN)

Satyam Jakkula of BENGALURU (IN)

Sudhanshu Sekher Sar of Bangalore (IN)

Maureen Kraft of Hudson MA (US)

FAST FORWARDED SECURITY ISSUE IDENTIFICATION USING DIGITAL TWINS - A simplified explanation of the abstract

This abstract first appeared for US patent application 20240114050 titled 'FAST FORWARDED SECURITY ISSUE IDENTIFICATION USING DIGITAL TWINS

Simplified Explanation

The abstract describes a method and system for providing computer system security for a focus computer system (FCS) by creating a security digital twin (SDT) with an associated security ontology, analyzing potential threats, searching for attack patterns, and defending the FCS using an action mitigation plan.

• Creating a security digital twin (SDT) for the focus computer system (FCS) with a security ontology.
• Analyzing potential threats using a potential threat analyzer.
• Searching for predicted attack patterns on another computer system (OCS).
• Defending the FCS from potential threats using an action mitigation plan.

Potential Applications

The technology described in the patent application can be applied in various industries where computer system security is crucial, such as finance, healthcare, and government sectors.

Problems Solved

This technology helps in proactively identifying and mitigating potential threats to computer systems, enhancing overall security measures and reducing the risk of cyber attacks.

Benefits

The benefits of this technology include improved security for computer systems, early detection of potential threats, and efficient mitigation of attacks, ultimately safeguarding sensitive data and information.

Potential Commercial Applications

The technology can be commercially applied in cybersecurity firms, IT security departments of organizations, and software companies developing security solutions.

Possible Prior Art

One possible prior art for this technology could be the use of threat analysis tools and security frameworks in the field of cybersecurity to protect computer systems from potential attacks.

Unanswered Questions

How does the system handle false positives in threat analysis?

The system should have mechanisms in place to minimize false positives and ensure that only legitimate threats are addressed.

What measures are taken to ensure the security and integrity of the data fabric associated with the OCS?

It is essential to have robust security protocols in place to protect the data fabric from unauthorized access or tampering.

Original Abstract Submitted

a method and system provide computer system security for a focus computer system (fcs). the method comprises creating a security digital twin (sdt) for the fcs with an associated security ontology for the fcs. a potential threat analyzer receives a potential threat object (pto), and maps it to an enterprise attack vector pattern. the method further comprises searching, on another computer system (ocs) for a predicted attack pattern having a similar pattern to the enterprise attack vector pattern. conditioned upon finding the predicted attack pattern, and using a potential threat handler locating an action mitigation plan (amp) related to the predicted attack pattern in the data fabric associated with the ocs, the method further comprises copying the ocs predicted attack pattern to an fcs predicted attack pattern store, copying the ocs amp to an fcs amp store, and defending the fcs from the pto using the amp.