CPC G06F 21/552 (2013.01) [G06F 11/3027 (2013.01); G06F 11/349 (2013.01); G06F 21/554 (2013.01); G06F 21/556 (2013.01); G06F 21/85 (2013.01); G06N 3/044 (2023.01); G06N 3/045 (2023.01); G06N 3/08 (2013.01); G06N 3/088 (2013.01); G06N 5/045 (2013.01); G06N 7/01 (2023.01); H04L 12/40 (2013.01); H04L 12/40045 (2013.01); H04L 63/1416 (2013.01); H04L 63/1441 (2013.01); G06F 2221/034 (2013.01); H04L 67/12 (2013.01)] | 20 Claims |
1. A method for detecting anomalous data communicated over a data interface, the method comprising:
applying a first data package of a first data type received from a data interface as input to a first neural network;
generating, by the first neural network and based on the first data package, predicted data values for a subsequent data package of the first data type received from the data interface;
receiving, over the data interface, a subsequent data package of the first data type comprising real data values;
determining, based on a difference between the predicted data values and the real data values, a first deviation value for the first data type by comparing the real data values with the predicted data values;
applying the first deviation value with other deviation values corresponding to other data types as input to a second neural network; and
calculating, by the second neural network, a probability of an attack on the data interface by comparing the first deviation value to the other deviation values.
|