首页>
外国专利>
System and method for intrusion decision-making in autonomic computing environments
System and method for intrusion decision-making in autonomic computing environments
展开▼
机译:自主计算环境中入侵决策的系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
A mechanism is provided for performing intrusion decision-making using a plurality of approaches. Detection approaches may include, for example, signature-based, anomaly-based, scan-based, and danger theory approaches. When event information is received, each approach produces a result. A consensus of each result is then reached by using, for example, Bayesian Filtering. A corpus is kept for each approach. An intrusion corpus keeps combinations of the corpora for all of the approaches that constitute intrusions. A safe corpus keeps combinations of the corpora for all of the approaches that do not constitute an intrusion. The corpora for the approaches may be pre-defined according to security policies and the like. The intrusion corpus and the safe corpus may be trained using scores that are determined using the detection approaches.
展开▼