首页> 外国专利> Method, computer-readable medium, and node for detecting exploits based on an inbound signature of the exploit and an outbound signature in response thereto

Method, computer-readable medium, and node for detecting exploits based on an inbound signature of the exploit and an outbound signature in response thereto

机译：用于基于漏洞的入站签名和响应于此的出站签名来检测漏洞的方法，计算机可读介质和节点

页面导航

摘要
著录项
相似文献

摘要

A method of detecting an intrusion at a node of a network comprising reading a first packet received by the node, determining a first signature of the first packet, comparing the first signature with a signature file comprising a first machine-readable logic representative of a first packet signature, determining the first signature corresponds with the first machine readable logic, reading a second packet generated by the node in response to reception of the first packet, determining a second signature of the second packet, comparing the second signature with the signature file further comprising a second machine-readable logic representative of second packet signature, and determining the second signature corresponds with the second machine readable logic is provided. A computer-readable medium and a node for detecting an exploit based upon an outbound signature generated in response to an inbound signature of the exploit are also provided.

机译：一种在网络的节点处检测入侵的方法，包括：读取由节点接收的第一分组;确定第一分组的第一签名;将第一签名与包括代表第一设备的第一机器可读逻辑的签名文件进行比较。分组签名，确定第一签名与第一机器可读逻辑相对应，读取节点响应于接收到第一分组而生成的第二分组，确定第二分组的第二签名，将第二签名与签名文件进一步比较包括代表第二分组签名的第二机器可读逻辑，并确定第二签名与第二机器可读逻辑相对应。还提供了一种计算机可读介质和用于基于响应于利用的入站签名而生成的出站签名来检测利用的节点。

著录项

公开/公告号US2003101353A1

专利类型
公开/公告日2003-05-29

原文格式PDF
申请/专利权人 TARQUINI RICHARD PAUL;SCHERTZ RICHARD LOUIS;GALES GEORGE SIMON;
展开▼

申请/专利号US20010003815
发明设计人 RICHARD LOUIS SCHERTZ;GEORGE SIMON GALES;RICHARD PAUL TARQUINI;
展开▼

申请日2001-10-31
分类号G06F11/30;
国家 US
入库时间 2022-08-22 00:09:34

相似文献

专利
外文文献
中文文献