SYSTEM AND METHOD FOR DETECTING ABNORMAL TRAFFIC BASED ON EARLY NOTIFICATION
摘要
<p>This method and system for detecting abnormal traffic in a communications network is based on classifying the traffic in risk and status categories and maintaining a service status table with this information for each service at a respective node. The risk categories are initially established based on known software vulnerabilities recognized for the respective service. An early notifier enables further processing of services suspected of malware propagation. Status categories enable segregating the traffic with a "under attack status" from the "non under attack" status, so that the intrusion detection system at the respective node only processes the "under attack" traffic. In this way, the time and amount of processing performed by the intrusion detection system is considerably reduced.</p>
申请公布号
WO2007020534(A1)
申请公布日期
2007.02.22
申请号
WO2006IB03116
申请日期
2006.07.04
申请人
ALCATEL;ROBERT, JEAN-MARC;COSQUER, FRANCOIS, J., N.