SYSTEMS AND METHODS FOR DETECTING ANOMALOUS BEHAVIOR IN INTERNET-OF-THINGS (IOT) DEVICES

Disclosed herein are systems and methods for detecting anomalous behavior (e.g., attacks) in devices within a network. In an exemplary aspect, a method includes intercepting a first plurality of packets being transmitted in a network with a plurality of devices; identifying, from the first plurality...

Full description

Saved in:
Bibliographic Details
Main Authors Protasov, Stanislav, Gysel, Philipp, Bell, Serg, Divakaran, Dinil Mon, Wüest, Candid
Format Patent
LanguageEnglish
Published 26.09.2024
Subjects
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:Disclosed herein are systems and methods for detecting anomalous behavior (e.g., attacks) in devices within a network. In an exemplary aspect, a method includes intercepting a first plurality of packets being transmitted in a network with a plurality of devices; identifying, from the first plurality of packets, a subset of packets corresponding to a device of the network; extracting a plurality of deterministic features from the subset of packets; calculating, based on the subset of packets, a risk score associated with the device based on a deviation of the features from a deterministic profile of the device, a first probability of the subset of packets exhibiting anomalous behavior based on a per-device model, and a second probability of the plurality of packets exhibiting anomalous behavior based on a network model; classifying anomalies into attack categories, and executing a remediation action to resolve anomalous behavior in the device.
Bibliography:Application Number: US202318186381