-
公开(公告)号:EP3719685A1
公开(公告)日:2020-10-07
申请号:EP20167836.4
申请日:2020-04-02
申请人: Deutsche Telekom AG
发明人: COHEN, Dvir , SHABTAI, Asaf , ELOVICI, Yuval , MIRSKY, Yisroel Avraham , PUZIS, Rami , MARTIN, Tobias , KAMP, Manuel
摘要: A system for analyzing and clustering darknet traffic streams with word embeddings, comprising a data processing module which collects packets that are sent to non-existing IP addresses that belong to darknet's taps (blackholes) that are deployed over the internet; a port embedding module for performing port sequence embeddings by using a word embedding algorithm on the port sequences extracted from the data processing module while transforming the port sequences into a meaningful numerical feature vectors; a clustering module for performing temporal clustering of the feature vectors over time; and an alert logic and visualization module visualizes the data and provides alerts regarding a cluster that an analyst classified as malicious in the past.
搜索结果
1 条记录 (耗时 0.009 秒)
筛选
AND
AND
过滤
NOT
NOT
扫码加群
