Invention Grant
- Patent Title: Method and system for clustering darknet traffic streams with word embeddings
-
Application No.: US16838136Application Date: 2020-04-02
-
Publication No.: US11695794B2Publication Date: 2023-07-04
- Inventor: Dvir Cohen , Asaf Shabtai , Yuval Elovici , Yisroel Avraham Mirsky , Rami Puzis , Tobias Martin , Manuel Kamp
- Applicant: DEUTSCHE TELEKOM AG
- Applicant Address: DE Bonn
- Assignee: DEUTSCHE TELEKOM AG
- Current Assignee: DEUTSCHE TELEKOM AG
- Current Assignee Address: DE Bonn
- Agency: Hoffman Warnick LLC
- Main IPC: G06F11/30
- IPC: G06F11/30 ; H04L9/40 ; G06N3/04 ; G06F18/23

Abstract:
A system for analyzing and clustering darknet traffic streams with word embeddings, comprising a data processing module which collects packets that are sent to non-existing IP addresses that belong to darknet's taps (blackholes) that are deployed over the internet: a port embedding module for performing port sequence embeddings by using a word embedding algorithm on the port sequences extracted from the data processing module while transforming the port sequences into a meaningful numerical feature vectors: a clustering module for performing temporal clustering of the feature vectors over time; and an alert logic and visualization module visualizes the data and provides alerts regarding a cluster that an analyst classified as malicious in the past.
Public/Granted literature
- US20200322368A1 METHOD AND SYSTEM FOR CLUSTERING DARKNET TRAFFIC STREAMS WITH WORD EMBEDDINGS Public/Granted day:2020-10-08
Information query