| CPC H04L 43/0817 (2013.01) [G06F 9/45558 (2013.01); G06F 18/214 (2023.01); H04L 41/0627 (2013.01); H04L 41/0631 (2013.01); H04L 43/065 (2013.01); G06F 2009/45575 (2013.01); G06F 2009/45595 (2013.01)] | 16 Claims |
|
1. A method of detecting states of a network, the method comprising:
generating, by one or more processors, at least a first model for detecting a current state of the network based on characteristics of a given virtual machine;
obtaining, by the one or more processors, time series data related to network parameters associated with the current state of the network based on the given virtual machine;
determining, by the one or more processors, that the current state of the network meets a predetermined state differing from a normal state of the network using at least the first model based on the time series data;
providing, by the one or more processors, an actionable notification in response to determining that the current state of the network meets the predetermined state differing from the normal state of the network; and
performing, by the one or more processors, an action in response to determining that the current state of the network meets the predetermined state differing from the normal state of the network, wherein the action comprises at least one of: restarting the network, changing security protocols, changing firewall rules, or stopping or slowing egress or ingress of traffic.
|