基本信息:
- 专利标题: SYSTEMS AND METHODS FOR CLASSIFYING SECURITY EVENTS AS TARGETED ATTACKS
- 专利标题(中):将安全事件分类为有针对性的攻击的系统和方法
- 申请号:PCT/US2015/055228 申请日:2015-10-13
- 公开(公告)号:WO2016061038A1 公开(公告)日:2016-04-21
- 发明人: ROUNDY, Kevin Alejandro , BHATKAR, Sandeep
- 申请人: SYMANTEC CORPORATION
- 申请人地址: 350 Ellis Street Mountain View, California 94043 US
- 专利权人: SYMANTEC CORPORATION
- 当前专利权人: SYMANTEC CORPORATION
- 当前专利权人地址: 350 Ellis Street Mountain View, California 94043 US
- 代理机构: LEE, Jonathan R.
- 优先权: US14/513,804 20141014
- 主分类号: G06F21/55
- IPC分类号: G06F21/55
摘要:
The disclosed computer-implemented method for classifying security events as targeted attacks may include (1) detecting a security event in connection with at least one organization, (2) comparing the security event against a targeted-attack taxonomy that identifies a plurality of characteristics of targeted attacks, (3) determining that the security event is likely targeting the organization based at least in part on comparing the security event against the targeted-attack taxonomy, and then in response to determining that the security event is likely targeting the organization, (4) classifying the security event as a targeted attack. Various other methods, systems, and computer-readable media are also disclosed.
摘要(中):
用于将安全事件分类为目标攻击的公开的计算机实现的方法可以包括(1)检测与至少一个组织有关的安全事件,(2)将安全事件与标识多个特征的目标攻击分类法进行比较 (3)至少部分地基于将安全事件与目标攻击分类法进行比较,确定安全事件可能针对组织,然后响应于确定安全事件可能针对组织(( 4)将安全事件分类为有针对性的攻击。 还公开了各种其它方法,系统和计算机可读介质。
IPC结构图谱:
| G | 物理 |
| --G06 | 计算;推算;计数 |
| ----G06F | 电数字数据处理 |
| ------G06F21/00 | 防止未授权行为的保护计算机或计算机系统的安全装置 |
| --------G06F21/10 | .保护分布式程序或内容,例如版权资料的出售或许可 |
| ----------G06F21/55 | ..检测本地入侵或实施对策 |