Network protection system using linkographs

Patent Number: 10,027,698
Issued: 7/17/2018
Official Filing: View the Complete Patent
Abstract: A method and apparatus for managing an attack on a computer system. A computer identifies actions taken by an adversary in the computer system and links connecting the actions over time using an ontology defining linking rules for linking the actions over time. The computer creates a graph of the actions with the links connecting the actions over time. The graph shows a number of patterns of behavior for the adversary. The computer then identifies a protective action to take with respect to the computer system using the graph of the actions taken by the adversary.
Filed: 12/18/2015
Application Number: 14/975,502
Government Interests: STATEMENT OF GOVERNMENT INTEREST This invention was made with Government support under Contract No. DE-NA0003525 awarded by the United States Department of Energy/National Nuclear Security Administration. The Government has certain rights in the invention.