US 12,231,447 B2
Graph analytics and visualization for cyber situational understanding
Steven E. Noel, Woodbridge, VA (US); Man M. Sapra, Aldie, VA (US); Stephen F. Purdy, Springfield, VA (US); Jeremy T. Martin, Bel Air, MD (US); Mandira D. Hegde, Rosedale, MD (US); and Brianna L. Chen, Arlington, VA (US)
Assigned to THE MITRE CORPORATION, McLean, VA (US)
Filed by The MITRE Corporation, McLean, VA (US)
Filed on Oct. 7, 2021, as Appl. No. 17/496,519.
Prior Publication US 2023/0111177 A1, Apr. 13, 2023
Int. Cl. H04L 29/06 (2006.01); G06N 5/02 (2023.01); H04L 9/40 (2022.01)
CPC H04L 63/1425 (2013.01) [G06N 5/02 (2013.01)] 38 Claims
OG exemplary drawing
 
1. A computer implemented method comprising:
normalizing, by at least one processor, cyber information received for a plurality of cyberspace entities;
generating, by the at least one processor, cyber-graphs based on relationships between two or more of the plurality of cyberspace entities;
receiving, by the at least one processor, a cyber-threat inquiry of the cyber-graphs;
selecting, based on the cyber-threat inquiry, one or more cyber-graphs that represent impacts on a plurality of functions critical to organization mission operations associated with a plurality of selected IP addresses suspected to be compromised by a cyber-threat actor;
generating, by the at least one processor, a visualization of a result of the cyber-threat inquiry within a corresponding operational environment, wherein the visualization comprises one or more graphical layers rendered over imagery of a corresponding geographical environment; and
wherein at least one of the normalizing, generating, and receiving are performed by one or more computers.