Bank of America Corporation
NETWORK SECURITY INTRUSION DETECTION

Abstract:

An intrusion detection system that includes a tree builder engine configured to receive HyperText Transfer Protocol (HTTP) data and to convert the HTTP data into a data tree object that links field values from the HTTP data. The system further includes a feature extractor engine configured to identify a field value from the data object tree and to determine a set of feature values for the field value corresponding with input features for the neural network model. The system further includes a neural network engine configured to apply the determined set of feature values to the neural network model to generate an attack vector array. The attack vector array includes flag bits that each correspond with an attack type. the system further includes an intrusion analyzer engine configured to trigger an event in response to determining that at least one flag bit is set.