| CPC H04L 63/1433 (2013.01) [H04L 63/20 (2013.01)] | 16 Claims |
|
1. An artificial-intelligence-assisted (AI-assisted) cyberattack mission planning system, comprising:
a computing device comprising a memory, a processor, and a non-volatile data storage device;
a first machine learning algorithm operating on the computing device and trained to generate a cyberattack scenario based on information from a knowledge graph;
a knowledge graph stored on the non-volatile data storage device, the knowledge graph comprising nodes representing entities, concepts, or events, and edges representing relationships between the nodes, wherein the knowledge graph represents knowledge about a computer network;
an ontology manager comprising a first plurality of programming instructions stored in the memory which, when operating on the processor, causes the computing device to:
retrieve cybersecurity context information from a cybersecurity database;
organize the cybersecurity context information into an ontology;
receive information about the computer network, the information comprising a network configuration; and
create nodes and edges in the knowledge graph to store the information about the computer network according to the ontology
an incident generator comprising a second plurality of programming instructions stored in the memory which, when operating on the processor, causes the computing device to:
retrieve a cybersecurity threat in the form of a tactic, techniques, or procedure from the cybersecurity database;
process the cybersecurity threat through the first machine learning algorithm to generate a cyberattack scenario for the computer network based on the information about the computer network contained in the knowledge graph; and
generate a cybersecurity incident for the computer network from the cyberattack scenario, the cybersecurity incident comprising an attack mode and event severity.
|