首页>
外国专利>
IINTRUSION DETECTION SYSTEM ENRICHMENT BASED ON SYSTEM LIFECYCLE
IINTRUSION DETECTION SYSTEM ENRICHMENT BASED ON SYSTEM LIFECYCLE
展开▼
机译:基于系统生命周期的入侵检测系统富集
展开▼
页面导航
摘要
著录项
相似文献
摘要
Techniques are described for automatically incorporating lifecycle context information for a secured environment into an intrusion detection system monitoring the secured environment's operations. In one example, an indication of a potentially malicious action occurring in a secured environment monitored by an intrusion detection system is identified. A lifecycle-based context associated with a lifecycle operations manager (LOM) is accessed, where the LOM is responsible for managing lifecycle operations associated with components in the secured environment, and where the context stores information associated with lifecycle operations executed by the LOM. A determination is made as to whether the potentially malicious action associated with the indication is associated with information associated with an executed lifecycle operation stored in the context. In response to determining that a malicious action is associated with a lifecycle operation, a mitigation action associated with the potentially malicious action can be modified.
展开▼