	US 11,838,117 B2
	Systems and methods for detecting and mitigating cyber security threats
Frederick Johannes Venter, Driftwood, TX (US); Jayendra Pathak, Austin, TX (US); and Bruce William Watson, Eindhoven (NL)
Assigned to COMPUTED FUTURE, INC., Driftwood, TX (US)
Filed by COMPUTED FUTURE, INC, Driftwood, TX (US)
Filed on May 22, 2020, as Appl. No. 16/881,186.
Claims priority of provisional application 62/851,527, filed on May 22, 2019.
Prior Publication US 2021/0075803 A1, Mar. 11, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06N 5/025 (2023.01); G06N 5/04 (2023.01)

CPC H04L 63/1416 (2013.01) [G06N 5/025 (2013.01); G06N 5/04 (2013.01); H04L 63/1433 (2013.01); H04L 63/1466 (2013.01); H04L 63/20 (2013.01)]

20 Claims

1. A method for protecting computing assets in a protected computing environment, the method comprising:

detecting a set of events associated with an originator using a set of event sensors, wherein the originator is a monitored resource in the protected computing environment;

comparing, using an inference server in communication with the set of event sensors, the detected set of events to a detection model, the detection model including an event lattice, the event lattice including a set of event nodes and a set of nodes linked to event nodes of the set of event nodes, each node having a node position corresponding to events sensed by the event sensors;

determining a pattern of behavior indicative of an attack on the computing assets based on the comparing; and

communicating, using the inference server, an identifier associated with the originator.