Patent attributes
An information security system that includes an information security engine configured to monitor data transmissions within a network and to detect a first attack by a malicious software element. The information security engine is further configured to detect a second attack by the malicious software element within a predetermined time interval from the first attack and to transfer the malicious software element from the network to an emulated network in response to detecting the second attack. The information security engine is further configured to generate an attack log comprising behavior characteristics for attacks performed by the malicious software element in the emulated network and to train a machine learning model based on behavior characteristics from the attack log.
