The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Feb. 28, 2017
Filed:
Nov. 07, 2014
Arbor Networks, Inc., Burlington, MA (US);
David Watson, Ann Arbor, MI (US);
Lawrence B. Huston, III, Ann Arbor, MI (US);
James E. Winquist, Tpsilanti, MI (US);
Jeremiah Martell, Ann Arbor, MI (US);
Nicholas Scott, Ann Arbor, MI (US);
Arbor Networks, Inc., Burlington, MA (US);
Abstract
A method for network traffic characterization is provided. Flow data records are acquired associated with a security alert signature. Unidimensional traffic clusters are generated based on the acquired data. A Bloom filter is populated with the acquired flow data records. Clusters of interest are identified from the generated unidimensional traffic clusters. The identified clusters of interest are compressed into a compressed set. A determination is made whether a multidimensional processing of the acquired flow data needs to be performed based on a priority associated with the alert signature. A multidimensional lattice corresponding to the unidimensional traffic clusters is generated. The multidimensional lattice is traversed and for each multidimensional node under consideration a determination is made if the Bloom filter contains flow records matching the multidimensional node under consideration. A determination is made if the unidimensional node corresponding to the multidimentional node is included in the compressed set of unidimensional nodes.