| 摘要 |
The present invention comprises a method of defining vulnerabilities of a computer system (30 Figure 1) subject to attacks. The method comprises the steps of specifying an identity of an attack (300, 324), specifying at least one attribute of the specified attack (318), specifying at least one policy with respect to the specified attack (310, 312, 314), specifying at least one attribute of the specified policy (314), specifying a data signature of the specified attack to be detected (318). Preferably the method includes identifying the severity of an attack and specifying a policy group (300, 310, 312) with respect to an attack. |
