首页>
外国专利>
Systems and methods for preventing malicious network connections using correlation-based anomaly detection
Systems and methods for preventing malicious network connections using correlation-based anomaly detection
展开▼
机译:使用基于相关的异常检测来防止恶意网络连接的系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
The disclosed computer-implemented method may include (i) monitoring computing activity, (ii) detecting, during a specific time period, at least one malicious network connection that involves a computing device within a network, (iii) determining that no malicious network connections involving the computing device were detected during another time period, (iv) identifying a feature of the computing activity that (a) occurred during the specific time period and (b) did not occur during the other time period, (v) determining that the feature is likely indicative of malicious network activity due at least in part to the feature having occurred during the specific time period and not having occurred during the other time period, and in response to detecting the feature at a subsequent point in time, (vi) performing a security action on a subsequent network connection attempted around the subsequent point in time. Various other methods, systems, and computer-readable media are also disclosed.
展开▼