CLASSIFICATION OF DETECTED NETWORK ANOMALIES USING ADDITIONAL DATA
First Claim
1. A method for analyzing network anomalies in a communication network, the method comprising:
- receiving an indication of a network anomaly which was detected by monitoring the communication network;
on the basis of data representing the detected network anomaly and on the basis of additional data, performing classification of the detected network anomaly; and
depending on the classification of the detected network anomaly, providing a report of the detected network anomaly.
1 Assignment
0 Petitions
Accused Products
Abstract
A network anomaly detector detects a network anomaly by monitoring a communication network and provides an indication of the detected network anomaly to a network anomaly analyzer. The network anomaly analyzer receives the indication of the detected network anomaly and, on the basis of data representing the detected network anomaly and additional data, e.g., from outside the communication network, performs classification of the detected network anomaly. Depending on the classification of the detected network anomaly, the network anomaly analyzer provides a report of the detected network anomaly to another node. If for example the detected network anomaly is classified as expected behavior, reporting of the detected network anomaly may be suppressed.
-
Citations
34 Claims
-
1. A method for analyzing network anomalies in a communication network, the method comprising:
-
receiving an indication of a network anomaly which was detected by monitoring the communication network; on the basis of data representing the detected network anomaly and on the basis of additional data, performing classification of the detected network anomaly; and depending on the classification of the detected network anomaly, providing a report of the detected network anomaly. - View Dependent Claims (2, 3, 5, 6, 7, 9, 11, 12, 13, 14, 34)
-
-
4. (canceled)
-
8. (canceled)
-
10. (canceled)
-
15. A device for analyzing network anomalies in a communication network, the device comprising at least one processor,
wherein the at least one processor is configured to: -
receive an indication of a network anomaly which was detected by monitoring the communication network; on the basis of data representing the detected network anomaly and on the basis of additional data, perform classification of the detected network anomaly; and depending on the classification of the detected network anomaly, provide a report of the detected network anomaly. - View Dependent Claims (18, 19, 21, 22, 23, 25, 27, 28, 29, 30)
-
-
16-17. -17. (canceled)
-
20. (canceled)
-
24. (canceled)
-
26. (canceled)
-
31. (canceled)
-
32. A system for analyzing network anomalies in a communication network, the system comprising:
-
a network anomaly detector; and a network anomaly analyzer, wherein the network anomaly detector is configured to detect a network anomaly by monitoring the communication network and provide an indication of the detected network anomaly to the network anomaly analyzer, and wherein the network anomaly analyzer is configured to; receive the indication of the detected network anomaly, on the basis of data representing the detected network anomaly and additional data, perform classification of the detected network anomaly, and depending on the classification of the detected network anomaly, provide a report of the detected network anomaly.
-
-
33. (canceled)
Specification