发明名称 |
METHOD AND APPARATUS FOR DETECTING SSH LOGIN ATTACKS |
摘要 |
A digital filter correlation engine, wherein the correlation engine combines N arbitrary digital filter states based on the weights and along with a threshold generate a network incident. This network incident in turn can be feedback to another digital filter. This multi-layering capability allows the creation of higher level event detections that are time-based for a cyber security analyst to analyze, thereby reducing the amount of manual work the analyst has to do in inspecting behaviors within the network.
|
申请公布号 |
US2011185419(A1) |
申请公布日期 |
2011.07.28 |
申请号 |
US20100728530 |
申请日期 |
2010.03.22 |
申请人 |
BAE SYSTEMS INFORMATION AND ELECTRONIC SYSTEMS INTEGRATION INC. |
发明人 |
BOTELER AARON;NORTON MARC |
分类号 |
G06F21/00 |
主分类号 |
G06F21/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|