Invention Grant
- Patent Title: Security threat detection based on network flow analysis
-
Application No.: US17220553Application Date: 2021-04-01
-
Publication No.: US11991187B2Publication Date: 2024-05-21
- Inventor: Tejas Sanjeev Panse , Santhanakrishnan Kaliya Perumal , Aditi Vutukuri , Margaret Petrus
- Applicant: VMware LLC
- Applicant Address: US CA Palo Alto
- Assignee: VMware LLC
- Current Assignee: VMware LLC
- Current Assignee Address: US CA Palo Alto
- Agency: Quarles & Brady LLP
- Main IPC: H04L29/06
- IPC: H04L29/06 ; H04L9/40

Abstract:
Some embodiments provide a method for identifying security threats to a datacenter. From multiple host computers in the datacenter, the method receives attribute sets for multiple flows. Each respective attribute set for a respective flow includes at least (i) a source identifier for the respective flow and (ii) an indicator as to whether the respective flow is indicative of the source of the respective flow being a security threat. For each of multiple source identifiers, the method aggregates the received attribute sets to generate an aggregate attribute set for the source identifier that includes a combined measurement of security threat indicators. For a particular source identifier, the method adjusts a security threat likelihood score for the source corresponding to the particular source identifier based on the combined measurement of security threat indicators for the source identifier.
Public/Granted literature
- US20220239675A1 SECURITY THREAT DETECTION BASED ON NETWORK FLOW ANALYSIS Public/Granted day:2022-07-28
Information query