发明名称 |
Host-based systematic attack detection tool |
摘要 |
A vulnerability checking tool for a host computer designed to examine security logs of attempted logins and revocations, to detect systematic attacks of a wide variety, and to generate a report file that can be examined for information concerning these types of events. Host computer files which contain data regarding attempted accesses and logins are used to create an event list based upon event criteria. The list is evaluated using a "floating period" time frame which advances by single event steps while no violation is detected within a particular floating period, and which advances by "jumps" when violations are detected in a time period so as to reduce the possibility of "over reporting" violations related to the same set of events.
|
申请公布号 |
US2003154396(A1) |
申请公布日期 |
2003.08.14 |
申请号 |
US20010942552 |
申请日期 |
2001.08.30 |
申请人 |
INTERNATIONAL BUSINESS MACHINES CORPORATION |
发明人 |
GODWIN DEBBIE ANN;WALTERS RODNEY ELDON |
分类号 |
G06F21/00;(IPC1-7):G06F11/30 |
主分类号 |
G06F21/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|