公开(公告)号：US12101339B2

公开(公告)日：2024-09-24

申请号：US17403213

申请日：2021-08-16

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Madhusoodhana Chari Sesha ,  Ramasamy Apathotharanan ,  Shree Phani Sundara Banavathi Narayana Sastry ,  Priyanka Chandrashekar Bhat ,  Venkatesh Madi ,  Srinidhi Hari Prasad ,  Azath Abdul Samadh ,  Kumar Suresh ,  Manjunath Rajendra Batakurki ,  Madhumitha Rajamohan ,  Ganesh Pagoti ,  Sriram Mahadeva ,  Karthik Arumugam ,  Harish Ramachandran ,  Fahad Kameez

IPC: H04L29/06 ,  G06F18/214 ,  G06N20/00 ,  H04L9/40

CPC classification number: H04L63/1416 ,  G06F18/214 ,  G06N20/00 ,  H04L63/0876 ,  H04L63/1425 ,  H04L63/1466 ,  H04L63/20

Abstract: Some examples relate to classifying IoT malware at a network device. An example includes receiving, by a network device, network traffic from an Internet of Things (IoT) device. Network device may analyze network parameters from the network traffic with a machine learning model. In response to analyzing, network device may classify the network traffic into a category of malware activity. Network device may determine an effectiveness of network traffic classification by measuring a deviation of the network parameters from previously trained network parameters that were used for training the machine learning model. In response to a determination that the deviation of the network parameters from the trained network parameters is more than a pre-defined threshold, network device may generate an alert highlighting the deviation, which allows a user to perform a remedial action pertaining to the IoT device.

公开(公告)号：US20240303511A1

公开(公告)日：2024-09-12

申请号：US18179137

申请日：2023-03-06

Applicant: Hewlett Packard Enterprise Development LP

Inventor： MADHUSOODHANA CHARI SESHA ,  Ramasamy Apathotharanan ,  Sumangala Bannur Subraya ,  Madhumitha Rajamohan ,  Azath Abdul Samadh ,  Chirag Dineshkumar Shah

IPC: G06N5/025 ,  G06F18/24 ,  H04L43/026

CPC classification number: G06N5/025 ,  G06F18/24765 ,  H04L43/026

Abstract: Systems and methods are provided for classifying network traffic flows across a network. Specifically, the network traffic flows are classified under a fully-segmented ruleset, wherein the fully segmented ruleset was generated by training a decision tree machine learning (“ML”) algorithm with a training dataset, and wherein each item of the training dataset satisfies the complete rule pathway to different leaf nodes of the fully segmented ruleset. Classification under a fully-segmented ruleset allowing for capture of idiosyncratic patterns specific to a given malicious source of network traffic flows. Further, systems and methods are provided allowing for a user to designate network traffic flows for classification of network traffic flows at different network devices, wherein the classification at different network devices may allow for more computationally intensive classification.