摘要 |
PURPOSE: A method for deciding invasion through relation analysis between different invasion detecting methods is provided to decide whether a network packet is invaded through relation analysis between the different detecting methods, thereby increasing benefits and reducing a false negative rate/false positive rate. CONSTITUTION: A system gives weight to each detecting method. The system gives confirmation and risk by detected results. The system analyzes relations between the detected results. The system finally decides that the analyzed results present invasions. A step of analyzing a network packet is further comprised. A step of collecting the analyzed results according to each method is further comprised.
|