摘要 |
Techniques comprise identifying and/or classifying malicious activity in a web services platform using machine learning techniques. Systems, methods, and computer readable mediums may cause one or more computing nodes to monitor first network traffic, generate network information based on the monitored first network traffic, train a machine learning algorithm based on at least a first portion of the generated network information, test the machine learning algorithm based on at least a second portion of the generated network information, generate a predictor using the trained and tested machine learning algorithm, and identify second network traffic as one or more of malicious activity and benign activity using the predictor. |
主权项 |
1. A method for classifying malicious activity in a web services platform using machine learning techniques, the method comprising:
monitoring, by one or more computing nodes, first network traffic having a first communication type; generating, by the one or more computing nodes, network statistics based on the monitored first network traffic; training, by the one or more computing nodes, a machine learning algorithm based on at least a first portion of the generated network statistics; testing, by the one or more computing nodes, the machine learning algorithm based on at least a second portion of the generated network statistics; generating, by the one or more computing nodes, a predictor using the trained and tested machine learning algorithm classifying the predictor based at least on the communication type of the first network traffic; identifying second network traffic as having the same communication type as the first communication type of the first network traffic; identifying, by the one or more computing nodes, the second network traffic as malicious activity using the predictor; classifying, by the one or more computing nodes, the malicious activity using the predictor; and remediating, by the one or more computing nodes, the malicious activity. |