首页>
外国专利>
Monitoring operational activities in networks and detecting potential network intrusions and misuses
Monitoring operational activities in networks and detecting potential network intrusions and misuses
展开▼
机译:监视网络中的运营活动并检测潜在的网络入侵和滥用
展开▼
页面导航
摘要
著录项
相似文献
摘要
Concepts and technologies disclosed herein are for monitoring operational activities in networks and detecting potential network intrusions and misuses. According to one aspect disclosed herein, an intrusion detection system can collect logs from an authentication, authorization, and accounting system. The intrusion detection system can extract information from the logs, update intrusion detection information utilized by an intrusion detection rule based upon the information extracted from the logs, update a profile utilized by the intrusion detection rule, compare the profile and the intrusion detection rule against a running state of an on-going session, tag corresponding log entries with a threat score, calculate the threat scores from the corresponding log entries to create an aggregated threat score, and present the aggregated threat score. The intrusion detection system can also present an alarm if the aggregated threat score triggers an alarm condition.
展开▼