APPARATUS, METHOD, AND NON-TRANSITORY COMPUTER-READABLE STORAGE MEDIUM FOR NETWORK ATTACK PATTERN DETERMINATION

A network attack pattern determination apparatus, method, and non-transitory computer readable storage medium thereof are provided. The apparatus is stored with several attack patterns and access records. Each access record includes a network address, time stamp, and access content. Each attack patt...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Hsieh, Chih-Hung, Lai, Chia-Min, Lai, Chi-Ping, Wei, Te-En, Mao, Ching-Hao
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A network attack pattern determination apparatus, method, and non-transitory computer readable storage medium thereof are provided. The apparatus is stored with several attack patterns and access records. Each access record includes a network address, time stamp, and access content. Each attack pattern corresponds to at least one attack access relation. Each attack access relation is defined by a network address and access content. The apparatus retrieves several attack records according to at least one attack address. The network address of each attack record is one of the attack address(s). The apparatus divides the attack records into several groups according to the time stamps and performs the following operations for each group: (a) creating at least one access relation for each attack address included in the group and (b) determining that the group corresponds to one of the attack patterns according to the at least one access relation of the group.