GENERATE A COMMUNICATION GRAPH USING AN APPLICATION DEPENDENCY MAPPING (ADM) PIPELINE
First Claim
1. A computer-implemented method comprising:
- collecting network data using a plurality of sensors associated with a plurality of nodes of a network;
generating, based upon the network data, a plurality of vectors associated with the plurality of nodes;
determining similarities between the plurality of vectors;
clustering, based at least upon the similarities, the plurality of vectors into a plurality of clustered vectors; and
defining a policy based at least upon the plurality of clustered vectors, the policy prohibiting communications between at least two nodes of the plurality of nodes in the network.
1 Assignment
0 Petitions
Accused Products
Abstract
This disclosure generally relates to a method and system for generating a communication graph of a network using an application dependency mapping (ADM) pipeline. In one aspect of the disclosure, the method comprises receiving network data (e.g., flow data and process information at each node) from a plurality of sensors associated with a plurality of nodes of the network, determining a plurality of vectors and an initial graph of the plurality of nodes based upon the network data, determining similarities between the plurality of vectors, clustering the plurality of vectors into a plurality of clustered vectors based upon the similarities between the plurality of vectors, and generating a communication graph of the network system based upon the plurality of clustered vectors.
-
Citations
20 Claims
-
1. A computer-implemented method comprising:
-
collecting network data using a plurality of sensors associated with a plurality of nodes of a network; generating, based upon the network data, a plurality of vectors associated with the plurality of nodes; determining similarities between the plurality of vectors; clustering, based at least upon the similarities, the plurality of vectors into a plurality of clustered vectors; and defining a policy based at least upon the plurality of clustered vectors, the policy prohibiting communications between at least two nodes of the plurality of nodes in the network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system comprising:
-
a processor; and a computer-readable medium storing instructions that, when executed by the processor, cause the system to perform operations comprising; collecting network data using a plurality of sensors associated with a plurality of nodes of a network; generating, based upon the network data, a plurality of vectors associated with the plurality of nodes; determining similarities between the plurality of vectors; clustering, based at least upon the similarities, the plurality of vectors into a plurality of clustered vectors; and defining a policy based at least upon the plurality of clustered vectors, the policy prohibiting communications between at least two nodes of the plurality of nodes in the network. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A non-transitory computer-readable storage medium having stored therein instructions that, upon being executed by a processor, cause the processor to:
-
collect network data using a plurality of sensors associated with a plurality of nodes of a network; generate, based upon the network data, a plurality of vectors associated with the plurality of nodes; determine similarities between the plurality of vectors; cluster, based at least upon the similarities, the plurality of vectors into a plurality of clustered vectors; and define a policy based at least upon the plurality of clustered vectors, the policy prohibiting communications between at least two nodes of the plurality of nodes in the network. - View Dependent Claims (19, 20)
-
Specification