Abstract
Traditional security analytics, which relies on centralized data collection and processing, can raise concerns relating to privacy, data-transmission costs, threat-response latency, and jurisdictional data-handling requirements. This disclosure describes techniques to perform security analytics across a distributed network of edge computing nodes. By leveraging edge computing to collect and analyze data from endpoint devices, data collection/transmission is optimized and privacy is enhanced. Centralized processing via federated/distributed processing is limited. Adaptive filtering is used to dynamically adjust data processing and transmission based on detected events and risk levels. A tiered zoning approach processes high-risk events centrally, quarantines moderate-risk events for further analysis regionally, and handles low-risk events locally. The techniques optimize resource utilization and ensure efficient, scalable, and privacy-conscious security analytics. Tiered granularity improves the privacy and utility trade-off in privacy-preserving machine learning. Security learnings are globally learned and aggregated in a privacy-preserving manner.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Recommended Citation
Ravindranath, Radhika; Black, James; and Mouton, Jacques, "Distributed Security Orchestration with Adaptive Filtering and Data Minimization", Technical Disclosure Commons, (November 19, 2025)
https://www.tdcommons.org/dpubs_series/8906