公开(公告)号：US20230076127A1

公开(公告)日：2023-03-09

申请号：US17883040

申请日：2022-08-08

Applicant: NEC Laboratories America, Inc.

Inventor： Xiao Yu ,  Yanchi Liu ,  Haifeng Chen ,  Yufei Li

IPC: G06F40/295 ,  G06F40/40 ,  G06F21/57

Abstract: Systems and methods are provided for adapting a pretrained language model to perform cybersecurity-specific named entity recognition and relation extraction. The method includes introducing a pretrained language model and a corpus of security text to a model adaptor, and generating a fine-tuned language model through unsupervised training utilizing the security text corpus. The method further includes combining a joint extraction model from a head for joint extraction with the fine-tuned language model to form an adapted joint extraction model that can perform entity and relation label prediction. The method further includes applying distant labels to security text in the corpus of security text to produce security text with distant labels, and performing Distant Supervision Training for joint extraction on the adapted joint extraction model using the security text to transform the adapted joint extraction model into a Security Language Model for name-entity recognition (NER) and relation extraction (RE).

公开(公告)号：US20240064161A1

公开(公告)日：2024-02-22

申请号：US18359179

申请日：2023-07-26

Applicant: NEC Laboratories America, Inc.

Inventor： Yanchi Liu ,  Haifeng Chen ,  Yufei Li

IPC: H04L9/40 ,  H04L41/16

CPC classification number: H04L63/1425 ,  H04L41/16

Abstract: A computer-implemented method for employing a graph-based log anomaly detection framework to detect relational anomalies in system logs is provided. The method includes collecting log events from systems or applications or sensors or instruments, constructing dynamic graphs to describe relationships among the log events and log fields by using a sliding window with a fixed time interval to snapshot a batch of the log events, capturing sequential patterns by employing temporal-attentive transformers to learn temporal dependencies within the sequential patterns, and detecting anomalous patterns in the log events based on relationships between the log events and temporal context determined from the temporal-attentive transformers.