METHOD FOR DETECTING NORMAL REACTIONS OF COMPUTER NETWORK NODES TO NETWORK PACKETS RELATED TO UNKNOWN TRAFFIC Russian patent published in 2023 - IPC G06F21/60 H04L47/80 G06N20/00 

FIELD: computer engineering.

SUBSTANCE: method includes the following steps: transfer of the intercepted network packets to the packet grouping tool and issuance of network packets divided into groups for transferring them to the classification tool, issuing delimited fields of network packet headers for transferring them to the clustering tool, issuing types of delimited fields for transmission them to a device for determining the roles of computer network nodes, issuing node roles, recording the address data of computer network nodes in the interface cattalo, recording signals, including roles, node address data and semantic fields of network packet headers, in the signal dictionary, forming a validation sample and for transmission to simulating agents, issuing responses to validation set signals; assignment of responses to signals that do not belong to the validation sample to normal reactions of computer network nodes to network packets, if the reactions of agents to the signals of the validation sample coincide with the expected reactions.

EFFECT: revealing normal reactions of computer network nodes to network packets related to unknown traffic.

12 cl, 6 dwg