FRAMEWORK FOR AUTOMATED DATA-DRIVEN DETECTION ENGINEERING

Organization Name

google llc

Inventor(s)

Moses Daniel Schwartz of Clayton CA (US)

Kira Ann Quan of Longmont CO (US)

Joshua Atkins of South Lake Tahoe CA (US)

Ricardo Correa of Austin TX (US)

Nathaniel Benjamin Shar of Longmont CO (US)

Sara Ann Zukowski of Longmont CO (US)

Thomas Charles Henry Lyttelton of San Francisco CA (US)

Barbara Davilla of Austin TX (US)

Vidya Gopalakrishnan of Santa Clara CA (US)

Prerit Pathak of Mountain View CA (US)

Benjamin Henry Walter of Austin TX (US)

FRAMEWORK FOR AUTOMATED DATA-DRIVEN DETECTION ENGINEERING - A simplified explanation of the abstract

This abstract first appeared for US patent application 20240348649 titled 'FRAMEWORK FOR AUTOMATED DATA-DRIVEN DETECTION ENGINEERING

The abstract of the patent application describes a security platform that receives data sets related to prior intrusive activities on computing resources, as well as rule generation policies for detecting intrusive activities. These policies are applied to the data sets to generate detection rules, which are then used to identify subsequent intrusive activities.

• Simplified Explanation:

- A security platform processes data on past intrusive activities and generates rules to detect future intrusions.

• Key Features and Innovation:

- Utilizes prior data to create rules for detecting intrusive activities. - Enhances security measures by proactively identifying potential threats.

• Potential Applications:

- Cybersecurity systems for businesses and organizations. - Network security monitoring tools for IT professionals.

• Problems Solved:

- Improves threat detection capabilities. - Helps prevent unauthorized access to computing resources.

• Benefits:

- Enhances overall security posture. - Reduces the risk of data breaches and cyber attacks.

• Commercial Applications:

- "Intrusive Activity Detection System for Enhanced Cybersecurity Measures"

• Questions about Intrusive Activity Detection System:

1. How does the system differentiate between different types of intrusive activities? - The system uses rule generation policies tailored to specific types of intrusions to distinguish between different activities.

2. Can the system adapt to new forms of intrusive activities over time? - Yes, the system can be updated with new rule generation policies to address emerging threats in real-time.

Original Abstract Submitted

a plurality of data sets characterizing prior intrusive activities with respect to computing resources associated with one or more entities are received at a security platform. one or more rule generation policies each pertaining to at least one type of intrusive activity are received at a security platform. the one or more rule generation policies are applied to the plurality of data sets characterizing the prior intrusive activities to generate a plurality of intrusive activity detection rules. the plurality of intrusive activity detection rules are caused to be used to detect subsequent intrusive activities.