首页>
外国专利>
A SYSTEM FOR DETECTING THREATS USING SCENARIO-BASED TRACKING OF INTERNAL AND EXTERNAL NETWORK TRAFFIC
A SYSTEM FOR DETECTING THREATS USING SCENARIO-BASED TRACKING OF INTERNAL AND EXTERNAL NETWORK TRAFFIC
展开▼
机译:一种基于场景的内部和外部网络流量跟踪的威胁检测系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
Disclosed is an improved approach to implement a system and method for detecting insider threats, where models are constructed that is capable of defining what constitutes the normal behavior for any given hosts and quickly find anomalous behaviors that could constitute a potential threat to an organization. The disclosed approach provides a way to identify abnormal data transfers within and external to an organization without the need for individual monitoring software on each host, by leveraging metadata that describe the data exchange patterns observed in the network.
展开▼