首页>
外国专利>
Heuristic Detection and Termination of Fast Spreading Network Worm Attacks
Heuristic Detection and Termination of Fast Spreading Network Worm Attacks
展开▼
机译:快速传播网络蠕虫攻击的启发式检测和终止
展开▼
页面导航
摘要
著录项
相似文献
摘要
Methods, apparati, and computer program products for detecting and responding to fast-spreading network worm attacks include a network monitoring module, which observes failed network connection attempts from multiple sources. A logging module logs the failed connection attempts. An analysis module uses the logged data on the failed connection attempts to determine whether a sources is infected with a worm using a set of threshold criteria. The threshold criteria indicate whether a source's failed connection attempts are non-normal. In one embodiment, a response module responds to the computer worm by, e.g., alerting a user or system administrator, terminating an infected process, or terminating the infected source's network access.
展开▼