DETECTING A CURRENT ATTACK BASED ON SIGNATURE GENERATION TECHNIQUE IN A COMPUTERIZED ENVIRONMENT

DETECTING A CURRENT ATTACK BASED ON SIGNATURE GENERATION TECHNIQUE IN A COMPUTERIZED ENVIRONMENT

A method for detecting a current attack in a computerized environment is automatically performed by one or more computerized hosts (50) of the computerized environment. The method comprises generating a signature (22) which is specific for a type of activity in the computerized environment based on...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: CALANDRIELLO, Giorgio, PASCALI, Alessandro, BESSASSI, Selim, TBA, Yasser
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A method for detecting a current attack in a computerized environment is automatically performed by one or more computerized hosts (50) of the computerized environment. The method comprises generating a signature (22) which is specific for a type of activity in the computerized environment based on historic data (20, 21) of the activity, the signature (22) specifying averaged normalized numbers of occurrences of the activity per time frame of a plurality of recurring time frames. The method further comprises determining a threshold value for the activity based on the historic data of the activity and a statistical measure. The method further comprises monitoring current data of the activity in the computerized environment, and generating an attack detection alert based on determining that the current data of the activity exceeds the threshold value for a current time frame.