首页>
外国专利>
A METHOD FOR MODELING ATTACK PATTERNS IN HONEYPOTS
A METHOD FOR MODELING ATTACK PATTERNS IN HONEYPOTS
展开▼
机译:一种在蜜罐中建模攻击模式的方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
A monitored honeypot system, comprising sensors for monitoring data being communicated between an attacker and said honeypot; a hardware processor adapted to analyze a portion of said communicated data by defining a set of attack features; obtaining a dataset comprising monitored cyber-attack metadata; filtering said dataset to a desired contextual subset of cyber-attacks; defining attack sessions from said contextual subset; extracting values for each feature, respectively, from each said attack sessions; generating from said features values attack profiles, each profile relating to a set of attacks; clustering the attack profiles based on features of said profiles; enriching the centroid representation of said attack profiles; outlining important features which distinguish between said pattern clusters; calculating a closeness similarity between said pattern-clusters; generating a model of cyber-attack patterns, based the preceding steps; and a memory for storing the form model.
展开▼