首页>
外国专利>
System and method for reducing false positives during detection of network attacks
System and method for reducing false positives during detection of network attacks
展开▼
机译:减少网络攻击检测期间误报的系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
Disclosed are systems and methods for reduction of false positives during detection of network attacks on a protected computer. In one example, the system comprises a proxy device configured to redirect and mirror traffic directed to the protected computer; a traffic sensor configured to collect statistical information about the mirrored traffic; a data collector configured to aggregate information collected by the traffic sensor and to generate traffic filtering rules based on the aggregated statistical information; a filtering center configured to, in parallel with collection of statistical information, filter redirected traffic based on the traffic filtering rules provided by the data collector; and a control module configured to collect and store statistical information about known network attacks and to correct traffic filtering rules used by the filtering center for purpose of reducing false positives during detection of network attacks on the protected computer.
展开▼