发明名称 |
Determining threat level associated with network activity |
摘要 |
Network devices such as intrusion detection systems, routers, firewalls, servers, and other network devices are monitored to aggregate all event data generated by monitored devices to provide a threat ranking of all network activity. A threat level for a given host is determined by a threat weighting assigned to that host and a threat weighting assigned to that host's netblock. In addition, a vulnerability for a given event is determined by the event's destination threat associated with a vulnerability value indexed by the event's destination and the event's type.
|
申请公布号 |
US7418733(B2) |
申请公布日期 |
2008.08.26 |
申请号 |
US20030649804 |
申请日期 |
2003.08.26 |
申请人 |
INTERNATIONAL BUSINESS MACHINES CORPORATION |
发明人 |
CONNARY IVEN;BUCK DARIN J.;CALDWELL MATTHEW F.;HUGHES ROBERT T. |
分类号 |
G06F11/00;H04L12/26;H04L29/06;H04L29/08 |
主分类号 |
G06F11/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|