×

Classification of detected network anomalies using additional data

  • US 10,404,525 B2
  • Filed: 10/18/2013
  • Issued: 09/03/2019
  • Est. Priority Date: 10/18/2013
  • Status: Active Grant
First Claim
Patent Images

1. A method performed in a device that analyzes network anomalies in a communication network, the method comprising:

  • receiving an indication of a network anomaly which was detected by monitoring the communication network;

    responsive to receiving the indication, communicating, to a data source external to the communication network, a request for scheduled event information from outside of the communication network;

    responsive to receiving the scheduled event information from outside of the communication network, identifying a previously detected network anomaly associated with a scheduled event that previously occurred outside of the communication network based on the scheduled event information received from outside of the communication network;

    responsive to identifying the previously detected network anomaly, determining a classification of the detected network anomaly as unexpected behavior based on a determination that the detected network anomaly is not similar to the previously detected network anomaly associated with the scheduled event that previously occurred outside of the communication network;

    responsive to determining the classification of the detected network anomaly as unexpected behavior, providing a report of the detected network anomaly in response to the classification of the detected network anomaly as unexpected behavior;

    responsive to identifying the previously detected network anomaly, determining a classification of the detected network anomaly as expected behavior of the communication network based on a determination that the previously detected network anomaly associated with the scheduled event occurring outside of the communication network is similar to the detected network anomaly; and

    responsive to determining the classification of the detected network anomaly as expected behavior, suppressing reporting of the detected network anomaly.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×