Presented herein are techniques that use multiple neural networks and segmentation of the traffic to detect the presence of applications or business processes within a noisy mixture of network traffic. In addition, the techniques presented herein provide a novel way to detect unusual, bad intentioned, and/or malicious activity, which is also a “process”, using recurrent and convolutional neural networks. The learning outcome can potentially identify compromised network infrastructure devices and/or telemetry collectors.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.