Machine learned alert triage classification system

Disclosed herein are systems, methods, and processes for a machine learned alert triaging classification (ATC) system that uses machine learning techniques to generate an alert triage classification model that can be trained and deployed in modern security operation centers to optimize alert triagin...

Full description

Saved in:
Bibliographic Details
Main Author Sánchez, Carlos Manuel Pastor
Format Patent
LanguageEnglish
Published 27.08.2024
Subjects
CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:Disclosed herein are systems, methods, and processes for a machine learned alert triaging classification (ATC) system that uses machine learning techniques to generate an alert triage classification model that can be trained and deployed in modern security operation centers to optimize alert triaging and cyber threat classification. A training dataset of classified records is obtained. Each classified record in the training dataset includes detection characteristics data of a set of machines and threat classification results produced by performing alert triage classification of detection messages associated with the set of machines. An ATC model is trained using the training dataset according to a machine learning technique. The training tunes the ATC model to classify, based on at least the detection characteristics data, a new detection message associated with a machine from the set of machines as a threat or as not a threat.
Bibliography:Application Number: US202017088644