首页> 外国专利> A METHOD FOR MODELING ATTACK PATTERNS IN HONEYPOTS

A METHOD FOR MODELING ATTACK PATTERNS IN HONEYPOTS

机译：一种在蜜罐中建模攻击模式的方法

页面导航

摘要
著录项
相似文献

摘要

A monitored honeypot system, comprising sensors for monitoring data being communicated between an attacker and said honeypot; a hardware processor adapted to analyze a portion of said communicated data by defining a set of attack features; obtaining a dataset comprising monitored cyber-attack metadata; filtering said dataset to a desired contextual subset of cyber-attacks; defining attack sessions from said contextual subset; extracting values for each feature, respectively, from each said attack sessions; generating from said features values attack profiles, each profile relating to a set of attacks; clustering the attack profiles based on features of said profiles; enriching the centroid representation of said attack profiles; outlining important features which distinguish between said pattern clusters; calculating a closeness similarity between said pattern-clusters; generating a model of cyber-attack patterns, based the preceding steps; and a memory for storing the form model.

机译：被监视的蜜罐系统，包括用于监视攻击者和所述蜜罐之间传送的数据的传感器;一种硬件处理器，适于通过定义一组攻击特征来分析所述传送数据的一部分;获取包括监视网络攻击元数据的数据集;将所述数据集过滤到期望的网络攻击子集;定义来自所述上下文子集的攻击会话;从每个所述攻击会话中分别提取每个特征的值;从所述特征生成值攻击配置文件，每个与一组攻击有关的配置文件;基于所述简档的特征来聚类攻击配置文件;丰富了所述攻击配置文件的质心表示;概述区分所述模式集群的重要特征;计算所述图案簇之间的近似度相似性;基于前一步，生成网络攻击模式模型;和用于存储表单模型的存储器。

著录项

公开/公告号EP3343869B1

专利类型
公开/公告日2021-06-09

原文格式PDF
申请/专利权人
展开▼

申请/专利号EP20170210794
发明设计人 MIMRAN DUDU;SHAPIRA BRACHA;ROKACH LIOR;BAR ARIEL;UNGER MOSHE;BRODT OLEG;
展开▼

申请日2017-12-28
分类号H04L29/06;G06F21/55;G06F21/57;
国家 EP
入库时间 2022-08-24 19:16:36

相似文献

专利
外文文献
中文文献