Abstract
A network apparatus of a communication system classifies (201) traffic flows containing packets based on packet features. The network apparatus provides (202) a copy of a packet contained in a traffic flow to a cluster node, and controls the cluster node to select (203) at least one detector node based on the features of the packet and to forward (204) said copy to the selected detector node to find out based on said copy whether the packet is malicious or not. In response to receiving (207) from the detector node a flow indication on the traffic flow, the network apparatus controls (209) a switch node to perform (210) at least one flow control action on the traffic flow, the action including one or more of flow removal, flow modification and flow installation.
| Original language | English |
|---|---|
| Patent number | EP3282665 |
| IPC | H04W 12/ 12 A I |
| Priority date | 10/08/2016 |
| Publication status | Published - 14 Feb 2018 |
| MoE publication type | H1 Granted patent |