| 发明名称 |
Method of analyzing network attack situation |
| 摘要 |
Provided is a method for analyzing a network attack situation. The method categorizes network intrusion detection alerts into network attack situations, counts the frequency of same-featured intrusion alert occurrence for each network attack situation using a counting algorithm based on time slots, and analyzes the network attack situation based on the frequency of same-featured intrusion detection alert occurrence, the rate of same-featured intrusion detection alert occurrence, or an AND/OR combination of them. The network attack situation can be correctly detected in real time without relatively being influenced by the size of the network or amount of the occurrence of the intrusion detection alerts.
|
| 申请公布号 |
US2005138425(A1) |
申请公布日期 |
2005.06.23 |
| 申请号 |
US20040938113 |
申请日期 |
2004.09.10 |
| 申请人 |
KIM JIN O.;LEE SOO H.;KIM DONGYOUNG;CHANG BEOM H.;NA JUNG C.;SOHN SUNG W.;PARK CHEE H. |
发明人 |
KIM JIN O.;LEE SOO H.;KIM DONGYOUNG;CHANG BEOM H.;NA JUNG C.;SOHN SUNG W.;PARK CHEE H. |
| 分类号 |
H04L12/24;H04L9/00;H04L29/06;(IPC1-7):H04L9/00 |
主分类号 |
H04L12/24 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
