Correlation engine for detecting network attacks and detection method
作者: Shlomo Kremer , Amichai Shulman , Mickey Boodaei
DOI:
关键词: Data mining 、 Computer network 、 Correlation 、 Networking hardware 、 Computer science 、 Computer program
摘要: A method for detecting network attacks is provided. In one implementation, the receives a plurality of attack indications based on data transmitted and applies rules to indications. Also, generates an alert if application at least subset indicates potential attack. addition, device that performs computer program corresponding are
google.co.in参考文章(32)
Robert Silverman, System and method for the detection of and reaction to computer hacker denial of service attacks ,(2001)
Richard Paul Tarquini, Method, node and computer readable medium for identifying data in a network exploit ,(2001)
William Tarkington, Yuan Jiang, Jeff Oliveto, Anish Desai, Multi-level and multi-platform intrusion detection and response system ,(2002)
Tal Ryterski, Amichai Shulman, Method for monitoring stored procedures ,(2007)
Michael Boodaei, Shlomo Kremer, Amichai Shulman, Method and apparatus for high-speed detection and blocking of zero day worm attacks ,(2004)
Amichai Shulman, Gur Shatz, Ido Yellin, Method and security system for indentifying and blocking web attacks by enforcing read-only parameters ,(2006)
Daniel J. Roelker, Marc A. Norton, Methods and systems for intrusion detection ,(2004)
Charles Steven Lingafelt, Robert Barry Sisk, John Joseph McKenna, Method and apparatus for protecting a web server against vandals attacks without restricting legitimate access ,(2001)
Shlomo Kramer, Amichai Shulman, Method and system for transparently encrypting sensitive information ,(2007)
Michael C. Dapp, Real time active network compartmentalization ,(2001)