摘要 |
#CMT# #/CMT# The system has a factual data base (3) containing dynamic data e.g. Internet protocol address number, representing monitoring of communication networks i.e. Internet (1) and internal network (2), and a knowledge data base (4) containing a rule of vulnerability of entities e.g. service, on the networks. An inference engine (5) evaluates the rule of vulnerability from facts e.g. port, stored in the data base (3), where the rule is defined by vulnerability presence conditions i.e. hypothesis, actions to be initiated when the conditions are satisfied, and an evaluation context. #CMT# : #/CMT# Independent claims are also included for the following: (1) a detection and prevention system comprising an automatic detecting module (2) a method of detecting and preventing an instruction in a communication network (3) a method of monitoring a communication network. #CMT#USE : #/CMT# Passive system for monitoring a communication network e.g. Internet and internal network, in an intrusion detection and prevention system (claimed). #CMT#ADVANTAGE : #/CMT# The system monitors the communication network for detecting and preventing intrusion in the network, in a simple manner and with improved efficiency. The configuration of the system facilitates implementation, updation and evaluation of vulnerability rules in a simple manner and analysis of the evaluation of the rules in an easy manner. #CMT#DESCRIPTION OF DRAWINGS : #/CMT# The drawing shows a schematic block representation of an application of a passive monitoring system for monitoring a communication network. 1 : Internet 2 : Internal network 3 : Factual data base 4 : Knowledge data base 5 : Inference engine 6 : Automatic detection module. |