公开(公告)号：US20190197397A1

公开(公告)日：2019-06-27

申请号：US15855781

申请日：2017-12-27

Applicant: Cisco Technology, Inc.

Inventor： Saurabh Verma ,  Gyana R. Dash ,  Shamya Karumbaiah ,  Arvind Narayanan ,  Manjula Shivanna ,  Sujit Biswas ,  Antonio Nucci

IPC: G06N3/08 ,  H04L12/24 ,  G06N3/04

CPC classification number: G06N3/08 ,  G06N3/04 ,  H04L41/12

Abstract: Sequences of computer network log entries indicative of a cause of an event described in a first type of entry are identified by training a long short-term memory (LSTM) neural network to detect computer network log entries of a first type. The network is characterized by a plurality of ordered cells Fi=(xi, ci-1, hi-1) and a final sigmoid layer characterized by a weight vector wT. A sequence of log entries xi is received. An hi for each entry is determined using the trained Fi. A value of gating function Gi(hi, hi-1)=II (wT(hi−hi-1)+b) is determined for each entry. II is an indicator function, b is a bias parameter. A sub-sequence of xi corresponding to Gi(hi, hi-1)=1 is output as a sequence of entries indicative of a cause of an event described in a log entry of the first type.

公开(公告)号：US10771488B2

公开(公告)日：2020-09-08

申请号：US15949198

申请日：2018-04-10

Applicant: Cisco Technology, Inc.

Inventor： Saurabh Verma ,  Manjula Shivanna ,  Gyana Ranjan Dash ,  Antonio Nucci

IPC: H04L29/06 ,  G06N3/08

Abstract: In one embodiment, a device receives sensor data from a plurality of nodes in a computer network. The device uses the sensor data and a graph that represents a topology of the nodes in the network as input to a graph convolutional neural network. The device provides an output of the graph convolutional neural network as input to a convolutional long short-term memory recurrent neural network. The device detects an anomaly in the computer network by comparing a reconstruction error associated with an output of the convolutional long short-term memory recurrent neural network to a defined threshold. The device initiates a mitigation action in the computer network for the detected anomaly.

公开(公告)号：US20190312898A1

公开(公告)日：2019-10-10

申请号：US15949198

申请日：2018-04-10

Applicant: Cisco Technology, Inc.

Inventor： Saurabh Verma ,  Manjula Shivanna ,  Gyana Ranjan Dash ,  Antonio Nucci

IPC: H04L29/06 ,  G06N3/08

Abstract: In one embodiment, a device receives sensor data from a plurality of nodes in a computer network. The device uses the sensor data and a graph that represents a topology of the nodes in the network as input to a graph convolutional neural network. The device provides an output of the graph convolutional neural network as input to a convolutional long short-term memory recurrent neural network. The device detects an anomaly in the computer network by comparing a reconstruction error associated with an output of the convolutional long short-term memory recurrent neural network to a defined threshold. The device initiates a mitigation action in the computer network for the detected anomaly.