发明申请
US20070107052A1 Method and apparatus for monitoring operation of processing systems, related network and computer program product therefor
审中-公开
用于监控处理系统,相关网络和计算机程序产品的操作的方法和装置
- 专利标题: Method and apparatus for monitoring operation of processing systems, related network and computer program product therefor
- 专利标题(中): 用于监控处理系统,相关网络和计算机程序产品的操作的方法和装置
-
申请号: US10582848申请日: 2003-12-17
-
公开(公告)号: US20070107052A1公开(公告)日: 2007-05-10
- 发明人: Gianluca Cangini , Gerardo Lamastra , Francesco Coda Zabetta , Paolo Abeni , Madalina Baltatu , Rosalia D'Alessandro , Stefano Brusotti , Sebastiano Di Paola , Manuel Leone , Federico Frosali
- 申请人: Gianluca Cangini , Gerardo Lamastra , Francesco Coda Zabetta , Paolo Abeni , Madalina Baltatu , Rosalia D'Alessandro , Stefano Brusotti , Sebastiano Di Paola , Manuel Leone , Federico Frosali
- 国际申请: PCT/EP03/14385 WO 20031217
- 主分类号: G06F12/14
- IPC分类号: G06F12/14
摘要:
Apparatus for monitoring operation of a processing system includes a set of modules for monitoring operation of a set of system primitives that allocate or release the system resources and are used by different processes running on the system. Preferably, the modules include at least one application knowledge module tracking the processes running on the system and monitoring the resources used thereby, a network knowledge module monitoring connections by the processes running on the system, a file-system analysis module monitoring the file-related operations performed within the system, and a device monitoring module monitoring operation of commonly used modules with the system. A preferred field of application is in host-based intrusion detection systems.
信息查询
