首页>
外国专利>
A method for intrusion detection rate with audit correlation
A method for intrusion detection rate with audit correlation
展开▼
机译:一种具有审计相关性的入侵检测率方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
PURPOSE: A method for improving intrusion detection through a relationship algorithm of a audit log is provided to improve the intrusion detection and lower wrong detection through the relationship of three audit logs having a different property. CONSTITUTION: A system log(2), a packet log(3), and a system call log(4) of a login module(1) generate an intrusion detecting pattern(6) through a audit log parser(5), and judge the intrusion through the intrusion detector(7). The intrusion of the audit log is detected through the intrusion detector in real-time. In case that the intrusion is detected, an intrusion confronting/reporting module(8) is operated.
展开▼