首页>
外国专利>
Network defense system and framework for detecting and geolocating botnet cyber attacks
Network defense system and framework for detecting and geolocating botnet cyber attacks
展开▼
机译:用于检测和定位僵尸网络网络攻击的网络防御系统和框架
展开▼
页面导航
摘要
著录项
相似文献
摘要
A network defense system is described that provides network sensor infrastructure and a framework for managing and executing advanced cyber security algorithms specialized for detecting highly-distributed, stealth network attacks. In one example, a system includes a data collection and storage subsystem that provides a central repository to store network traffic data received from sensors positioned within geographically separate networks. Cyber defense algorithms analyze the network traffic data and detect centrally-controlled malware that is configured to perform distributed network attacks (“botnet attacks”) from devices within the geographically separate networks. A visualization and decision-making subsystem generates a user interface that presents an electronic map of geographic locations of source devices and target devices of the botnet attacks. The data collection and storage subsystem stores a manifest of parameters for the network traffic data to be analyzed by each of the cyber defense algorithms.
展开▼