METHOD FOR DETECTING AN ATTACK BY A THREAT IN AN OPERATING SYSTEM
The invention relates to a method for detecting an attack by a threat in an operating system (10). Prior to the system (10) being in use, the method comprises the following steps: - simulating a set of possible attack sequences from the threat; - processing the set of attack sequences to obtain a se...
Gespeichert in:
Hauptverfasser: | , , |
---|---|
Format: | Patent |
Sprache: | eng ; fre ; ger |
Schlagworte: | |
Online-Zugang: | Volltext bestellen |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | The invention relates to a method for detecting an attack by a threat in an operating system (10). Prior to the system (10) being in use, the method comprises the following steps: - simulating a set of possible attack sequences from the threat; - processing the set of attack sequences to obtain a set of semantic graphs representing the set of attack sequences; while the system (10) is in use, the method comprises the following steps: - measuring the presence of a suspicious element present in the operating system (10) by means of a presence sensor (30); - comparing the measurements with the set of semantic graphs and determining a level of correlation between the measurements and each of the semantic graphs; - issuing an alert when at least one of the determined levels of correlation is higher than a predetermined alert threshold. |
---|