Skip to Content
Find More Like This
Return to Search


United States Patent Application

View the Complete Application at the US Patent & Trademark Office
Oak Ridge National Laboratory - Visit the Partnerships Directorate Website
A computer implemented method detects intrusions using a computer by analysing network traffic. The method includes a semi-supervised learning module connected to a network node. The learning module uses labeled and unlabeled data to train a semi-supervised machine learning sensor. The method records events that include a feature set made up of unauthorized intrusions and benign computer requests. The method identifies at least some of the benign computer requests that occur during the recording of the events while treating the remainder of the data as unlabeled. The method trains the semi-supervised learning module at the network node in-situ, such that the semi-supervised learning modules may identify malicious traffic without relying on specific rules, signatures, or anomaly detection.
Symons, Christopher T. (Oak Ridge, TN), Beaver, Justin M. (Oak Ridge, TN), Gillen, Rob (Oak Ridge, TN), Potok, Thomas E. (Oak Ridge, TN)
14/ 468,000
August 25, 2014
STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH AND DEVELOPMENT [0002] The invention was made with United States government support under Contract No. DE-AC05-00OR22725 awarded by the United States Department of Energy. The United States government has certain rights in the invention.