The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Oct. 01, 2024
Filed:
Jan. 23, 2024
Korea Internet & Security Agency, Naju-si, KR;
Joon Hyung Lim, Naju-si, KR;
Tae Eun Kim, Naju-si, KR;
Ki Jong Son, Naju-si, KR;
Sae Woom Lee, Naju-si, KR;
Seul Ki Choi, Naju-si, KR;
Tae Hyeon Kim, Naju-si, KR;
KOREA INTERNET & SECURITY AGENCY, Naju-si, KR;
Abstract
The method for automatically generating a playbook performed by a computing apparatus according to the present disclosure comprises periodically collecting asset information and CTI (Cyber Threat Intelligence) information of a target network, extracting TTP (Tactics, Techniques, Procedure) information using the collected asset information and the collected CTI information, retrieving a data source of the extracted TTP information, generating a temporary playbook including a data component matching a detection method of the extracted TTP information among a plurality of data components of the retrieved data source, verifying validity of the temporary playbook based on data component order information of the temporary playbook and determining whether rearrangement of data components included in the temporary playbook is needed, and rearranging data components included in the temporary playbook, and storing it as a final playbook.