Browse Prior Art Database

Event Correlation Technique for Combating Advanced Persistent Threats (APTs)

IP.com Disclosure Number: IPCOM000244914D
Publication Date: 2016-Jan-29

Publishing Venue

The IP.com Prior Art Database

Related People

Inventors:
Anand Sankruthi

Abstract

This publication describes a method to determine a set of event trails, starting from the event that was responsible for a state change in a protected asset and going backwards towards the event that was created from an external entity. The set of event trails thus formed will be processed to find their criticality rank, calculated using the event type of events forming the event trail and the risk profile of the event generator. Finally, an administrator may receive an alert of that single event or event trail based on its criticality rank