| CPC G06F 21/554 (2013.01) [G06F 21/566 (2013.01); G06F 2221/034 (2013.01)] | 20 Claims |
|
1. A system for using spurious data samples in a dataset to determine a time window during which a malicious device caused a cybersecurity incident, the system comprising:
one or more processors; and
a non-transitory, computer readable medium having instructions recorded thereon that, when executed by the one or more processors, cause operations comprising:
obtaining a first dataset comprising a set of original data samples and a first set of spurious data samples, wherein spurious data samples of the first set of spurious data samples are stored at locations, identifiable by a key, within the first dataset, wherein the first set of spurious data samples are configured to decrease accuracy of a machine learning model by more than a threshold percentage amount;
based on a time period expiring, replacing the first set of spurious data samples in the first dataset with a second set of spurious data samples;
obtaining an indication that a second dataset is available via a third-party computing device;
determining that a subset of samples of the second dataset match the first set of spurious data samples;
based on the subset of samples of the second dataset matching the first set of spurious data samples determining a time window in which a cybersecurity incident occurred, wherein the time window corresponds to a time before the first set of spurious data samples were replaced with the second set of spurious data samples; and
outputting an indication of the time window.
|