METHOD AND NETWORK NODE FOR DETECTING ANOMALOUS ACCESS BEHAVIOURS

METHOD AND NETWORK NODE FOR DETECTING ANOMALOUS ACCESS BEHAVIOURS

Embodiments of the present disclosure provide a method, a network node, and a computer program product for detecting anomalous access behaviours in a plurality of network nodes in a communication network. The method is performed in a network in the communication network. The method includes obtainin...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: JAYARAMAN, Mahesh Babu, PADMANABHAN, Kavita
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
WIRELESS COMMUNICATIONS NETWORKS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Embodiments of the present disclosure provide a method, a network node, and a computer program product for detecting anomalous access behaviours in a plurality of network nodes in a communication network. The method is performed in a network in the communication network. The method includes obtaining session logs associated with the plurality of network nodes in the communication network. The method includes extracting session features for each session by evaluating the session logs associated with the plurality of network nodes. Further, the method includes determining access behaviours associated with each session based on the extracted session features, the access behaviours associated with each session including a representation indicative of one or more of session characteristics, user access characteristics, network node access characteristics and command usage characteristics. The method further includes detecting (S14) anomalous access behaviours by analysing the determined access behaviours.