Invention Grant
US07962611B2 Methods, systems and computer program products for detecting flow-level network traffic anomalies via abstraction levels
失效
用于通过抽象级别检测流量级网络流量异常的方法,系统和计算机程序产品
- Patent Title: Methods, systems and computer program products for detecting flow-level network traffic anomalies via abstraction levels
- Patent Title (中): 用于通过抽象级别检测流量级网络流量异常的方法,系统和计算机程序产品
-
Application No.: US12056583Application Date: 2008-03-27
-
Publication No.: US07962611B2Publication Date: 2011-06-14
- Inventor: Paul T. Hurley , Andreas Kind , Marc Ph. Stoecklin
- Applicant: Paul T. Hurley , Andreas Kind , Marc Ph. Stoecklin
- Applicant Address: US NY Armonk
- Assignee: International Business Machines Corporation
- Current Assignee: International Business Machines Corporation
- Current Assignee Address: US NY Armonk
- Agency: Cantor Colburn LLP
- Agent Stephen Kaufman
- Main IPC: G06F15/173
- IPC: G06F15/173
Abstract:
Methods, systems and computer program products for detecting flow-level network traffic anomalies via abstraction levels. An exemplary embodiment includes a method for detecting flow-level network traffic anomalies in a computer network, the method including obtaining current distributions of flow level traffic features within the computer network, computing distances of the current distributions' components from a distributions model, comparing the distances of the current distributions to distance baselines from the distributions model, determining if the distances are above a pre-determined thresholds and in response to one or more of the distances being above the pre-determined thresholds in one or more distributions, identifying the current condition to be abnormal and providing indications to its nature.
Public/Granted literature
Information query
