发明名称 |
Security incident detecting method for use in telecommunication network e.g. enterprise Intranet, involves constructing directed graph, identifying connection component in directed graph, and determining incident indicator |
摘要 |
<p>The method involves constructing a directed graph (GO) comprising directed arcs connecting a source address (AS) to a destination address (AD) of a determined request flow (REQ). A connection component (CC) is identified in the directed graph, where the component comprises a root address and the destination addresses connected to the root address through a set of directed arcs. An incident indicator is determined based on the destination addresses of the identified connection component. A security incident is signaled if the incident indicator is greater than a selected threshold. Independent claims are also included for the following: (1) a device for detecting a security incident in a telecommunication network (2) a computer program for implementing a device for detecting a security incident in a telecommunication network (3) a recording medium readable by a security incident detecting device and recording a computer program for detecting a security incident in a telecommunication network.</p> |
申请公布号 |
FR2896897(A1) |
申请公布日期 |
2007.08.03 |
申请号 |
FR20060051518 |
申请日期 |
2006.04.28 |
申请人 |
FRANCE TELECOM SOCIETE ANONYME |
发明人 |
PIGNOL ANNE SOPHIE;ANSEL PIERRE;BUTTI LAURENT |
分类号 |
G06F21/20;H04L12/22 |
主分类号 |
G06F21/20 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|