The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Mar. 12, 2019
Filed:
Oct. 09, 2015
Cisco Technology, Inc., San Jose, CA (US);
Martin Kopp, Jivina, CZ;
Tomas Pevny, Modrany, CZ;
CISCO TECHNOLOGY, INC., San Jose, CA (US);
Abstract
In an embodiment, the method comprises receiving an identification of an anomaly associated with a false positive identification of a security threat by the intrusion detection system, wherein a first set of feature data identifies features of the anomaly; creating a plurality of training sets each comprising identifications of a plurality of samples of network communications; for the anomaly and each training set of the plurality of training sets, training a decision tree that is stored in digital memory of the security analysis computer; based at least in part on the plurality of trained decision trees, extracting a set of features that distinguish the anomaly from the plurality of samples; generating one or more rules associated with the anomaly from the extracted set of features and causing programming the security analysis computer with the one or more rules.