Techniques for data routing and management using risk classification and data sampling
First Claim
Patent Images
1. A computer-implemented method, comprising:
- selecting, by a computer system connected via a network, a traffic sample of data traversing the network;
processing, by the computer system, the traffic sample using a plurality of risk classifiers, by;
determining a plurality of attributes of the traffic sample;
identifying a corresponding subset of the plurality of risk classifiers for the plurality of attributes;
generating, based at least in part on the corresponding subset of risk classifiers, the plurality of attributes, and the traffic sample, a plurality of risk level components that are dependent on outcomes associated with other risk level components generated from other risk classifiers of the plurality of risk classifiers; and
combining the plurality of risk level components to generate an overall risk level for the traffic sample; and
causing, by the computer system, routing on the network of the data based at least in part on the overall risk level.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques described and suggested herein include various systems and methods for determining risk levels associated with transiting data, and routing portions of the data in accordance with the determined risk levels. For example, a risk analyzer may apply risk classifiers to transiting data to determine overall risk levels of some or all of the transiting data. A traffic router may route transiting data according to determined risk profiles for the data. A sandbox may be implemented to compare, for a given input, expected and observed outputs for a subset of transiting data, so as to determine risk profiles associated with at least the subset.
-
Citations
19 Claims
-
1. A computer-implemented method, comprising:
-
selecting, by a computer system connected via a network, a traffic sample of data traversing the network; processing, by the computer system, the traffic sample using a plurality of risk classifiers, by; determining a plurality of attributes of the traffic sample; identifying a corresponding subset of the plurality of risk classifiers for the plurality of attributes; generating, based at least in part on the corresponding subset of risk classifiers, the plurality of attributes, and the traffic sample, a plurality of risk level components that are dependent on outcomes associated with other risk level components generated from other risk classifiers of the plurality of risk classifiers; and combining the plurality of risk level components to generate an overall risk level for the traffic sample; and causing, by the computer system, routing on the network of the data based at least in part on the overall risk level. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system, comprising:
at least one computing device that implements one or more services that at least; generate a traffic sample from data traversing a network associated with the at least one computing device; select a plurality of attributes of the traffic sample; associate a corresponding plurality of risk classifiers with the plurality of attributes; process the traffic sample using at least a subset of the plurality of risk classifiers to generate a corresponding plurality of risk level components that are dependent on outcomes associated with other risk level components generated from other risk classifiers of the plurality of risk classifiers; and determine an overall risk level for the traffic sample based at least in part on the risk level components. - View Dependent Claims (9, 10, 11, 12, 13)
-
14. A non-transitory computer-readable storage medium having stored thereon executable instructions that, upon execution by one or more processors of a computer system, cause the computer system to at least:
-
select a plurality of attributes of a traffic sample; associate a corresponding plurality of risk classifiers with the plurality of attributes; process the traffic sample using at least a subset of the plurality of risk classifiers to generate a corresponding plurality of risk level components that are dependent on outcomes associated with other risk level components generated from other risk classifiers of the plurality of risk classifiers; and determine a risk level for the traffic sample based at least in part on the risk level components. - View Dependent Claims (15, 16, 17, 18, 19)
-
Specification