×

Verifying network attack detector effectiveness

  • US 9,686,312 B2
  • Filed: 07/23/2014
  • Issued: 06/20/2017
  • Est. Priority Date: 07/23/2014
  • Status: Active Grant
First Claim
Patent Images

1. A method, comprising:

  • receiving, at a device in a network, a classifier tracking request from a coordinator device that specifies a classifier verification time period, wherein the classifier verification time period is a scheduled time period at which a validation test is performed;

    performing the validation test by;

    classifying, by the device and during the classifier verification time period, a set of network traffic that includes traffic observed by the device and attack traffic specified by the coordinator device;

    generating, by the device, classification results based on the classified set of network traffic; and

    providing, by the device, the classification results to the coordinator device, the classification results used by the coordinator device to identify whether or not performance of an attack detector of the device is above a specified performance threshold for detecting an attack,wherein the attack traffic and the observed traffic are received from one or more other devices in the network, and wherein the coordinator device instructs the one or more other devices to send the attack traffic at a low priority.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×