公开(公告)号：US20250150475A1

公开(公告)日：2025-05-08

申请号：US18671248

申请日：2024-05-22

Applicant: AGENCY FOR DEFENSE DEVELOPMENT

Inventor： JaeHong AHN ,  Chanil PARK ,  Minsang LEE ,  Taehyung KIM ,  Hyun YU

IPC: H04L9/40

Abstract: Proposed is a method for tracking a cyber-attack to be performed by a cyber-attack tracking device including a memory and a processor. The method may include determining a plurality of behavior events performed by network devices in one or more domains, and mapping the plurality of the behavior events onto metadata of preset standards. The method may also include generating relationship data indicating a relationship between behavior events mapped onto metadata designated as a preset group based on the metadata mapped onto the behavior events. The method may further include counting a number of behavior events related to a preset suspected behavior among behavior events having a relationship data same as a relationship data of a first behavior event to calculate score for the relationship data including the first behavior event.