FIELD: information security.
SUBSTANCE: system for automatic assessment of the quality of network traffic signatures, including an event collection module, a crucial signature list, an analyzing module, and a final aggregation module, differs in that it includes a preaggregation module, which is made with the possibility of continuous processing of unprocessed data and resource-intensive calculations, wherein the event collection module is connected to the preaggregation module, which is connected to the analyzing module and/or the final aggregation module, wherein the analyzing module is also connected to the final aggregation module, and the crucial signature list is connected to the event collection module and to the final aggregation module.
EFFECT: increase in the accuracy of detection of malicious activity in a network.
20 cl, 10 dwg
| Title | Year | Author | Number |
|---|---|---|---|
| SYSTEM AND METHOD OF AUTOGENERATION OF DECISION RULES FOR INTRUSION DETECTION SYSTEMS WITH FEEDBACK | 2016 |
|
RU2634209C1 |
| METHOD FOR AUTOMATIC ADJUSTMENT OF SECURITY MEANS | 2012 |
|
RU2514137C1 |
| PROTECTION METHOD OF VEHICLE CONTROL SYSTEMS AGAINST INTRUSIONS | 2019 |
|
RU2737229C1 |
| METHOD AND SYSTEM FOR SEARCHING FOR SIMILAR MALWARE BASED ON RESULTS OF THEIR DYNAMIC ANALYSIS | 2020 |
|
RU2738344C1 |
| SYSTEM AND METHOD FOR OPTIMISING EXECUTION OF ANTIVIRUS TASKS IN LOCAL AREA NETWORK | 2010 |
|
RU2453917C1 |
| PROTECTION FROM EXPLOITATION OF SOFTWARE VULNERABILITY | 2007 |
|
RU2417429C2 |
| AUTOMATED SAFETY ASSESSMENT OF BUSINESS-CRITICAL COMPUTER SYSTEMS AND RESOURCES | 2011 |
|
RU2657170C2 |
| SYSTEM AND METHOD OF CORRELATING EVENTS FOR DETECTING INFORMATION SECURITY INCIDENT | 2019 |
|
RU2739864C1 |
| METHOD OF DETECTING AND COUNTERACTING DISTRIBUTION OF MALICIOUS PROGRAMS IN COMPUTER NETWORK | 2023 |
|
RU2818022C1 |
| METHOD FOR ADJUSTING THE PARAMETERS OF A MACHINE LEARNING MODEL IN ORDER TO IDENTIFY FALSE TRIGGERING AND INFORMATION SECURITY INCIDENTS | 2020 |
|
RU2763115C1 |
