| 发明名称 |
System, method and program for identifying and preventing malicious intrusions |
| 摘要 |
Computer system, method and program product for identifying a malicious intrusion. A first number of different destination IP addresses, a second number of different destination ports and a third number of different signatures of messages, are identified from a source IP address during a predetermined period. A determination is made that in one or more other such predetermined periods the source IP address sent messages having the first number of different destination IP addresses, the second number of different destination ports and the third number of different signatures. Based on the determination that in the one or more other such predetermined periods the source IP address sent messages having the first number of different destination IP addresses, the second number of different destination ports and the third number of different signatures, a determination is made that the messages are characteristic of a malicious intrusion. |
| 申请公布号 |
US2006294588(A1) |
申请公布日期 |
2006.12.28 |
| 申请号 |
US20050166550 |
申请日期 |
2005.06.24 |
| 申请人 |
INTERNATIONAL BUSINESS MACHINES CORPORATION |
发明人 |
LAHANN JEFFREY S.;THIELE FREDERIC G.;WALTER MICHAEL A. |
| 分类号 |
G06F12/14;G06F9/00;G06F11/00;G06F12/16;G06F15/16;G06F15/18;G06F17/00;G08B23/00 |
主分类号 |
G06F12/14 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
