Patent · US Active

Remediating false positives of intrusion detection systems with guest introspection

US11463300B2 · kind B2 · utility

0Cited by

4References

22Claims

0Family size

Assignee

VMware LLC · US

Inventors

Nafisa Mandliwala · Sunnyvale, US
Sirisha Myneni · Santa Clara, US
Robin Manhas · Cupertino, US
Baibhav Singh · Sunnyvale, US

Key dates

Filing date	Jul 13, 2020
Grant date	Oct 4, 2022
Priority date	—
Expiry date	Jul 13, 2040

Classification

Technology area (CPC H)Electricity
CPC primaryH04L41/122
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

The disclosure provides an approach for remediating false positives for a network security monitoring component. Embodiments include receiving an alert related to network security for a virtual computing instance (VCI). Embodiments include collecting, in response to receiving the alert, context information from the VCI. Embodiments include providing a notification to a management plane based on the alert and the context information. Embodiments include receiving, from the management plane, in response to the notification, an indication of whether the alert is a false positive. Embodiments include training a model based on the alert, the context information, and the indication to determine whether a given alert is a false positive.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.