Methods for establishing anomaly detection configurations and identifying anomalous network traffic and devices thereof
US10122740B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 25, 2016 |
| Grant date | Nov 6, 2018 |
| Priority date | — |
| Expiry date | Aug 29, 2036 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1441
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method, non-transitory computer readable medium, and network security apparatus that monitors received network traffic to obtain signal data for signals associated with the network traffic in accordance with a stored configuration. A model and configuration update(s) are generated and the stored configuration is updated based on the configuration update(s). The model includes a threshold for at least one of the signals. A determination is made when there is an anomaly in the network traffic based on the application of the model to the signal data or a match of at least a portion of the signal data to an anomalous traffic pattern received from a centralized analytic server computing device. A mitigation action is initiated, when the determining indicates that there is an anomaly in the network traffic. Accordingly, this technology facilitates dynamic and adaptive network traffic analysis and anomaly detection including improvements thereto independent of human intervention.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.