首页>
外国专利>
METHOD AND SYSTEM FOR REDUCING THE FALSE ALARM RATE OF NETWORK INTRUSION DETECTION SYSTEMS
METHOD AND SYSTEM FOR REDUCING THE FALSE ALARM RATE OF NETWORK INTRUSION DETECTION SYSTEMS
展开▼
机译:降低网络入侵检测系统虚假告警率的方法和系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
According to one embodiment of the invention, a method for reducing the falsealarm rate of network intrusion detection systems includes receiving an alarmindicating a network intrusion may have occurred, identifying characteristicsof the alarm, including at least an attack type and a target address, queryinga target host associated with the target address for an operating systemfingerprint, receiving the operating system fingerprint that includes theoperating system type from the target host, comparing the attack type to theoperating system type, and indicating whether the target host is vulnerable tothe attack based on the comparison.
展开▼