发明名称 |
HIERARCHICAL ATTACK DETECTION IN A NETWORK |
摘要 |
In one embodiment, a device in a network identifies a set of traffic flow records that triggered an attack detector. The device selects a subset of the traffic flow records and calculates aggregated metrics for the subset. The device provides the aggregated metrics for the subset to the attack detector to generate an attack detection determination for the subset of traffic flow records. The device identifies one or more attack traffic flows from the set of traffic flow records based on the attack detection determination for the subset of traffic flow records. |
申请公布号 |
WO2016014458(A1) |
申请公布日期 |
2016.01.28 |
申请号 |
WO2015US41238 |
申请日期 |
2015.07.21 |
申请人 |
CISCO TECHNOLOGY, INC. |
发明人 |
DI PIETRO, ANDREA;VASSEUR, JEAN-PHILLIPPE;CRUZ MOTA, JAVIER |
分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|