首页> 外国专利> A SYSTEM FOR DETECTING THREATS USING SCENARIO-BASED TRACKING OF INTERNAL AND EXTERNAL NETWORK TRAFFIC

A SYSTEM FOR DETECTING THREATS USING SCENARIO-BASED TRACKING OF INTERNAL AND EXTERNAL NETWORK TRAFFIC

机译：一种基于场景的内部和外部网络流量跟踪的威胁检测系统

页面导航

摘要
著录项
相似文献

摘要

Disclosed is an improved approach to implement a system and method for detecting insider threats, where models are constructed that is capable of defining what constitutes the normal behavior for any given hosts and quickly find anomalous behaviors that could constitute a potential threat to an organization. The disclosed approach provides a way to identify abnormal data transfers within and external to an organization without the need for individual monitoring software on each host, by leveraging metadata that describe the data exchange patterns observed in the network.

机译：公开了一种改进的方法，用于实现用于检测内部威胁的系统和方法，其中构造的模型能够定义什么构成任何给定主机的正常行为，并迅速找到可能对组织构成潜在威胁的异常行为。所公开的方法通过利用描述网络中观察到的数据交换模式的元数据，提供了一种识别组织内部和外部异常数据传输的方式，而无需在每个主机上使用单独的监视软件。

著录项

公开/公告号EP3215945A4

专利类型
公开/公告日2017-09-13

原文格式PDF
申请/专利权人 VECTRA NETWORKS INC.;
展开▼

申请/专利号EP20150857216
发明设计人 PEGNA DAVID LOPES;BEAUCHESNE NICOLAS;
展开▼

申请日2015-11-02
分类号G06F11/00;G06F21/55;H04L29/06;
国家 EP
入库时间 2022-08-21 14:05:08

相似文献

专利
外文文献
中文文献