×

IDENTIFYING THREATS BASED ON HIERARCHICAL CLASSIFICATION

  • US 20150334125A1
  • Filed: 10/21/2014
  • Published: 11/19/2015
  • Est. Priority Date: 05/16/2014
  • Status: Active Grant
First Claim
Patent Images

1. A computer system comprising:

  • one or more network interfaces that are configured to couple to a data network and to receive a plurality of packet flows therefrom;

    one or more processors coupled to the one or more network interfaces;

    an aggregator that is configured to select, based on a criterion, one or more selected packet flows from the plurality of packet flows and placing the selected packet flows into a set;

    a feature analyzer that is configured to determine, for each packet flow in the set, a flow feature associated with that packet flow based on data from that packet flow, and classifying each packet flow into a flow class based on the flow feature;

    the feature analyzer that is further configured to determine a set feature for the set based on one or more of the flow features that are associated with the selected packet flows of the set;

    a classifier that is configured to classify the set into a set class based on the set feature; and

    a threat reporter that is configured to report, based on the set class, a threat incident on a computing device originating the selected one or more one or more packet flows.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×