首页>
外国专利>
KERNAL-BASED INTRUSION DETECTION USING BLOOM FILTERS
KERNAL-BASED INTRUSION DETECTION USING BLOOM FILTERS
展开▼
机译:使用bloom过滤器的基于内核的入侵检测
展开▼
页面导航
摘要
著录项
相似文献
摘要
Kernel-based intrusion detection using Bloom filters is disclosed. In one of many possible embodiments for detecting an intrusion attack, a Bloom filter is provided and used to generate a Bloom filter data object. The Bloom filter data object contains data representative of expected system-call behavior associated with a computer program. The Bloom filter data object is embedded in an operating system (“OS”) kernel upon an invocation of the computer program. Actual system-call behavior is compared with the data in the Bloom filter data object.
展开▼