Abstract: The bionic computing system includes a perception subsystem, an attention subsystem, and a temporal-spatial awareness subsystem. The perception subsystem has several perceptual devices for detecting objects from sequences of sensory data and generating an object record for each object. The attention subsystem adjusts the object records by re-identifying the tracking identities across sensory devices, generates several object associations, generate several location associations, and generates several motion implications. The temporal-spatial awareness subsystem organizes and retains the object records in a working memory space.

Abstract: An n-tiering security threat inference and correlation apparatus (100) for monitoring and anticipating cyber attacks is disclosed. The apparatus comprises a plurality of groups of inference-correlation systems (106(a, b)-114(a, b)), each group arranged with at least one inference system and at least one associated correlation system configured to monitor at least one network; and an input/output (I/O) system (102) configured to receive security events, and broadcast the received security events to the plurality of groups of inference-correlation systems; wherein the respective groups of inference-correlation systems are configured to process only the broadcasted security events relevant to the respective networks to identify the cyber attacks. A method of operating the apparatus is also disclosed.

Abstract: This document discloses a method and system for just-in-time compression and optimization of raw unstructured in-line and in-transit data by identifying low entropy data blocks or duplicated information security information in raw computer security alerts within a series of time windows. In particular, the method and system automatically manages; processes; and optimizes in-line and in-transit data blocks or raw information security alerts received from a plurality of information surveillance sources and/or peripheral monitoring devices simultaneously. The data blocks or raw information security alerts that are found to be unique in the various time windows are transposed into meta-definition tables to be further processed while redundant data blocks or raw alerts contained within each particular time window are identified, marked and processed accordingly.

Abstract: This document describes a system and method for determining a location of a mobile device within an enclosed space using audio localization techniques. In particular, the system and method utilizes audio localization techniques to identify the location of a mobile device within a multi-storey multi-room structure or an enclosure with multiple rooms.

Abstract: This document discloses a heuristic data analytics method and system for analysing potential information security threats in information security events. In particular, the heuristic data analytics method and system analyses Binary Large Objects (BLOBs) of structured and unstructured information security events at high speed and in real-time to anticipate potential security breaches that will occur in the near future using algorithms and large scale computing systems.

Abstract: This document discloses a system and method for consolidating threat intelligence data for a computer and its related networks. Massive volumes of raw threat intelligence data are collected from a plurality of sources and are partitioned into a common format for cluster analysis whereby the clustering of the data is done using unsupervised machine learning algorithms. The resulting organized threat intelligence data subsequently undergoes a weighted asset based threat severity level correlation process. All the intermediary network vulnerabilities of a particular computer network are utilized as the critical consolidation parameters of this process. The final processed intelligence data gathered through this high speed automated process is then formatted into predefined formats prior to transmission to third parties.

Abstract: This document describes a system and method for quantitatively unifying and assimilating all unstructured, unlabelled and/or fragmented real-time and non-real-time cyber threat data generated by a plurality of sources. These sources may include cyber-security surveillance systems that are equipped with machine learning capabilities.

Abstract: A system and method for disrupting an information security threat that constitutes an attack on a computer asset in a computer network is provided. The provided system and method disrupts this information security threat after the attack on the computer asset has been detected by at least one of the monitoring devices on the affected computer network. An intermediate upstream gateway of the affected computer network is then utilized to disrupt this information security threat. As the detected attack is being disrupted, a mitigation action will be automatically initiated if a mitigation action associated with the attack is stored in the system's database; else information about the attack will be sent to a central command centre for further assessment. At the central command centre, a mitigating action will be further developed and executed to address the intention of the attack.

Abstract: This invention relates to a system and method for prioritizing an incident triage process in an autonomic manner. In particular, the system employs performance modifier indicators and temporal decay parameters to autonomously compile, adjust and demonstrate a list of prioritized incidents in a dynamic manner.

Abstract: This invention relates to a system and method for simultaneously displaying real-time information security threat posture of a plurality of computers and its intermediary networks that are under surveillance. In particular, the invention involves displaying a three-dimensional abstract object that has been scaled according to the size and orientation of a display screen so that the entirety of the three-dimensional abstract object may be simultaneously viewed by viewers of the display technology in its entirety. The displayed three-dimensional abstract object is made up of an amalgamation of semi-translucent three-dimensional shapes that are arranged together to achieve the unified shape and form of the three-dimensional abstract object.

Abstract: This invention relates to a system and method for prioritizing an incident triage process in an autonomic manner. In particular, the system employs performance modifier indicators and temporal decay parameters to autonomously compile, adjust and demonstrate a list of prioritized incidents in a dynamic manner.

