International business machines corporation (20240129331). Threat Disposition Analysis and Modeling Using Supervised Machine Learning simplified abstract
Contents
- 1 Threat Disposition Analysis and Modeling Using Supervised Machine Learning
- 1.1 Organization Name
- 1.2 Inventor(s)
- 1.3 Threat Disposition Analysis and Modeling Using Supervised Machine Learning - A simplified explanation of the abstract
- 1.4 Simplified Explanation
- 1.5 Potential Applications
- 1.6 Problems Solved
- 1.7 Benefits
- 1.8 Potential Commercial Applications
- 1.9 Possible Prior Art
- 1.9.1 Unanswered Questions
- 1.9.2 How does the continuous updating of the machine learning model impact the accuracy of the threat disposition scores over time?
- 1.9.3 What measures are in place to ensure the security and integrity of the historical security threat data used to generate the threat disposition scores?
- 1.10 Original Abstract Submitted
Threat Disposition Analysis and Modeling Using Supervised Machine Learning
Organization Name
international business machines corporation
Inventor(s)
Gary I. Givental of BLOOMFIELD HILLS MI (US)
Aankur Bhatia of BETHPAGE NY (US)
PAUL J. Dwyer of Pewaukee WI (US)
Threat Disposition Analysis and Modeling Using Supervised Machine Learning - A simplified explanation of the abstract
This abstract first appeared for US patent application 20240129331 titled 'Threat Disposition Analysis and Modeling Using Supervised Machine Learning
Simplified Explanation
An enhanced threat disposition analysis technique is provided in response to security threats identified in alerts. The technique involves retrieving a threat disposition score (TDS) generated from a machine learning scoring model built from historical security threat information. The TDS is based on the effectiveness of prior TDS calculations in predicting historical dispositions. The system augments alerts with the TDS, potentially with a confidence level, to create enriched alerts for security analysts to handle directly. The machine learning model is continuously updated to improve the predictive benefit of the TDS scoring.
- Machine learning scoring model used to generate threat disposition score (TDS)
- TDS based on historical security threat information and effectiveness in predicting dispositions
- Alerts augmented with TDS and confidence level to create enriched alerts
- Continuous updating of machine learning model to enhance predictive benefit of TDS scoring
Potential Applications
The technology can be applied in various industries such as cybersecurity, threat analysis, and risk management.
Problems Solved
This technology helps in efficiently analyzing security threats, predicting dispositions, and providing security analysts with enriched alerts for better decision-making.
Benefits
The benefits of this technology include improved threat analysis, enhanced predictive capabilities, and streamlined security threat handling processes.
Potential Commercial Applications
Potential commercial applications of this technology include security software development, threat intelligence services, and cybersecurity consulting.
Possible Prior Art
One possible prior art could be the use of machine learning models in threat analysis and prediction, but the specific technique of generating threat disposition scores based on historical data may be novel.
Unanswered Questions
How does the continuous updating of the machine learning model impact the accuracy of the threat disposition scores over time?
The continuous updating of the machine learning model ensures that it adapts to new security threats and trends, potentially improving the accuracy of threat disposition scores over time.
What measures are in place to ensure the security and integrity of the historical security threat data used to generate the threat disposition scores?
Security measures such as encryption, access controls, and data anonymization may be implemented to safeguard the historical security threat data and maintain its integrity for generating threat disposition scores.
Original Abstract Submitted
an enhanced threat disposition analysis technique is provided. in response to receipt of a security threat identified in an alert, a threat disposition score (tds) is retrieved. the tds is generated from a machine learning scoring model that is built from information about historical security threats, including historical disposition of one or more alerts associated with the historical security threats. the tds is based in part on an effectiveness of a prior calculated tds to predict a particular historical disposition associated with the alert. the system augments an alert to include the threat disposition score, optionally together with a confidence level, to generate an enriched alert. the enriched alert is then presented to the security analyst for handling directly. preferably, the machine learning model is updated continuously as the system handles security threats, thereby increasing the predictive benefit of the tds scoring.