首页>
外国专利>
Modular system for detecting, filtering and providing notice about attack events associated with network security
Modular system for detecting, filtering and providing notice about attack events associated with network security
展开▼
机译:用于检测,过滤和提供与网络安全性相关的攻击事件的通知的模块化系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
A host-based intrusion detection system (HIDS) sensor that monitors system logs for evidence of malicious or suspicious application activity running in real time and monitors key system files for evidence of tampering. This system detects attacks targeted at the host system on which it is installed and monitors output to the system and audit logs. It is signature-based and identifies and analyzes system and audit messages for signs of system misuse or attack. The system monitors the logs of applications running on the host, including mail servers, web servers and FTP servers. The system also monitors system files and notifies the system administrator when key system and security files have been accessed, modified or even deleted.
展开▼