摘要 |
<p>An intrusion detection method wherein a vulnerability determination or vulnerability assessment (3) of one or more computers or hosts is performed to determine whether and what vulnerability exist on the computers or hosts, accomplished by using existing vulnerability determination or vulnerability assessment (3) information that can be continually updated (1). Attack signatures, which can also be continually adapted (1), are identified and correlated with the specific vulnerabilities identified. One or more designated IP sessions associated with attempted vulnerability exploitation are then inhibited (4) or disconnected.</p> |