首页>
外国专利>
Automatic categorization of IDPS signatures from multiple different IDPS systems
Automatic categorization of IDPS signatures from multiple different IDPS systems
展开▼
机译:多个不同IDPS系统自动分类IDPS签名
展开▼
页面导航
摘要
著录项
相似文献
摘要
Unknown and reference signatures are accessed. The unknown and reference signatures indicate patterns that correspond to known threats to resources (such as computer systems and/or computer networks) in a computer environment and comprise a multitude of descriptive elements having information describing different aspects of a corresponding signature. A set of similarity measures is created of the unknown and reference signatures from different perspectives, each perspective corresponding to a descriptive element. The set of similarity measures are integrated to generate an overall similarity metric. The overall similarity metric is used to find appropriate categories in the reference signatures into which the unknown signatures should be placed. The unknown signatures are placed into the appropriate categories to create a mapping from the unknown signatures to the reference signatures. The mapping is output for use by an IDPS for determining whether a threat has occurred to the resources in the computer environment.
展开▼