首页>
外国专利>
System and method for tracking malware route and behavior for defending against cyberattacks
System and method for tracking malware route and behavior for defending against cyberattacks
展开▼
机译:跟踪恶意软件路由和行为以防御网络攻击的系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
An attack tracking system includes multiple hosts in which first event data concerning object behavior are collected and pieces of host-based event information are created therefrom; a tracking information database server storing the pieces of host-based event information; a tracking information analysis server creating behavior events by defining malware behavior from the pieces of host-based event information, retrieving targets to be analyzed from the pieces of host-based event information and the behavior events based on a preset input value, creating first tracking contexts for identifying the malware behavior by analyzing the relationship between the pieces of host-based event information and the relationship between a set of the pieces of host-based event information and a set of the behavior events, and creating second tracking contexts tracking malware routes and behavior events between the multiple hosts by analyzing the correlation between the first tracking contexts.
展开▼