US 11,870,790 B2
Network traffic detection with mitigation of anomalous traffic and/or classification of traffic
Richard A Compton, Highlands Ranch, CO (US)
Assigned to CHARTER COMMUNICATIONS OPERATING, LLC, St. Louis, MO (US)
Filed by Charter Communications Operating, LLC, St. Louis, MO (US)
Filed on Dec. 4, 2022, as Appl. No. 18/074,499.
Application 18/074,499 is a continuation of application No. 16/428,782, filed on May 31, 2019, granted, now 11,522,874.
Prior Publication US 2023/0094900 A1, Mar. 30, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04L 45/00 (2022.01); H04L 43/028 (2022.01); H04L 61/4511 (2022.01)
CPC H04L 63/1416 (2013.01) [H04L 43/028 (2013.01); H04L 45/70 (2013.01); H04L 63/10 (2013.01); H04L 63/1408 (2013.01); H04L 63/1425 (2013.01); H04L 63/20 (2013.01); H04L 61/4511 (2022.05); H04L 63/145 (2013.01); H04L 63/1458 (2013.01)] 4 Claims
OG exemplary drawing
 
1. A method comprising:
with at least one processor in a network, obtaining information regarding network traffic flows, the obtained information comprising traffic pattern information and packet destination information;
with the at least one processor in the network, generating a classification model based on the obtained traffic pattern information and packet destination information, the classification model comprising one or more classification rules for classifying network traffic as normal or anomalous, wherein the traffic pattern information used to generate the one or more classification rules of the classification model comprises atypical volumes of data to destinations outside of a given geographic area of a computer;
with the at least one processor in the network, classifying the network traffic as anomalous or normal based on the generated classification model; and
with the at least one processor in the network, initiating at least one mitigation action based on the network traffic being classified as anomalous.