发明名称 |
NETWORK ANOMALY DETECTION |
摘要 |
Examples relate to detecting network anomalies. In one example, a computing device may: receive, from each of a plurality of packet capture devices of a private network, domain name system (DNS) query packets that were sent by a particular client computing device operating on the private network, each DNS query packet specifying i) a destination DNS server, ii) a query domain name, and iii) a source address that specifies the particular client computing device; provide at least one of the DNS query packets to a DNS traffic analyzer that is trained to identify DNS anomalies based on characteristics of the DNS query packets; receive anomaly output from the DNS traffic analyzer, the anomaly output indicating a DNS anomaly that was identified for the DNS query packets; and in response to receiving the anomaly output, provide a user device with data specifying the identified DNS anomaly. |
申请公布号 |
WO2016164050(A1) |
申请公布日期 |
2016.10.13 |
申请号 |
WO2015US25454 |
申请日期 |
2015.04.10 |
申请人 |
HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP |
发明人 |
ARNELL, Simon, Ian;CASASSA MONT, Marco;GRAVES, David Andrew;REYNOLDS, Edward;SAUNDERS, Niall, Lawrence |
分类号 |
H04L12/26;H04L29/06 |
主分类号 |
H04L12/26 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|