| CPC H04L 63/1433 (2013.01) [H04L 63/1425 (2013.01)] | 12 Claims |
|
1. A method for threat activity statistical analysis driven adaptive control specification comprising:
retrieving a data structure from over a computer communications network into memory of a computing device;
parsing the data structure in the memory to extract a listing of different threat activities;
computing in the memory a statistical analysis of the different threat activities; and,
responsive to the statistical analysis surpassing a threshold for an identified one of the different threat activities, determining a corresponding threat incorporating the identified one of the different threat activities in an associated kill chain, retrieving a control specification addressing the corresponding threat, and modifying the control specification to address the corresponding threat, wherein the statistical analysis is an extrapolation of frequency at a future moment based upon a set of previously computed frequencies at previous moments, and the threshold is a threshold frequency of occurrence of the identified one of the different threat activities at the future moment.
|