首页> 外国专利> DYNAMIC DEEP PACKET INSPECTION FOR ANOMALY DETECTION

DYNAMIC DEEP PACKET INSPECTION FOR ANOMALY DETECTION

机译：动态深层检测，异常检测

页面导航

摘要
著录项
相似文献

摘要

In one embodiment, a device in a network captures a first set of packets based on first packet capture criterion. The captured first set of packets is provided for deep packet inspection and anomaly detection. The device receives a second packet capture criterion that differs from the first packet capture criterion. The device captures a second set of packets based on the second packet capture criterion. The device provides the captured second set of packets for deep packet inspection and anomaly detection. The anomaly detection of the captured first and second sets of packets is performed by a machine learning-based anomaly detector configured to generate anomaly detection results based in part on one or more traffic metrics gathered from the network and based further in part on deep packet inspection results of packets captured in the network.

机译：在一个实施例中，网络中的设备基于第一分组捕获标准来捕获第一分组集合。提供捕获的第一组数据包以进行深度数据包检查和异常检测。设备接收与第一分组捕获标准不同的第二分组捕获标准。设备基于第二分组捕获标准来捕获第二分组集合。设备提供捕获的第二组数据包，用于深度数据包检查和异常检测。捕获的第一和第二组数据包的异常检测由基于机器学习的异常检测器执行，该异常检测器配置为部分基于从网络收集的一个或多个流量指标并进一步部分基于深度数据包检查来生成异常检测结果网络中捕获的数据包的结果。

著录项

公开/公告号US2017099310A1

专利类型
公开/公告日2017-04-06

原文格式PDF
申请/专利权人 CISCO TECHNOLOGY INC.;
展开▼

申请/专利号US201514874594
发明设计人 JAVIER CRUZ MOTA;ANDREA DI PIETRO;JEAN-PHILIPPE VASSEUR;
展开▼

申请日2015-10-05
分类号H04L29/06;
国家 US
入库时间 2022-08-21 13:45:38

相似文献

专利
外文文献
中文文献