首页>
外国专利>
DETECTION OF SLOW BRUTE FORCE ATTACKS BASED ON USER-LEVEL TIME SERIES ANALYSIS
DETECTION OF SLOW BRUTE FORCE ATTACKS BASED ON USER-LEVEL TIME SERIES ANALYSIS
展开▼
机译:基于用户级时间序列分析的慢蛮力攻击检测
展开▼
页面导航
摘要
著录项
相似文献
摘要
Methods, systems and computer program products are provided for detection of slow brute force attacks based on user-level time series analysis. A slow brute force attack may be detected based on one or more anomalous failed login events associated with a user, alone or in combination with one or more post-login anomalous activities associated with the user, security alerts associated with the user, investigation priority determined for the user and/or successful logon events associated with the user. An alert may indicate a user is the target of a successful or unsuccessful slow brute force attack. Time-series data (e.g., accounted for in configurable time intervals) may be analyzed on a user-by-user basis to identify localized anomalies and global anomalies, which may be scored and evaluated (e.g., alone or combined with other information) to determine an investigation priority and whether and what alert to issue for a user.
展开▼