Patent · US Active

Clustering approach for detecting DDoS botnets on the cloud from IPFix data

US10129295B2 · kind B2 · utility

1Cited by

4References

20Claims

0Family size

Assignee

MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

Omer Karin · Tel Aviv-Yafo, IL
Royi Ronen · Nes Ziona, IL
Hani Hana Neuvirth · Redmond, US
Roey Vilnai · Nes Ziona, IL

Key dates

Filing date	Aug 31, 2016
Grant date	Nov 13, 2018
Priority date	—
Expiry date	Oct 16, 2036

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2463/144
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Use machine learning to train a classifier to classify entities to increase confidence with respect to an entity being part of a distributed denial of service attack. The method includes training a classifier to use a first classification method, to identify probabilities that entities from a set of entities are performing denial of service attacks. The method further includes identifying a subset of entities meeting a threshold probability of performing a denial of service attack. The method further includes using a second classification method, identifying similarity of entities in the subset of entities. The method further includes based on the similarity, classifying individual entities.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.