Patent · US Active

Security threat detection based on network flow analysis

US11785032B2 · kind B2 · utility

0Cited by

52References

15Claims

0Family size

Assignee

VMware LLC · US

Inventors

Santhanakrishnan Kaliya Perumal · Cupertino, US
Tejas Sanjeev Panse · Palo Alto, US
Aditi Vutukuri · Atlanta, US
Rajiv Mordani · Sunnyvale, US
Margaret Petrus · San Jose, US

Key dates

Filing date	Apr 1, 2021
Grant date	Oct 10, 2023
Priority date	—
Expiry date	Jun 5, 2041

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/20
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Some embodiments provide a method for identifying security threats to a datacenter. From multiple host computers in the datacenter, the method receives data indicating port usage for a particular time period for each of multiple destination data compute nodes (DCNs) executing on the host computers. For each DCN of a set of the destination DCNs, identifies whether the port usage for the particular time period deviates from a historical baseline port usage for the DCN. When the port usage for a particular DCN deviates from the historical baseline for the particular DCN, the method identifies the particular DCN as a target of a security threat.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.