Royal Bank of Canada
SYSTEMS AND METHODS OF ADAPTIVELY IDENTIFYING ANOMALOUS NETWORK COMMUNICATION TRAFFIC

Abstract:

Systems and methods for adaptively identifying anomalous network communication traffic. The system includes a processor and a memory coupled to the processor. The memory includes processor-executable instructions that configure the processor to: obtain data associated with a sequence of network communication events; determine that the sequence of communication events is generated by a computing agent based on a symmetricity measure associated with the sequence of network communication events; generate a threat prediction value for the sequence of network communication events prior-generated by the computing agent based on a combination of the symmetricity measure and a randomness measure associated with the network communication events; and transmit a signal for communicating that the sequence of network communication events is a potential malicious sequence of network communication events based on the threat prediction value.