US 12,149,550 B2
Systems and methods of network security anomaly detection
Mark Rahmes, Melbourne, FL (US); Kevin Fox, Palm Bay, FL (US); Robert Konczynski, Melbourne, FL (US); Ziad Chaudhry, Melbourne, FL (US); Kusay Rukieh, Seffner, FL (US); Jody Flieder, West Melbourne, FL (US); and Macaulay Osaisai, Rockledge, FL (US)
Assigned to L3Harris Technologies, Inc., Melbourne, FL (US)
Filed by L3Harris Technologies, Inc., Melbourne, FL (US)
Filed on Dec. 8, 2021, as Appl. No. 17/545,594.
Prior Publication US 2023/0179616 A1, Jun. 8, 2023
Int. Cl. G06F 21/00 (2013.01); G06N 7/01 (2023.01); H04L 9/40 (2022.01)
CPC H04L 63/1425 (2013.01) [G06N 7/01 (2023.01)] 25 Claims
OG exemplary drawing
 
25. A non-transitory computer-readable storage medium, comprising one or more programs for executing a model of detecting network security anomalies in a network of interconnected devices by use of a variational autoencoder, wherein the model is configured to:
receive device status information from at least a plurality of the devices in the network;
optimize the received device status information by use of the variational autoencoder;
determine or enable a user to determine whether the device status information qualifies as an anomaly that requires a response;
preprocess the device status information prior to optimizing the device status information via an image gradient sobel edge detector; and
return a floating-point edge metric via the image gradient sobel edge detector.