发明申请
- 专利标题: System and method for intrusion decision-making in autonomic computing environments
- 专利标题(中): 自主计算环境中入侵决策的系统和方法
-
申请号: US10865697申请日: 2004-06-10
-
公开(公告)号: US20050278178A1公开(公告)日: 2005-12-15
- 发明人: Janice Girouard , Emily Ratliff , Kimberly Simon
- 申请人: Janice Girouard , Emily Ratliff , Kimberly Simon
- 申请人地址: US NY Armonk
- 专利权人: International Business Machines Corporation
- 当前专利权人: International Business Machines Corporation
- 当前专利权人地址: US NY Armonk
- 主分类号: G06F21/00
- IPC分类号: G06F21/00 ; G10L11/00
摘要:
A mechanism is provided for performing intrusion decision-making using a plurality of approaches. Detection approaches may include, for example, signature-based, anomaly-based, scan-based, and danger theory approaches. When event information is received, each approach produces a result. A consensus of each result is then reached by using, for example, Bayesian Filtering. A corpus is kept for each approach. An intrusion corpus keeps combinations of the corpora for all of the approaches that constitute intrusions. A safe corpus keeps combinations of the corpora for all of the approaches that do not constitute an intrusion. The corpora for the approaches may be pre-defined according to security policies and the like. The intrusion corpus and the safe corpus may be trained using scores that are determined using the detection approaches.