DOE Patents title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Methods and systems for detecting abnormal digital traffic

Abstract

Aspects of the present invention encompass methods and systems for detecting abnormal digital traffic by assigning characterizations of network behaviors according to knowledge nodes and calculating a confidence value based on the characterizations from at least one knowledge node and on weighting factors associated with the knowledge nodes. The knowledge nodes include a characterization model based on prior network information. At least one of the knowledge nodes should not be based on fixed thresholds or signatures. The confidence value includes a quantification of the degree of confidence that the network behaviors constitute abnormal network traffic.

Inventors:
 [1];  [1]
  1. Kennewick, WA
Issue Date:
Research Org.:
Pacific Northwest National Laboratory (PNNL), Richland, WA (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1016398
Patent Number(s):
7908357
Application Number:
US Patent Application 11/231,565
Assignee:
Battelle Memorial Institute (Richland, WA)
Patent Classifications (CPCs):
H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
DOE Contract Number:  
AC05-76RLO1830
Resource Type:
Patent
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING

Citation Formats

Goranson, Craig A, and Burnette, John R. Methods and systems for detecting abnormal digital traffic. United States: N. p., 2011. Web.
Goranson, Craig A, & Burnette, John R. Methods and systems for detecting abnormal digital traffic. United States.
Goranson, Craig A, and Burnette, John R. Tue . "Methods and systems for detecting abnormal digital traffic". United States. https://www.osti.gov/servlets/purl/1016398.
@article{osti_1016398,
title = {Methods and systems for detecting abnormal digital traffic},
author = {Goranson, Craig A and Burnette, John R},
abstractNote = {Aspects of the present invention encompass methods and systems for detecting abnormal digital traffic by assigning characterizations of network behaviors according to knowledge nodes and calculating a confidence value based on the characterizations from at least one knowledge node and on weighting factors associated with the knowledge nodes. The knowledge nodes include a characterization model based on prior network information. At least one of the knowledge nodes should not be based on fixed thresholds or signatures. The confidence value includes a quantification of the degree of confidence that the network behaviors constitute abnormal network traffic.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Tue Mar 22 00:00:00 EDT 2011},
month = {Tue Mar 22 00:00:00 EDT 2011}
}