首页>
外国专利>
SYSTEM AND METHOD OF PROCESSING INFORMATION SECURITY EVENTS TO DETECT CYBERATTACKS
SYSTEM AND METHOD OF PROCESSING INFORMATION SECURITY EVENTS TO DETECT CYBERATTACKS
展开▼
机译:处理信息安全事件以检测网络内的系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
A method for processing information security events of a computer system includes receiving information related to a plurality of information security events occurred in the computer system. Each of the events includes an event related to a possible violation of information security of the computer system. A verdict is determined for each of the events. The verdict includes: i) information security incident or ii) false positive. The verdict is false positive if the probability of a false positive for the corresponding event is greater than a first threshold. Verdicts are changed for a subset of the events from the false positive to the information security incident. A number of events in the subset is lower than a second threshold. An analysis of the events having a verdict of the information security incident is performed to determine if the computer system is under a cyberattack.
展开▼