FOUNDATIONAL MODEL FOR NETWORK PACKET TRACES

Organization Name

INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor(s)

MUDHAKAR Srivatsa of White Plains NY (US)

Davis Wertheimer of White Plains NY (US)

Franck Vinh Le of West Palm Beach FL (US)

Utpal Mangla of Toronto (CA)

SATISHKUMAR Sadagopan of Leawood KS (US)

Mathews Thomas of Flower Mound TX (US)

Dinesh C. Verma of New Castle NY (US)

FOUNDATIONAL MODEL FOR NETWORK PACKET TRACES - A simplified explanation of the abstract

This abstract first appeared for US patent application 18048059 titled 'FOUNDATIONAL MODEL FOR NETWORK PACKET TRACES

Simplified Explanation

The patent application describes a technique for using a foundational model for network packet traces, involving extracting features from network traffic, generating tokens from the features, training a machine learning model to output contextual embeddings for the tokens, and using these embeddings to detect anomalies in the network traffic.

• Features are extracted from network traffic.
• Tokens are generated from the features.
• A machine learning model is trained to output contextual embeddings for the tokens.
• Contextual embeddings are used to detect anomalies in the network traffic.

Potential Applications

This technology could be applied in network security systems to detect and prevent cyber attacks, in network monitoring tools to identify performance issues, and in network optimization solutions to improve overall network efficiency.

Problems Solved

This technology helps in identifying anomalies in network traffic, enhancing network security, improving network performance, and optimizing network operations.

Benefits

The benefits of this technology include enhanced network security, improved network performance, proactive anomaly detection, and efficient network operations.

Potential Commercial Applications

The potential commercial applications of this technology include network security software, network monitoring tools, network optimization solutions, and cybersecurity services.

Possible Prior Art

One possible prior art could be the use of machine learning models for anomaly detection in network traffic, but the specific approach of using contextual embeddings from tokens extracted from network traffic features may be novel.

Unanswered Questions

How does this technique handle encrypted network traffic?

The abstract does not mention how the technique deals with encrypted network traffic and whether it can still extract features and detect anomalies in such data.

What is the computational overhead of implementing this technique in a real-world network environment?

The abstract does not provide information on the computational resources required to implement this technique in a production network environment and whether it could impact network performance.

Original Abstract Submitted

Embodiments related to using a foundational model for network packet traces. A technique includes receiving network traffic of a network and extracting features from the network traffic, the features having a function related to communications in the network. The technique includes generating tokens from the features, each of the features corresponding to a respective one of the tokens, training a machine learning model by inputting the tokens, the machine learning model being trained to output contextual embeddings for the tokens, and using the contextual embeddings to determine an anomaly in the network traffic.