公开(公告)号：US12088633B2

公开(公告)日：2024-09-10

申请号：US17586936

申请日：2022-01-28

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Abhinesh Mishra ,  Gopal Gupta ,  Raghavendra Gopinath ,  Nirmal Rajarathnam

IPC: H04L9/40

CPC classification number: H04L63/205 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/1458

Abstract: The present disclosure describes dynamic intrusion detection and prevention in computer networks. The method includes generation of clusters of network sites based on a plurality of parameters related to operational features and network threats associated with the network sites. Data models are trained upon the clusters developed through the clustering. The data models are executed to predict a threat frequency of each network threat for each cluster. A difference between the predicted threat frequency of each network threat and corresponding baseline frequencies is determined. Dynamic rulesets are configured, based on the difference between the predicted threat frequency of each network threat and the corresponding baseline frequencies, for each cluster by integrating rules applicable to prevent each network threat.

公开(公告)号：US20240364722A1

公开(公告)日：2024-10-31

申请号：US18308857

申请日：2023-04-28

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Nirmal Rajarathnam ,  Navaneethan Venugopal ,  Bhagvan Cheeyandria

IPC: H04L9/40

CPC classification number: H04L63/1425 ,  H04L63/145 ,  H04L63/20

Abstract: A process includes prioritizing candidate network traffic flow profiles. The prioritization includes associating perception scores with respective candidate network traffic flow profiles. Each candidate network traffic flow profile is a member of a profile group of a plurality of profile groups. The process includes associating weights with respective profile groups of the plurality of categories. The process includes, responsive to a network traffic flow, identifying, by a traffic analysis engine, a first observed profile of the network traffic flow corresponding to a first candidate network traffic flow profile. The process includes, based on the perception score associated the first candidate network traffic flow profile and the weight associated with the profile group in which the first candidate network traffic flow profile is a member, determining a policy score; and selecting, by the network analysis engine, a policy to be applied to the network traffic flow based on the policy score.