| 发明名称 |
VECTOR-BASED ANOMALY DETECTION |
| 摘要 |
Methods of detecting anomalous behaviors associated with a fabric are presented. A network fabric can comprise many fungible networking nodes, preferably hybrid-fabric apparatus capable of routing general purpose packet data and executing distributed applications. A nominal behavior can be established for the fabric and represented by a baseline vector of behavior metrics. Anomaly detection criteria can be derived as a function of a variation from the baseline vector based on measured vectors of behavior metrics. Nodes in the fabric can provide a status for one or more anomaly criterion, which can be aggregated to determine if an anomalous behavior has occurred, is occurring, or is about to occur. |
| 申请公布号 |
US2016044055(A1) |
申请公布日期 |
2016.02.11 |
| 申请号 |
US201514887842 |
申请日期 |
2015.10.20 |
| 申请人 |
Nant Holdings IP, LLC |
发明人 |
Wittenschlaeger Thomas |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of detecting anomalous behavior of a network fabric, comprising:
determining a baseline vector corresponding to nominal behavior of a fabric, the baseline vector comprising at least two correlated behavior metrics; disaggregating anomaly detection criteria into a plurality of anomaly criterion to be distributed among nodes of the fabric, the anomaly detection criteria characterizing a variation from the baseline vector; aggregating anomaly criterion statuses calculated by at least some of the nodes to detect anomalous behavior; and notifying a manager of the fabric anomalous behavior. |
| 地址 |
Culver City CA US |
