-
公开(公告)号:EP3140975B1
公开(公告)日:2020-04-15
申请号:EP15724413.8
申请日:2015-04-30
-
公开(公告)号:EP3090586B1
公开(公告)日:2020-02-05
申请号:EP14833619.1
申请日:2014-12-30
-
3.发明公开DISTRIBUTED TRAINING OF A MACHINE LEARNING MODEL USED TO DETECT NETWORK ATTACKS 审中-公开分布式训练机器学习模型确定网络攻击
公开(公告)号:EP3092776A1
公开(公告)日:2016-11-16
申请号:EP15701265.9
申请日:2015-01-05
CPC分类号: G06N99/005 , G06F21/577 , G06N3/0454 , G06N3/08 , G06N3/084 , H04L63/1425 , H04L63/1458
摘要: A machine learning model is to be trained by a plurality of devices in a network. A set of training devices are identified, with each of the training devices having a local set of training data. An instruction is then sent to each of the training devices that is configured to cause a training device to receive model parameters from a first training device in the set, use the parameters with at least a portion of the local set of training data to generate new model parameters, and forward the new model parameters to a second training device in the set. Model parameters from the training devices are also received that have been trained using a global set of training data that includes the local sets of training data on the training devices. Machine learning (e.g., artificial neural networks) is used to detect attacks on networks (e.g., DoS, Denial of service in Low Power and Lossy Network, LLN).
-
公开(公告)号:EP3172885A1
公开(公告)日:2017-05-31
申请号:EP15747882.7
申请日:2015-07-21
IPC分类号: H04L29/06
CPC分类号: H04L63/1416 , H04L63/1408 , H04L63/1441 , H04L63/1458
摘要: In one embodiment, a device in a network identifies a set of traffic flow records that triggered an attack detector. The device selects a subset of the traffic flow records and calculates aggregated metrics for the subset. The device provides the aggregated metrics for the subset to the attack detector to generate an attack detection determination for the subset of traffic flow records. The device identifies one or more attack traffic flows from the set of traffic flow records based on the attack detection determination for the subset of traffic flow records.
摘要翻译: 在一个实施例中,网络中的设备识别触发攻击检测器的一组业务流记录。 设备选择流量记录的一个子集并计算子集的聚合度量。 设备将该子集的聚合度量提供给攻击检测器以生成针对业务流记录的子集的攻击检测确定。 该设备基于对业务流记录的子集的攻击检测确定来识别来自该组业务流记录的一个或多个攻击业务流。
-
5.发明公开DISTRIBUTED VOTING MECHANISM FOR ATTACK DETECTION 审中-公开VERTEILTERWÄHLMECHANISMUSFÜRANGRIFFSERKENNUNG
公开(公告)号:EP3140975A1
公开(公告)日:2017-03-15
申请号:EP15724413.8
申请日:2015-04-30
摘要: In one embodiment, a network node receives a voting request from a neighboring node that indicates a potential network attack. The network node determines a set of feature values to be used as input to a classifier based on the voting request. The network node also determines whether the potential network attack is present by using the set of feature values as input to the classifier. The network node further sends a vote to the neighboring node that indicates whether the potential network attack was determined to be present.
摘要翻译: 在一个实施例中,网络节点从指示潜在网络攻击的相邻节点接收投票请求。 网络节点基于投票请求确定要用作分类器的输入的一组特征值。 网络节点还通过使用一组特征值作为分类器的输入来确定潜在的网络攻击是否存在。 网络节点进一步向相邻节点发送表示是否确定潜在网络攻击存在的投票。
-
6.发明公开DESIGNATING A VOTING CLASSIFIER USING DISTRIBUTED LEARNING MACHINES 审中-公开ZUWEISUNG EINER ABSTIMMUNGSKLASSIERES MIT VERTEILTEN LERNMASCHINEN
公开(公告)号:EP3140956A1
公开(公告)日:2017-03-15
申请号:EP15721963.5
申请日:2015-04-29
IPC分类号: H04L12/24 , H04L12/16 , H04L12/26 , H04L29/08 , G07C13/00 , G06Q10/10 , H04K3/00 , H04L29/06 , H04W12/12
摘要: In one embodiment, possible voting nodes in a network are identified. The possible voting nodes each execute a classifier that is configured to select a label from among a plurality of labels based on a set of input features. A set of one or more eligible voting nodes is selected from among the possible voting nodes based on a network policy. Voting requests are then provided to the one or more eligible voting nodes that cause the one or more eligible voting nodes to select labels from among the plurality of labels. Votes are received from the eligible voting nodes that include the selected labels and are used to determine a voting result.
摘要翻译: 在一个实施例中,识别网络中的可能的投票节点。 可能的投票节点每个执行分类器,其被配置为基于一组输入特征从多个标签中选择标签。 基于网络策略从可能的投票节点中选择一组或多个合格投票节点。 然后将投票请求提供给一个或多个符合条件的投票节点,导致一个或多个合格投票节点从多个标签中选择标签。 从包括所选标签的合格投票节点收到投票,并用于确定投票结果。
-
7.发明公开DISTRIBUTED TRAINING OF A MACHINE LEARNING MODEL TO DETECT NETWORK ATTACKS IN A COMPUTER NETWORK 审中-公开分布式训练机器学习模型确定网络攻击的计算机网络
公开(公告)号:EP3092742A1
公开(公告)日:2016-11-16
申请号:EP15700405.2
申请日:2015-01-05
CPC分类号: G06N99/005 , G06N3/0454 , G06N3/08 , G06N3/084 , H04L41/142 , H04L41/16 , H04L43/10 , H04L63/14 , H04L63/1408 , H04L63/1416
摘要: In one embodiment, a first data set is received by a network device that is indicative of the statuses of a plurality of network devices when a type of network attack is not present. A second data set is also received that is indicative of the statuses of the plurality of network devices when the type of network attack is present. At least one of the plurality simulates the type of network attack by operating as an attacking node. A machine learning model is trained using the first and second data set to identify the type of network attack. A real network attack is then identified using the trained machine learning model.
-
-
-
-
-
-
搜索结果
12 条记录 (耗时 0.014 秒)
