首页>
外国专利>
A Method and a Device for Network-Based Internet Worm Detection With The Vulnerability Analysis and Attack Modeling
A Method and a Device for Network-Based Internet Worm Detection With The Vulnerability Analysis and Attack Modeling
展开▼
机译:漏洞分析与攻击建模的基于网络的互联网蠕虫检测方法及装置
展开▼
页面导航
摘要
著录项
相似文献
摘要
The present invention relates to a network (network) for the Internet worm (internet worm) detection devices and detection methods using the vulnerability analysis and attack system modeling (modeling), including the keyword that is used to attack a vulnerability of an application vulnerability store vulnerability to store vulnerability information required for the attack detection information unit, the network (network) packet (packet) to be transmitted on the determined presence threat to determine whether to be transmitted to the application having the vulnerability part, application having the vulnerability whether in the packet it is to be sent to the program packet information extracting unit, and the attack packets by comparing / analyzing the vulnerability information that is stored in the information and the vulnerability storage section extracted in the packet to extract information needed for breaking is determined by using the vulnerability information consists of a part to determine attacked judgment, whereby utilizing the vulnerability of the application and detects worms by modeling the type of attack and are able to prepare responses prior to generating the actual attack, divided or arrival, the order changed by storing only a portion of the information belonging to a particular session of a packet that can be used to secure the efficiency of the storage device and to reduce the resources required for packet processing. ; Internet worms, vulnerabilities, detect violations
展开▼