发明名称 |
METHOD OF NETWORK TRAFFIC SIGNATURE DETECTION |
摘要 |
<p>A method for identifying anomalous network traffic is provided. The method involves observing network traffic (steps 10, 11) for a deviation from the normal or expected traffic characteristics (step 12). When the presence of a significant deviation is detected, a structured portion of a sample of the network traffic is analysed (step 13) to identify a commonality or pattern present in the contents of the network traffic, which occur with a frequency that would approximately provide the deviation from the normal or expected traffic characteristics. An identified signature may be translated into human or machine readable form (step 14).</p> |
申请公布号 |
WO2005111805(A1) |
申请公布日期 |
2005.11.24 |
申请号 |
WO2004NZ00093 |
申请日期 |
2004.05.18 |
申请人 |
ESPHION LIMITED;BRENDEL, JUERGEN;VSHIVKOV, DENNIS |
发明人 |
BRENDEL, JUERGEN;VSHIVKOV, DENNIS |
分类号 |
G06F11/30;(IPC1-7):G06F11/30 |
主分类号 |
G06F11/30 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|