公开(公告)号：US20190129705A1

公开(公告)日：2019-05-02

申请号：US15800612

申请日：2017-11-01

Applicant: International Business Machines Corporation

Inventor： Muhammed Fatih Bulut ,  Lisa M. Chavez ,  Jinho Hwang ,  Virginia Mayo ,  Vugranam C. Sreedhar ,  Sai Zeng

IPC: G06F9/445 ,  G06N99/00

Abstract: Techniques that facilitate group patching recommendation and/or remediation with risk assessment are provided. In one example, a system includes a vertical stack component, a horizontal stack component and a risk classification component. The vertical stack component identifies a first patch profile from a software system associated with a computer system environment. The horizontal stack component identifies a second patch profile from a hardware system associated with network nodes of the computer system environment. The system learns over time to identify repetitive patterns using machine learning techniques. Then, the risk classification component performs a machine learning process to determine a risk classification for the computer system environment based on the first patch profile and the second patch profile.

公开(公告)号：US20190166150A1

公开(公告)日：2019-05-30

申请号：US15825086

申请日：2017-11-28

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Muhammed Fatih Bulut ,  Lisa M. Chavez ,  Jinho Hwang ,  Virginia Mayo ,  Maja Vukovic ,  Sai Zeng

IPC: H04L29/06 ,  H04L12/58 ,  G06Q50/00

Abstract: A method and system of identifying technical experts for an identified vulnerability is provided. One or more technical experts for each of one or more categories of the vulnerability are identified. Questions are sent to and answers are received from the one or more identified technical experts for each of the one or more categories of vulnerabilities, via a chatbot module. Answers to parameters that are missing for a Common Vulnerability Scoring System (CVSS) for the identified vulnerability are determined from the received answers to the parameters. The answers to the parameters are validated and a CVSS score is calculated based on the validated determined answers.

公开(公告)号：US20190268366A1

公开(公告)日：2019-08-29

申请号：US15904529

申请日：2018-02-26

Applicant: International Business Machines Corporation

Inventor： Sai Zeng ,  Vugranam C. Sreedhar ,  Karin Murthy ,  Jinho Hwang ,  Milton H. Hernandez ,  Lisa M. Chavez ,  Muhammed Fatih Bulut ,  Virginia Mayo ,  Xinli Wang ,  Cindy Mullen

IPC: H04L29/06 ,  G06N3/08 ,  G06N3/04

Abstract: A system includes a memory that stores computer executable components and neural network data, and a processor executes computer executable components stored in the memory. An assessment component assesses a computer network, and classifies the computer network relative to M network classifications stored in a repository, wherein M is an integer greater than one. A risk component determines risk of vulnerability subject to change impact regarding protection against a computer virus or cyber-attack based on historical information regarding vulnerability exposure and vulnerability remediation changes relative to the classification of the computer network. A recommendation component that generates recommendations and best action to mitigate risk and impact, and remediate the vulnerabilities based on the risk assessment and business priorities.

公开(公告)号：US10601857B2

公开(公告)日：2020-03-24

申请号：US15825086

申请日：2017-11-28

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Muhammed Fatih Bulut ,  Lisa Chavez ,  Jinho Hwang ,  Virginia Mayo ,  Maja Vukovic ,  Sai Zeng

IPC: H04L29/06 ,  G06Q50/00 ,  H04L12/58

Abstract: A method and system of identifying technical experts for an identified vulnerability is provided. One or more technical experts for each of one or more categories of the vulnerability are identified. Questions are sent to and answers are received from the one or more identified technical experts for each of the one or more categories of vulnerabilities, via a chatbot module. Answers to parameters that are missing for a Common Vulnerability Scoring System (CVSS) for the identified vulnerability are determined from the received answers to the parameters. The answers to the parameters are validated and a CVSS score is calculated based on the validated determined answers.

公开(公告)号：US10778713B2

公开(公告)日：2020-09-15

申请号：US15904529

申请日：2018-02-26

Applicant: International Business Machines Corporation

Inventor： Sai Zeng ,  Vugranam C. Sreedhar ,  Karin Murthy ,  Jinho Hwang ,  Milton H. Hernandez ,  Lisa M. Chavez ,  Muhammed Fatih Bulut ,  Virginia Mayo ,  Xinli Wang ,  Cindy Mullen

IPC: H04L29/06 ,  G06N3/04 ,  G06N3/08

Abstract: A system includes a memory that stores computer executable components and neural network data, and a processor executes computer executable components stored in the memory. An assessment component assesses a computer network, and classifies the computer network relative to M network classifications stored in a repository, wherein M is an integer greater than one. A risk component determines risk of vulnerability subject to change impact regarding protection against a computer virus or cyber-attack based on historical information regarding vulnerability exposure and vulnerability remediation changes relative to the classification of the computer network. A recommendation component that generates recommendations and best action to mitigate risk and impact, and remediate the vulnerabilities based on the risk assessment and business priorities.

公开(公告)号：US10649758B2

公开(公告)日：2020-05-12

申请号：US15800612

申请日：2017-11-01

Applicant: International Business Machines Corporation

Inventor： Muhammed Fatih Bulut ,  Lisa M. Chavez ,  Jinho Hwang ,  Virginia Mayo ,  Vugranam C. Sreedhar ,  Sai Zeng

IPC: G06F8/65 ,  G06F21/57 ,  G06F11/36 ,  G06F21/50 ,  G06N20/00

Abstract: Techniques that facilitate group patching recommendation and/or remediation with risk assessment are provided. In one example, a system includes a vertical stack component, a horizontal stack component and a risk classification component. The vertical stack component identifies a first patch profile from a software system associated with a computer system environment. The horizontal stack component identifies a second patch profile from a hardware system associated with network nodes of the computer system environment. The system learns over time to identify repetitive patterns using machine learning techniques. Then, the risk classification component performs a machine learning process to determine a risk classification for the computer system environment based on the first patch profile and the second patch profile.

公开(公告)号：US20190166151A1

公开(公告)日：2019-05-30

申请号：US15825089

申请日：2017-11-28

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Muhammed Fatih Bulut ,  Lisa M. Chavez ,  Jinho Hwang ,  Anup Kalia ,  Virginia Mayo ,  Sai Zeng

IPC: H04L29/06 ,  G06Q50/00 ,  H04L12/58

Abstract: A method and system of identifying a computing device vulnerability is provided. Social media communication is monitored. Social media threads that are related to a vulnerability, based on the monitored social media communication, are identified, filtered, and categorized into one or more predetermined categories of computing device vulnerabilities. Upon determining that a number of social media posts related to the vulnerability is above a first predetermined threshold, one or more dependable social media threads in a same one or more categories as the vulnerability are searched. One or more possible root causes of the vulnerability are determined from the searched dependable social media threads. A validity score for each of the one or more possible root causes is assigned. A possible root cause from that has a highest validity score that is above a second predetermined threshold is selected to be the root cause of the vulnerability.