Systems and methods for capturing, replaying, or analyzing time-series data
US9237164B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 19, 2014 |
| Grant date | Jan 12, 2016 |
| Priority date | — |
| Expiry date | Jun 19, 2034 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1458
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Provided is an intrusion detection system configured to detect anomalies indicative of a zero-day attack by statistically analyzing substantially all traffic on a network in real-time. The intrusion detection system, in some aspects, includes a network interface; one or more processors communicatively coupled to the network interface; system memory communicatively coupled to the processors. The system memory, in some aspects, stores instructions that when executed by the processors cause the processors to perform steps including: buffering network data from the network interface in the system memory; retrieving the network data buffered in the system memory; applying each of a plurality of statistical or machine-learning intrusion-detection models to the retrieved network data; aggregating intrusion-likelihood scores from each of the intrusion-detection models in an aggregate score, and upon the aggregate score exceeding a threshold, outputting an alert.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.