-
公开(公告)号:US11444971B2
公开(公告)日:2022-09-13
申请号:US17064010
申请日:2020-10-06
申请人: Nozomi Networks Sagl
IPC分类号: H04L9/40
摘要: The present invention relates to a method for assessing the quality of network-related Indicators of Compromise comprising the phase of calculating, by a computerized data processing unit, a quality score for Indicators of Compromise of the IP Address type, the steps of assigning an autonomous system score of the IP Address according to a predefined range of values based on a database of autonomous system owners, assigning a subnet score of said IP Address according to a predefined range of values based on a database of subnet owners, assigning a services hosted score of the IP Address according to a predefined range of values based on known malicious services hosted by the IP Address before the phase of calculating the quality score, calculating the IP Address quality score as sum of the autonomous system score, subnet score and services hosted score and wherein the method comprises a phase of evaluating the calculated quality score comprises, for each of the Indicators of Compromise of the IP Address type, the step of assessing the Indicators of Compromise of the IP Address type as malicious when the IP Address quality score exceed a predefined IP Address quality threshold.
搜索结果
1 条记录 (耗时 0.01 秒)
筛选
AND
AND
过滤
NOT
NOT
扫码加群
