| CPC H04L 63/1483 (2013.01) [G06N 20/00 (2019.01); H04L 63/1425 (2013.01); H04L 63/1433 (2013.01)] | 20 Claims |
|
1. A method for accelerating a cybersecurity event detection and remediation, the method comprising:
computing, by a text embedding model, at least one text embedding value for a suspicious electronic communication based on a corpus of text data extracted from the suspicious electronic communication;
evaluating the at least one text embedding value computed for the suspicious electronic communication against an n-dimensional mapping of embedding vectors of a plurality of distinct historical electronic communications;
identifying a distinct embedding vector of the n-dimensional mapping associated with a historical electronic communication based on the evaluation of the at least one text embedding value against the n-dimensional mapping;
evaluating whether the suspicious electronic communication is one of a phishing electronic communication or a non-phishing electronic communication based on an evaluation of a message body of the suspicious electronic communication against a message body of the historical electronic communication associated with the distinct embedding vector; and
routing data associated with the suspicious electronic communication to one of a plurality of distinct cybersecurity threat mitigation routes based on evaluation of the suspicious electronic communication corresponding to the phishing electronic communication.
|