The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Feb. 28, 2023
Filed:
May. 29, 2020
Morgan State University, Baltimore, MD (US);
Wondimu K. Zegeye, Baltimore, MD (US);
Richard A. Dean, Baltimore, MD (US);
Farzad Moazzami, Baltimore, MD (US);
Morgan State University, Baltimore, MD (US);
Abstract
Disclosed herein are methods and systems that apply a multi-layer Hidden Markov Model (HMM) for intrusion detection. The methods and systems employ a dimension reduction technique to extract only important features from network packet data and apply a decomposition algorithm to lower levels of data to construct lower level HMMs (representing partial solutions), which lower level HMMs are then combined to form a final, global solution. The multi-layer approach can be expanded beyond the exemplary case of 2 layers in order to capture multi-phase attacks over longer spans of time. A pyramid of HMMs can resolve disparate digital events and signatures across protocols and platforms to actionable information where lower layers identify discrete events (such as network scan) and higher layers identify new states which are the result of multi-phase events of the lower layers.