| CPC H04L 63/20 (2013.01) [G06N 20/00 (2019.01); H04L 63/0245 (2013.01); H04L 63/1425 (2013.01); H04L 63/1433 (2013.01); H04L 63/1441 (2013.01)] | 14 Claims |
|
1. A computer-implemented method, comprising:
receiving one or more ingress data packets from a client device or a user in a network;
obtaining attributes, via packet inspection, from the one or more ingress data packets;
determining one or more embedding vectors from the attributes, wherein the one or more embedding vectors represent a status of a session during which the ingress data packets are obtained;
transmitting the one or more embedding vectors as inputs to a trained machine learning model, wherein the machine learning model is trained using a first training dataset that indicates respective mappings of embedding vectors to security policies and a second training dataset generated based on incorrectly determined or incorrectly mapped security policies by the machine learning model; and
inferring, using the trained machine learning model, one or more security policies based on the embedding vectors; and
providing or implementing the one or more security policies.
|