Intrusion detection in communication networks

Marko Määttä (Inventor), Tomi Räty (Inventor), Tapio Taipale (Inventor), Jouko Sankala (Inventor)

Research output: PatentPatent

Abstract

An intrusion detection arrangement (101) for communication networks comprising a network activity observer (102) configured to monitor network traffic by the related traffic elements, such as data packets, thereof and to establish traffic profiles relative to the monitored traffic elements, such as one profile per each monitored traffic element, a misuse detector (104) configured to determine a first indication of a probability of the profiled traffic representing malicious activity through co-operation with a model repository (106) comprising at least one model characterizing a known intrusion attack, an anomaly detector (108) configured to determine, at least logically in parallel with the misuse detector, a second indication of a probability of the profiled traffic representing anomalous activity through cooperation with a model repository (110) comprising at least one model characterizing legitimate network activity, and a classifier (112) configured to operate on said first and second indications to generate a classification decision on the nature of the profiled traffic, wherein the applied classification space includes at least one class for legitimate traffic and at least one other class for other traffic such as malicious and/or anomalous traffic. A corresponding method is presented.

Patent family as of 16.9.2021
DE602010054478 D1 20181115 DE201060054478T 20101222      
EP2517437 A1 20121031 EP20100838760 20101222      
EP2517437 A4 20131023 EP20100838760 20101222      
EP2517437 B1 20181017 EP20100838760 20101222      
FI20096394 A0 20091223 FI20090006394 20091223      
US2012278890 AA 20121101 US20100517247 20101222      
US8839430 BB 20140916 US20100517247 20101222      
WO11077013 A1 20110630 WO2010FI51082 20101222

Link to current patent family on right 

Original languageEnglish
Patent numberEP2517437
IPCH04L 12/ 26 A I
Priority date22/12/10
Publication statusPublished - 31 Oct 2012
MoE publication typeH1 Granted patent

Fingerprint

Dive into the research topics of 'Intrusion detection in communication networks'. Together they form a unique fingerprint.

Cite this