发明名称 |
METHOD AND APPARATUS FOR QUANTIFYING THREAT SITUATIONS TO RECOGNIZE NETWORK THREAT IN ADVANCE |
摘要 |
An apparatus for quantifying network threat situations includes a traffic analyzing unit to analyze packet patterns of traffics occurring on a target network being monitored to extract one or more suspicious domains. An IP monitoring unit gives security levels among a plurality of security levels to the suspicious domains according to the number of access IPs accessing the suspicious domains. An activity index computing unit computes activity indices for the suspicious domains from activity indices according to the access times to the suspicious domains of the access IPs. An attack amount anticipation unit analogizes an expected amount of attacks for each suspicious domain according to an expected amount of attacks for each zombie computer, the security level and the activity index of the suspicious domain.
|
申请公布号 |
US2013318609(A1) |
申请公布日期 |
2013.11.28 |
申请号 |
US201313902069 |
申请日期 |
2013.05.24 |
申请人 |
ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE |
发明人 |
KIM KI YOUNG;YI SUNGWON;LIM SUN HEE;KIM JONGHYUN;SEO DAE-HEE;LEE BYUNG-GIL |
分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|