BIN 2022-Network Security (LOT 13185)

This lot is generally related to security of communication networks. Disclosed is a technique to monitor incoming traffic patterns to determine abnormality or deviation in the traffic and protect communication networks from intrusion. Disclosed is an intrusion detection system consisting of a network activity observer for monitoring network traffic, data packets and create data profiles of the monitored traffic elements. Also disclosed is a misuse detector for determining a first numerical indication of a probability, between 0 and 1 of the profiled traffic which indicates malicious activity. The system has an anomaly detector for determining a second numerical indication of a probability between 0 and 1 of the profiled traffic and a classifier which operates on the first and second numerical indications and generates a joint classification decision which indicates normal traffic or malicious or anomalous traffic. The technology may be implemented in network security systems, intrusion detection systems, network data management systems, etc.