首页>
外国专利>
METHODS AND DEVICES FOR AUTOMATICALLY DETECTING ATTACK SIGNATURES AND GENERATING ATTACK SIGNATURE IDENTIFICATIONS
METHODS AND DEVICES FOR AUTOMATICALLY DETECTING ATTACK SIGNATURES AND GENERATING ATTACK SIGNATURE IDENTIFICATIONS
展开▼
机译:自动检测攻击签名并生成攻击签名的方法和设备
展开▼
页面导航
摘要
著录项
相似文献
摘要
Network traffic management apparatuses, systems, methods, and computer-readable media for automatically detecting attack signatures and generating attack signature identifications, involving: collecting a stable dataset during a stable time; determining whether a cyber-attack is detected; when a cyber-attack is detected, periodically generating attack signatures and updating an enforcer with the attack signatures, the attack signatures representing dynamic rules to be enforced; validating the dynamic rules via a long-time validation mechanism, validating involving considering behavior of each dynamic rule after the cyber-attack and during a new cyber-attack and ranking each dynamic rule using the stable dataset, thereby generating persistent rules having a dynamic rule; exporting the persistent rules to a security enforcer; introducing the persistent rules to a persistent rule revocater; determining whether export of an unrevoked persistent rule is requested; and if requested, exporting the unrevoked persistent rule of the persistent rules through a mitigator and collecting statistics.
展开▼