公开(公告)号：US11496492B2

公开(公告)日：2022-11-08

申请号：US16540969

申请日：2019-08-14

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Unum Sarfraz ,  Mohan Parthasarathy ,  Brijesh Nambiar ,  Min-Yi Shen ,  Viswesh Ananthakrishnan

IPC: G06F21/00 ,  H04L9/40

Abstract: Systems and methods are provided for managing false positives in a network anomaly detection system. The methods may include receiving a plurality of anomaly reports; extracting fields, and values for the fields, from each of the anomaly reports; grouping the anomaly reports into a plurality of groups according to association rule learning, wherein each group is defined by a respective rule; for each group, creating a cluster based on common values for the fields; and marking each cluster as a possible false positive anomaly cluster.