System and method for network intrusion detection using a neural network implemented by a local computing system

Abstract

A method includes intercepting requests. The requests are analyzed to identify authenticated requests. Remaining requests are identified as suspicious requests. The suspicious requests are grouped into request groups based on respective geolocation information. A first rate of requests is determined for a first request group. In response to determining that the first rate of requests is less than or equal to a request rate threshold, parameters of a first suspicious request of the first request group are analyzed to determining values of the parameters. In response to determining that the values of the parameters are not within respective acceptable parameter value ranges, the first suspicious request is analyzed using a neural network to identify if the first suspicious request is legitimate or malicious. In response to identifying that the first suspicious request is malicious, a first notification indicating that the first suspicious request is identified as malicious is send.

CPC Classifications