会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 4. 发明授权
    • Dynamic intrusion detection for computer systems
    • 计算机系统的动态入侵检测
    • US06928549B2
    • 2005-08-09
    • US09901443
    • 2001-07-09
    • Ashley Anderson BrockNathaniel Wook KimCharles Steven Lingafelt
    • Ashley Anderson BrockNathaniel Wook KimCharles Steven Lingafelt
    • G06F21/00G06F1/24
    • G06F21/554
    • An intrusion detection system monitors for signature events, which are part of base intrusion sets that include signature event counters, signature thresholds, and base actions. Associated with each base intrusion set is an action set including an action counter, an action threshold, and an action variable. The associated action counter is updated when the base action of the base intrusion set is invoked responsive to the count of associated signature events meeting the associated signature threshold. The action counter is compared with an action threshold. If the action counter meets the threshold, the associated action variable is updated. The action variable is then passed to an analysis engine comprising a set of rules, which analyses the action variable either in isolation or together with other action variables associated with other base intrusion sets. According to the analysis, an element of a base intrusion set or an action set may be changed.
    • 入侵检测系统监视签名事件,这是基于入侵集的一部分,包括签名事件计数器,签名阈值和基本操作。 与每个基本入侵集相关联的是包括动作计数器,动作阈值和动作变量的动作集合。 响应于满足关联签名阈值的关联签名事件的计数来调用基本入侵集合的基本操作时,相关联的动作计数器被更新。 动作计数器与动作阈值进行比较。 如果动作计数器满足阈值,则更新关联的动作变量。 然后将该操作变量传递给包含一组规则的分析引擎,该规则分离操作变量或与其他基础入侵集相关的其他操作变量一起分析。 根据分析,可以改变基本入侵组或动作集的元素。