Enhancing cybersecurity and operational monitoring with alert confidence assignments

A confidence and alarm technology, applied in the direction of probabilistic network, computer security device, biological neural network model, etc., can solve the problem of attacking data integrity and so on

Pending Publication Date: 2021-04-02
MICROSOFT TECH LICENSING LLC
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At other times, the attack targets multiple qualities, for example, a man-in-the-middle attack reduces confidentiality and privacy, but it can also introduce fake or modified data, thereby attacking data integrity

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Enhancing cybersecurity and operational monitoring with alert confidence assignments
  • Enhancing cybersecurity and operational monitoring with alert confidence assignments
  • Enhancing cybersecurity and operational monitoring with alert confidence assignments

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] overview

[0025] An innovation can go beyond its origin, but understanding its origin can help people understand that innovation more fully. In the present context, system monitoring innovations have emerged in the context of inventors seeking ways to improve system security. Computing systems are vulnerable to different types of attacks. To improve system security, organizations often track ongoing events in order to catch potential threats. Because false positives are common, security analysts sometimes investigate suspicious events further. These analysts examine different characteristics of a given event and based on these characteristics determine whether the event is malicious. The analyst's decision is used to trigger an alert to the system customer.

[0026] To track events in progress, intrusion detection systems and other security tools monitor individual machines, computer networks, and other computing systems for events. These tools can generate alerts...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Tools and techniques are described to automate triage of security and operational alerts. Insight instances extracted from raw event data associated with an alert are aggregated, vectorized, and assigned confidence scores through classification based on machine learning. Confidence scoring enables heavily loaded administrators and controls to focus attention and resources where they are most likely to protect or improve the functionality of a monitored system. Feature vectors receive a broad base in the underlying instance values through aggregation, even when the number of instance values isunknown prior to receipt of the event data. Visibility into the confidence scoring process may be provided, to allow tuning or inform further training of a classifier model. Performance metrics are defined, and production level performance may be achieved.

Description

Background technique [0001] Network security attempts to reduce or prevent attacks that compromise desired qualities of data and computing resources, such as confidentiality, availability, integrity, and privacy. Sometimes cyberattacks focus on specific qualities, for example, distributed denial-of-service attacks often focus on eroding or eliminating the availability of data and transactional services. At other times, attacks target multiple qualities, for example, a man-in-the-middle attack reduces confidentiality and privacy, but it can also introduce false or modified data, thereby attacking data integrity. Cyber ​​attacks take many forms, including: social engineering efforts such as phishing, computationally intensive attacks such as brute force attacks on passwords, open attacks such as adware and ransomware, attacks such as rootkits and data exfiltration. Stealthy attacks, attacks focused on specific resources such as computing power (creating bot armies) or storage (...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55H04L29/06G06N20/00
CPCG06F21/552H04L63/14H04L63/1416G06N20/20G06N20/10G06N7/01G06N3/045G06F21/561G06F2221/034G06N3/08
Inventor N·克劳斯R·莱文A·伊斯雷尔O·布里尔Y·利弗尼
Owner MICROSOFT TECH LICENSING LLC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap