首页>
外国专利>
Method and system for detecting intrusive anomalous use of a software system using multiple detection algorithms
Method and system for detecting intrusive anomalous use of a software system using multiple detection algorithms
展开▼
机译:使用多种检测算法检测软件系统的侵入性异常使用的方法和系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
A target software system is instrumented to generate behavior data representing a current observation or observation aggregate. A method then determines whether the current observation or observation aggregate warrants a second level examination; preferably, this determination is made by processing the current observation or observation aggregate through a first level detection algorithm that provides a provisional indication of a possible intrusion. If executing the first level detection algorithm indicates that the current observation or observation aggregate warrants a second level examination, the method continues by processing the current observation or observation aggregate through at least one second level detection algorithms to provide a more definite, fine grain indication of a possible intrusion. Multiple algorithms may be executed together within a single examination level, with the individual results then analyzed to obtain a composite result or output indicative of intrusive or anomalous behavior.
展开▼