首页>
外国专利>
IDENTIFYING AND CLASSIFYING COMMUNITY ATTACKS
IDENTIFYING AND CLASSIFYING COMMUNITY ATTACKS
展开▼
机译:识别和分类社区攻击
展开▼
页面导航
摘要
著录项
相似文献
摘要
A method by one or more electronic devices for identifying and classifying community attacks. The method includes determining, for each of a plurality of enterprise networks, one or more incidents occurring in that enterprise network based on analyzing security alerts generated by a web application layer attack detector used to protect a web application hosted in that enterprise network, where each incident represents a group of security alerts that have been determined as being associated with the same security event, grouping incidents occurring across the plurality of enterprise networks into groups of incidents, where incidents that are determined as having similar features are grouped into the same group of incidents, and classifying each of one or more of the groups of incidents as being an industry-based attack or a spray-and-pray attack based on industry classifications of incidents within that group of incidents.
展开▼