公开(公告)号：US20100097945A1

公开(公告)日：2010-04-22

申请号：US12255037

申请日：2008-10-21

申请人： Michael Raftelis ,  Dagash Mohamed

发明人： Michael Raftelis ,  Dagash Mohamed

IPC分类号： G06F11/30

CPC分类号： H04L63/1441

摘要： This description provides tools and techniques for centralized analysis and management of network packets. These tools may provide methods that include storing network packets as identified by packet-detecting devices within networks. These methods may also define baseline behavior patterns applicable to the network, as well as thresholds applicable to deviations in network behavior, relative to the baseline behavior patterns. These methods may also identify attacks against the network, as exhibited by deviations in the behavior patterns that exceed the threshold.

摘要翻译： 本说明书为网络数据包的集中分析和管理提供了工具和技术。 这些工具可以提供包括存储由分组检测设备在网络内标识的网络分组的方法。 这些方法还可以定义适用于网络的基线行为模式以及相对于基线行为模式适用于网络行为偏差的阈值。 这些方法还可以识别对网络的攻击，如超出阈值的行为模式的偏差所示。