首页>
外国专利>
CONSTRUCTING GRAPH MODELS OF EVENT CORRELATION IN ENTERPRISE SECURITY SYSTEMS
CONSTRUCTING GRAPH MODELS OF EVENT CORRELATION IN ENTERPRISE SECURITY SYSTEMS
展开▼
机译:企业安全系统中事件关联的图形模型的构建
展开▼
页面导航
摘要
著录项
相似文献
摘要
Methods and systems for detecting anomalous events include detecting anomalous events (42,43) in monitored system data. An event correlation graph is generated (302) by determining a tendency for a first process to access a system target, include an innate tendency of the first process to access the system target, an influence of previous events from the first process, and an influence of processes other than the first process. Kill chains are generated (310) from the event correlation graph that characterize events in an attack path over time. A security management action is performed (412) based on the kill chains.
展开▼