公开(公告)号：US12143393B2

公开(公告)日：2024-11-12

申请号：US17582943

申请日：2022-01-24

Applicant: VMware LLC

Inventor： Karen Hayrapetyan ,  Sunitha Krishna ,  Nikash Walia ,  Margaret Petrus

IPC: H04L9/40 ,  G06F16/23 ,  G06N20/00 ,  H04L41/0813 ,  H04L41/12

Abstract: Systems and methods are described for recommending security groups using graph-based learning models. A server can create a network graph that illustrates network flows between devices in a network and security groups that the devices belong to. The network graph can include nodes that represent the devices and security groups. The server can apply a graph-based learning model to learn embeddings of the nodes and create vectors using the embeddings. Using vectors of two nodes, the server can calculate a vector that represents an edge between the two nodes. The server can apply a binary classifier determine whether the edge should exist. A “true” classification between two nodes can indicate that they should be able to communicate, and vice versa. A “true” classification between a device node and a security group node can indicate that the device should be assigned to the security group, and vice versa.