首页>
外国专利>
Firewall system and method via feedback from broad-scope monitoring for intrusion detection
Firewall system and method via feedback from broad-scope monitoring for intrusion detection
展开▼
机译:通过来自广域监视的反馈进行入侵检测的防火墙系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
A broad-scope intrusion detection system analyzes traffic coming into multiple hosts or other customers' computers or sites. This provides additional data for analysis as compared to systems that just analyze the traffic coming into one customer's site. Additional detection schemes can be used to recognize patterns that would otherwise be difficult or impossible to recognize with just a single customer detector. Standard signature detection methods can be used. Additionally, new signatures can be used based on broad-scope analysis goals. An anomaly is detected in the computer system, and then it is determined which devices or devices are anticipated to be affected by the anomaly in the future. These anticipated devices are then alerted to the potential for the future anomaly. The anomaly can be an intrusion or an intrusion attempt or reconnaissance activity.
展开▼