| CPC G06F 11/0751 (2013.01) [H04L 41/06 (2013.01)] | 20 Claims |
|
1. A method comprising:
training one or more machine learning algorithms with data corresponding to one or more identified security threats associated with one or more edge devices to identify normal operational parameters of the one or more edge devices and to identify anomalous operational parameters of the one or more edge devices, wherein the data corresponding to the one or more identified security threats associated with the one or more edge devices comprises one or more of descriptions, effects and signs of the one or more identified security threats in the one or more edge devices, origins of the one or more identified security threats, and methods by which the one or more identified security threats are implemented in the one or more edge devices;
receiving data corresponding to operation of one or more edge devices, the data corresponding to the operation of the one or more edge devices comprising at least a request for access to the one or more edge devices;
analyzing the data using the one or more machine learning algorithms to determine whether the operation of the one or more edge devices is anomalous, wherein in determining whether the operation of the one or more edge devices is anomalous, the one or more machine learning algorithms determine whether the operation of the one or more edge devices deviates from identified normal operational parameters of the one or more edge devices and whether the deviations from the identified normal operational parameters of the one or more edge devices matches the identified anomalous operational parameters;
upon determining that the operation of the one or more edge devices is anomalous by the one or more machine learning algorithms, automatically triggering at least one action to control access to the one or more edge devices based on applying one or more policies to the request for access to the one or more edge devices of the data corresponding to the operation of the one or more edge devices;
iteratively computing accuracy of the one or more machine learning algorithms in determining whether the operation of the one or more edge devices is anomalous;
providing feedback to the one or more machine learning algorithms regarding the accuracy via a feedback loop;
iteratively re-training the one or more machine learning algorithms based at least in part on the accuracy provided via the feedback loop; and
iteratively adapting the one or more policies based at least in part on the accuracy provided via the feedback loop;
wherein the steps of the method are executed by a processing device operatively coupled to a memory.
|