NETWORK SECURITY SYSTEM WITH CUSTOMIZABLE RULE-BASED ANALYTICS ENGINE FOR IDENTIFYING APPLICATION LAYER VIOLATIONS

NETWORK SECURITY SYSTEM WITH CUSTOMIZABLE RULE-BASED ANALYTICS ENGINE FOR IDENTIFYING APPLICATION LAYER VIOLATIONS

Methods, devices, and storage media storing instructions to obtain logs from a security device and one or multiple service-providing devices, wherein the logs include information pertaining to traffic flow activity at an application layer associated with a service; store rules that identify behavior...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: SCARBROUGH RACHEL LEE, NICHOLSON MARK A, FERDINAND SHAWN, HALTOM JEFFREY ALLEN
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Methods, devices, and storage media storing instructions to obtain logs from a security device and one or multiple service-providing devices, wherein the logs include information pertaining to traffic flow activity at an application layer associated with a service; store rules that identify behavior ranging from unintentional through intentional for one or multiple communication layers including an application layer; interpret the logs based on the rules; determine whether a violation exists based on the interpreting; and generate a notification that indicates the violation exists in response to a determination that the violation exists.