Google llc (20240348629). System and Method for Automatically Associating Cybersecutiry Intelligence to Cyberthreat Actors simplified abstract

From WikiPatents
Revision as of 02:30, 18 October 2024 by Wikipatents (talk | contribs) (Creating a new page)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

System and Method for Automatically Associating Cybersecutiry Intelligence to Cyberthreat Actors

Organization Name

google llc

Inventor(s)

Matthew Berninger of Denver CO (US)

Barry Vengerik of Montclair NJ (US)

System and Method for Automatically Associating Cybersecutiry Intelligence to Cyberthreat Actors - A simplified explanation of the abstract

This abstract first appeared for US patent application 20240348629 titled 'System and Method for Automatically Associating Cybersecutiry Intelligence to Cyberthreat Actors

The abstract describes a computerized method for associating cyberthreat actor groups responsible for different cyberthreats by generating a similarity matrix based on received clusters of cybersecurity information.

  • The method combines separate similarity metrics to create the similarity matrix, representing correlations between clusters of cybersecurity information.
  • Queries directed to the similarity matrix result in a listing of clusters with a higher likelihood of being associated with cyberthreats caused by the same cyberthreat actor group.

Potential Applications: - Enhancing cybersecurity threat intelligence analysis - Improving attribution of cyberthreats to specific actor groups - Streamlining incident response and mitigation efforts

Problems Solved: - Difficulty in identifying and attributing cyberthreats to specific actor groups - Inefficient analysis of large volumes of cybersecurity information - Lack of automated tools for correlating cyberthreat actor groups

Benefits: - Enhanced accuracy in identifying cyberthreat actor groups - Faster response to cyberthreat incidents - Improved cybersecurity posture and threat intelligence capabilities

Commercial Applications: Title: "Cybersecurity Threat Attribution and Analysis Tool" This technology can be utilized by cybersecurity companies, government agencies, and organizations to enhance their threat intelligence capabilities, streamline incident response, and improve overall cybersecurity defenses.

Prior Art: Researchers can explore existing patents related to cybersecurity threat attribution, cluster analysis, and similarity matrix generation to understand the existing landscape of similar technologies.

Frequently Updated Research: Stay updated on advancements in cybersecurity threat attribution, cluster analysis, and threat intelligence correlation to leverage the latest research and technologies in this field.

Questions about Cyberthreat Actor Group Attribution: 1. How does this method improve the accuracy of attributing cyberthreats to specific actor groups? 2. What are the key challenges in correlating clusters of cybersecurity information to identify cyberthreat actor groups accurately?


Original Abstract Submitted

a computerized method for associating cyberthreat actor groups responsible for different cyberthreats is described. the method involves generating a similarity matrix based on content from received clusters of cybersecurity information. each received cluster of cybersecurity information is assumed to be associated with a cyberthreat. the similarity matrix is composed via an optimized equation combining separate similarity metrics, where each similarity metric of the plurality of similarity metrics represents a level of correlation between at least two clusters of cybersecurity information, with respect to a particular aspect of operations described in the clusters. the method further involves that, in response to queries directed to the similarity matrix, generating a listing of a subset of the clusters of cybersecurity information having a greater likelihood of being associated with cyberthreats caused by the same cyberthreat actor group.