公开(公告)号：US20050144480A1

公开(公告)日：2005-06-30

申请号：US11009207

申请日：2004-12-10

申请人： Young Tae Kim ,  Ho Jae Lee ,  Chung Sup Choi ,  Kang Shin Lee ,  Hong Sub Lee

发明人： Young Tae Kim ,  Ho Jae Lee ,  Chung Sup Choi ,  Kang Shin Lee ,  Hong Sub Lee

IPC分类号： G06F15/00 ,  H04L9/32

CPC分类号： H04L63/1433 ,  G06N7/005

摘要： The present invention relates to a method of risk analysis in an automatic intrusion response system that provides computer-related security in a large scale dynamic network environment, comprising: (a) classifying intrusion detection information by using IDMEF data model; (b) establishing a risk assessment knowledge base; (c) learning rules of said knowledge base; and (d) assessing the risk level of an external attack based upon said knowledge base. Said risk level is determined by parameters such as intrusion detection information, weakness information, network bandwidth, system performance and importance, and frequency of attacks, etc.

摘要翻译： 本发明涉及一种在大规模动态网络环境中提供计算机相关安全性的自动入侵应答系统中的风险分析方法，包括：（a）通过使用IDMEF数据模型对入侵检测信息进行分类; （b）建立风险评估知识库; （c）知识库的学习规则; 和（d）根据所述知识库评估外部攻击的风险等级。 所述风险等级由诸如入侵检测信息，弱点信息，网络带宽，系统性能和重要性以及攻击频率等参数确定。