发明授权
US08874763B2 Methods, devices and computer program products for actionable alerting of malevolent network addresses based on generalized traffic anomaly analysis of IP address aggregates
有权
基于IP地址聚合的广义流量异常分析的方法,设备和计算机程序产品,用于可恶化的恶意网络地址的警报
- 专利标题: Methods, devices and computer program products for actionable alerting of malevolent network addresses based on generalized traffic anomaly analysis of IP address aggregates
- 专利标题(中): 基于IP地址聚合的广义流量异常分析的方法,设备和计算机程序产品,用于可恶化的恶意网络地址的警报
-
申请号: US12940432申请日: 2010-11-05
-
公开(公告)号: US08874763B2公开(公告)日: 2014-10-28
- 发明人: Willa Ehrlich , Ratna Chakka , Eric Fermon , David Hoeflin , Manuel Ortiz
- 申请人: Willa Ehrlich , Ratna Chakka , Eric Fermon , David Hoeflin , Manuel Ortiz
- 申请人地址: US GA Atlanta
- 专利权人: AT&T Intellectual Property I, L.P.
- 当前专利权人: AT&T Intellectual Property I, L.P.
- 当前专利权人地址: US GA Atlanta
- 代理机构: Myers Bigel Sibley & Sajovec
- 主分类号: G06F15/16
- IPC分类号: G06F15/16 ; H04L29/06 ; H04L12/24
摘要:
Methods for providing alerts in a network are disclosed. Some methods include collecting network traffic data corresponding to multiple subsets of network addresses during a predefined time interval. A suspect subset of the subsets of network addresses that corresponds to anomalous network activity may be identified based on the network traffic data and using at least one of multiple anomaly detection metrics. A source network address within the suspect subset of network addresses that corresponds to the anomalous network activity is identified. An alert corresponding to the source network address may be generated.
公开/授权文献
信息查询
