SYSTEM AND PROCESS FOR DETECTING ANOMALOUS NETWORK TRAFFIC
    1.
    发明申请
    SYSTEM AND PROCESS FOR DETECTING ANOMALOUS NETWORK TRAFFIC 审中-公开
    用于检测异常网络流量的系统和过程

    公开(公告)号:US20100138919A1

    公开(公告)日:2010-06-03

    申请号:US12513501

    申请日:2007-11-02

    IPC分类号: G06F21/00 G06F15/173

    摘要: A process for detecting anomalous network traffic in a communications network, the process including: generating reference address distribution data representing a statistical distribution of source addresses of packets received over a first time period, the received packets being considered to represent normal network traffic; generating second address distribution data representing a statistical distribution of source addresses of packets received over a second time period; and determining whether the packets received over the second time period represent normal network traffic on the basis of a comparison of the second address distribution data and the reference address distribution data.

    摘要翻译: 一种用于检测通信网络中的异常网络业务的过程,所述过程包括:产生表示在第一时间段内接收的分组的源地址的统计分布的参考地址分布数据,所接收的分组被认为是表示正常网络业务; 生成表示在第二时间段内接收的分组的源地址的统计分布的第二地址分布数据; 并且基于所述第二地址分配数据与所述参考地址分布数据的比较来确定在所述第二时间段中接收到的分组是否表示正常网络业务。