| 摘要 |
FIELD: information technology.SUBSTANCE: method of detecting computer attacks to networked computer system comprising at least one computer connected to the network and having an installed operating system and installed application software comprising the traffic analysis system in which to analyze the packets received from the network the certain parameters are selected and their values are calculated, which are then compared with the reference values, and the fact of presence of the single or combined simultaneous attack and definition of types of attacks is determined by combination of the set conditions for the parameters. For processing the data packets received from the network the traffic analysis system is used, which enables to calculate the traffic parameters in real time scale.EFFECT: detection of computer attacks of various types, combined simultaneous attacks of various types, and definition of types of attacks.13 dwg, 3 tbl |
