| 发明名称 |
DISTRIBUTED NETWORK PROTECTION |
| 摘要 |
Network traffic is analyzed in a hierarchical framework to learn and identify normal behavior of the network, and to identify deviations from the normal behavior. A system for protecting a network comprises sniffer modules (122) and a processing module (116). The sniffer modules (122) are implemented in nodes (108) of the network to sniff traffic on segments of the network that are coupled to the nodes. The processing module collects and analyzes the traffic in a hierarchical framework to learn and identify normal behaviour of the network, and to identify deviations from the normal behavior. |
| 申请公布号 |
WO2007073971(A1) |
申请公布日期 |
2007.07.05 |
| 申请号 |
WO2006EP68146 |
申请日期 |
2006.11.06 |
| 申请人 |
INTERNATIONAL BUSINESS MACHINES CORPORATION;IBM UNITED KINGDOM LIMITED;SERBER, PABLO, DANIEL |
发明人 |
SERBER, PABLO, DANIEL |
| 分类号 |
H04L29/06;G06F21/00;H04L9/00 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