Abstract: This document describes a system and method for quantitatively unifying and assimilating all unstructured, unlabelled and/or fragmented real-time and non-real-time cyber threat data generated by a plurality of sources. These sources may include cyber-security surveillance systems that are equipped with machine learning capabilities.

Abstract: A system and method for evaluating cyber-security threat incidents of a computer network is described in this document. In particular, it is described that cyber-security threat incidents of a computer network may be visualized by displaying these threat incidents as a plurality of graphical objects on a display of a device. A subset of these graphical objects or threat incidents may then be selected by applying a single continuous touch input to a touch interface of the device. A risk score will then be generated and displayed based on the threat incidents that are contained within the subset of graphical objects. Mitigation actions addressing the cyber-security threats that triggered these threat incidents are then implemented by the device.

Abstract: This document discloses a method and system for just-in-time compression and optimization of raw unstructured in-line and in-transit data by identifying low entropy data blocks or duplicated information security information in raw computer security alerts within a series of time windows. In particular, the method and system automatically manages; processes; and optimizes in-line and in-transit data blocks or raw information security alerts received from a plurality of information surveillance sources and/or peripheral monitoring devices simultaneously. The data blocks or raw information security alerts that are found to be unique in the various time windows are transposed into meta-definition tables to be further processed while redundant data blocks or raw alerts contained within each particular time window are identified, marked and processed accordingly.

Abstract: A system and method for evaluating cyber-security threat incidents of a computer network is described in this document. In particular, it is described that cyber-security threat incidents of a computer network may be visualized by displaying these threat incidents as a plurality of graphical objects on a display of a device. A subset of these graphical objects or threat incidents may then be selected by applying a single continuous touch input to a touch interface of the device. A risk score will then be generated and displayed based on the threat incidents that are contained within the subset of graphical objects. Mitigation actions addressing the cyber-security threats that triggered these threat incidents are then implemented by the device.

Abstract: This document discloses a heuristic data analytics method and system for analysing potential information security threats in information security events. In particular, the heuristic data analytics method and system analyses Binary Large Objects (BLOBs) of structured and unstructured information security events at high speed and in real-time to anticipate potential security breaches that will occur in the near future using algorithms and large scale computing systems.

Abstract: This invention relates to a system and method for simultaneously displaying real-time information security threat posture of a plurality of computers and its intermediary networks that are under surveillance. In particular, the invention involves displaying a three-dimensional abstract object that has been scaled according to the size and orientation of a display screen so that the entirety of the three-dimensional abstract object may be simultaneously viewed by viewers of the display technology in its entirety. The displayed three-dimensional abstract object is made up of an amalgamation of semi-translucent three-dimensional shapes that are arranged together to achieve the unified shape and form of the three-dimensional abstract object.

Abstract: The system provides secure controlled access to multiple Bluetooth devices issued to users. For example an officer may be issued a weapon. To enable monitoring of weapon status, a Bluetooth sensor may be fitted to a holster and the Officer issued with a Bluetooth enabled mobile phone. In order to establish a secure Bluetooth connection between the devices, sensor contains a restored link key and the mobile phone stores a partial link key. The supervisor enters their username and password, and a secret key into the phone which is then used with the partial link key to generate a copy of the link key stored in the first device, so that a secure connection can be established with the first device. The officer enters their username and password into the sensor, and once the secure connection is established it is sent over the secure connection to the mobile phone which then sends both user names and passwords to a verification authority.

Abstract: This document discloses a system and method for consolidating threat intelligence data for a computer and its related networks. Massive volumes of raw threat intelligence data are collected from a plurality of sources and are partitioned into a common format for cluster analysis whereby the clustering of the data is done using unsupervised machine learning algorithms. The resulting organized threat intelligence data subsequently undergoes a weighted asset based threat severity level correlation process. All the intermediary network vulnerabilities of a particular computer network are utilized as the critical consolidation parameters of this process. The final processed intelligence data gathered through this high speed automated process is then formatted into predefined formats prior to transmission to third parties.

Abstract: The system provides secure controlled access to multiple Bluetooth devices issued to users. For example an officer may be issued a weapon. To enable monitoring of weapon status, a Bluetooth sensor may be fitted to a holster and the Officer issued with a Bluetooth enabled mobile phone. In order to establish a secure Bluetooth connection between the devices, sensor contains a restored link key and the mobile phone stores a partial link key. The supervisor enters their username and password, and a secret key into the phone which is then used with the partial link key to generate a copy of the link key stored in the first device, so that a secure connection can be established with the first device. The officer enters their username and password into the sensor, and once the secure connection is established it is sent over the secure connection to the mobile phone which then sends both user names and passwords to a verification authority.