US 12,265,614 B2
Label recommendation for cybersecurity content
Aviv Ron, Klachim (IL); Eitan Menahem, Be'er Sheva (IL); Anton Puzanov, Mitzpe Ramon (IL); Bar Haim, Sufa (IL); Eitan Chertok, Negev Beer Sheva (IL); and Romy Varga, Ottawa (CA)
Assigned to International Business Machines Corporation, Armonk, NY (US)
Filed by INTERNATIONAL BUSINESS MACHINES CORPORATION, Armonk, NY (US)
Filed on Nov. 3, 2022, as Appl. No. 18/052,267.
Prior Publication US 2024/0152606 A1, May 9, 2024
Int. Cl. G06F 21/55 (2013.01); G06F 18/22 (2023.01)
CPC G06F 21/554 (2013.01) [G06F 18/22 (2023.01)] 20 Claims
OG exemplary drawing
 
1. A computer-implemented method comprising:
generating a set of labels for a received cybersecurity incident based on features of the received cybersecurity incident;
generating, by a pre-trained Bidirectional Encoder Representations and Transformers (BERT) model, vector representations for the received cybersecurity incident and vector representations for a plurality of labeled historical cybersecurity incidents;
identifying at least one labeled historical cybersecurity incident having a sufficient similarity to the received cybersecurity incident based on a cosine similarity between corresponding vector representations of sentences in the received cybersecurity incident and corresponding vector representations of sentences in the at least one labeled historical cybersecurity incident;
applying at least one label associated with the at least one labeled historical cybersecurity incident to the set of labels for the received cybersecurity incident;
prioritizing the set of labels to generate a subset of labels; and
associating the subset of labels to the received cybersecurity incident.