Abstract: Disclosed are artificial intelligence (AI)-based security risk prediction system and method for targets to be protected in a cloud environment.
Abstract: This disclosure details a method for detecting and analyzing time-series data with a cyber threat framework. It involves determining target API events, mapping these to threat behaviors, creating threat scenarios, assessing matching degree and risk, predicting threat behaviors based on risk grades, and providing solutions.
Abstract: A method for mapping API functions to threat actions by a server in multiple cloud environments includes the steps of a) mapping a first API function used in a first cloud environment provided by a first cloud server to a first threat action included in an attack technique database where a plurality of threats classified into multiple types is stored, b) generating feature information of the first API function based on descriptive information for the first API function provided by the first cloud server, c) based on the feature information of the first API function, identifying a second API function matching the first API function among at least one API function used in a second cloud environment provided by a second cloud server, and d) mapping the second API function to the first threat action.
Abstract: A method for determining a threat scenario includes the steps of selecting target API events from a user's API event data in a cloud environment based on criteria like frequency, timing, location, user, and type, mapping these to classified threat behaviors, forming a threat behavior set, identifying candidate scenarios from a database, generating security indicators by comparing candidates with the threat behavior set, determining the most likely threat scenario based on these indicators, and providing solutions to a user terminal based on this scenario.