首页>
外国专利>
Automated discovery, attribution, analysis, and risk assessment of security threats
Automated discovery, attribution, analysis, and risk assessment of security threats
展开▼
机译:自动发现,归因,分析和评估安全威胁
展开▼
页面导航
摘要
著录项
相似文献
摘要
A method for profiling network traffic of a network. The method includes obtaining a signature library comprising a plurality of signatures each representing first data characteristics associated with a corresponding application executing in the network, generating, based on a first pre-determined criterion, a group behavioral model associated with the signature library, wherein the group behavioral model represents a common behavior of a plurality of historical flows identified from the network traffic, wherein each of the plurality of signatures correlates to a subset of the plurality of historical flows, selecting a flow in the network traffic for including in a target flow set, wherein the flow matches the group behavioral model without being correlated to any corresponding application of the plurality of signatures, analyzing the target flow set to generate a new signature, and adding the new signature to the signature library.
展开▼