DETECTION AND IDENTIFICATION OF TARGETED ATTACKS ON A COMPUTING SYSTEM

DETECTION AND IDENTIFICATION OF TARGETED ATTACKS ON A COMPUTING SYSTEM

Malicious activity data is obtained, that is indicative of attempted attacks on a computing system. Clusters of targets are identified and it is determined whether the malicious activity preferentially targets one cluster of targets over other. Also, low prevalence attacks are identified and it is d...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: VETRIVEL, Puhazholi, NEWMAN, Philip K, PALANI, Suresh C, MISHRA, Ashish, NARAYANAMURTHY, Sudhakar, OFUONYE, Ejike E
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Malicious activity data is obtained, that is indicative of attempted attacks on a computing system. Clusters of targets are identified and it is determined whether the malicious activity preferentially targets one cluster of targets over other. Also, low prevalence attacks are identified and it is determined whether a low prevalence attack has a high concentration in one or more of the target clusters. If the malicious activity either preferentially targets a cluster, or a low prevalence attack has a high concentration in a cluster, then the attack is identified as a targeted attack, so that remediation steps can be taken.