公开(公告)号：US20200044927A1

公开(公告)日：2020-02-06

申请号：US16051001

申请日：2018-07-31

Applicant: Splunk Inc.

Inventor： George Apostolopoulos ,  Zhuxuan Jin

IPC: H04L12/24 ,  H04L29/06 ,  H04L29/08 ,  G06K9/62 ,  H04L12/26

Abstract: One or more embodiments are directed behavioral based device clustering. A network traffic log of devices in the network is received. Features of devices are extracted from the network traffic log and aggregated into an aggregated feature matrix on a per device basis. By applying a topic modeling algorithm to the aggregated feature matrix, the devices are clustered into device groups according to behavior groups. A device is assigned to the device group to create an assignment.