白丝美女被狂躁免费视频网站,500av导航大全精品,yw.193.cnc爆乳尤物未满,97se亚洲综合色区,аⅴ天堂中文在线网官网

Using neural networks to process forensics and generate threat intelligence information

專利號(hào)
US11888895B2
公開日期
2024-01-30
申請(qǐng)人
Proofpoint, Inc.(US CA Sunnyvale)
發(fā)明人
Zachary Mitchell Abzug; Kevin Patrick Blissett; Brian Sanford Jones
IPC分類
G06F7/04; H04L9/40; G06N3/08; G06N3/045
技術(shù)領(lǐng)域
campaign,platform,neural,or,may,forensics,threat,compromise,networks,threats
地域: CA CA Sunnyvale

摘要

Aspects of the disclosure relate to generating threat intelligence information. A computing platform may receive forensics information corresponding to message attachments. For each message attachment, the computing platform may generate a feature representation. The computing platform may input the feature representations into a neural network, which may result in a numeric representation for each message attachments. The computing platform may apply a clustering algorithm to cluster each message attachments based on the numeric representations, which may result in clustering information. The computing platform may extract, from the clustering information, one or more indicators of compromise indicating that one or more attachments corresponds to a threat campaign. The computing platform may send, to an enterprise user device, user interface information comprising the one or more indicators of compromise, which may cause the enterprise user device to display a user interface identifying the one or more indicators of compromise.

說(shuō)明書

At step 208, the data source system 120 may send new information to the campaign identification platform 110. In some instances, in sending the new information at step 208, the data source system 120 may send information similar to the information sent at step 201 (e.g., forensics and/or other information).

At step 209, the campaign identification platform 110 may receive the new information sent at step 208. For example, the campaign identification platform 110 may receive forensics data that may be input into the neural network trained at step 207.

At step 210, the electronic messaging server 130 may send new metadata to the campaign identification platform 110. For example, the electronic messaging server 130 may send new message metadata, similar to the message metadata sent at step 203, which may be input into the one or more neural networks trained at step 207.

At step 211, the campaign identification platform 110 may receive the new metadata sent at step 210. For example, the campaign identification platform 110 may receive new message metadata that may be input into the one or more neural networks.

權(quán)利要求

1
微信群二維碼
意見反饋