公开(公告)号：GB2598493A

公开(公告)日：2022-03-02

申请号：GB202114777

申请日：2020-03-23

Applicant: IBM

Inventor： PREETI RAVINDRA ,  YOUNGJA PARK ,  DHILUNG KIRAT ,  JIYONG JANG ,  MARK PHILIPPE STOECKLIN

IPC: H04L9/40 ,  G06F16/245 ,  G06F16/25 ,  G06F16/335 ,  G06F40/279 ,  G06F40/30

Abstract: A cognitive security analytics platform is enhanced by providing a technique for automatically inferring temporal relationship data for cybersecurity events. In operation, a description of a security event is received, typically as unstructured security content or data. Information such as temporal data or cues, are extracted from the description, along with security entity and relationship data. Extracted temporal information is processing according to a set of temporal markers (heuristics) to determine a time value marker (i.e., an established time) of the security event. This processing typically involves retrieval of information from one or more structured data sources. The established time is linked to the security entities and relationships. The resulting security event, as augmented with the identified temporal data, is then subjected to a management operation.

公开(公告)号：GB2598493B

公开(公告)日：2022-07-20

申请号：GB202114777

申请日：2020-03-23

Applicant: IBM

Inventor： PREETI RAVINDRA ,  YOUNGJA PARK ,  DHILUNG KIRAT ,  JIYONG JANG ,  MARK PHILIPPE STOECKLIN

IPC: H04L9/40 ,  G06F16/245 ,  G06F16/25 ,  G06F16/335 ,  G06F40/279 ,  G06F40/30

Abstract: A cognitive security analytics platform is enhanced by providing a technique for automatically inferring temporal relationship data for cybersecurity events. In operation, a description of a security event is received, typically as unstructured security content or data. Information such as temporal data or cues, are extracted from the description, along with security entity and relationship data. Extracted temporal information is processing according to a set of temporal markers (heuristics) to determine a time value marker (i.e., an established time) of the security event. This processing typically involves retrieval of information from one or more structured data sources. The established time is linked to the security entities and relationships. The resulting security event, as augmented with the identified temporal data, is then subjected to a management operation.

公开(公告)号：GB2574555A

公开(公告)日：2019-12-11

申请号：GB201913722

申请日：2017-12-13

Applicant: IBM

Inventor： SIDDHARTH AJEET PATWARDHAN ,  YOUNGJA PARK

IPC: G06N20/00

Abstract: In configuring a processing system with an application made up of machine learning components, where the application has been trained on a set of training data, the application is executed on the processing system using another set of training data. Outputs of the application produced from the other set of training data identified that concur with ground truth data are identified. The components are adapted to produce outputs of the application that concur with the ground truth data using the identified outputs of the application.