System and method for automating network intrusion training
First Claim
Patent Images
1. A system comprising:
- (a) a software service component configured as a simulation coordinator;
(b) a sensor component configured to detect patterns of network traffic;
(c) an intrusion detection management component;
(d) a database component configured to store patterns of intrusion scenarios;
(e) a software service component configured to provide intrusion simulation analysis; and
(f) a software application component configured as an intrusion simulation analyst interface;
whereby said software service component configured as a simulation coordinator will transmit a set of instructions to said sensor component, and said sensor component will send to said intrusion detection management component notifications of having received traffic as instructed by said software service component configured as a simulation coordinator.
0 Assignments
0 Petitions
Accused Products
Abstract
A system comprising a simulation coordinator, a sensor, and an intrusion detection management component to provide training of intrusion detection administrators by generating simulated notifications of network traffic associated with intrusions.
29 Citations
13 Claims
-
1. A system comprising:
-
(a) a software service component configured as a simulation coordinator; (b) a sensor component configured to detect patterns of network traffic; (c) an intrusion detection management component; (d) a database component configured to store patterns of intrusion scenarios; (e) a software service component configured to provide intrusion simulation analysis; and (f) a software application component configured as an intrusion simulation analyst interface; whereby said software service component configured as a simulation coordinator will transmit a set of instructions to said sensor component, and said sensor component will send to said intrusion detection management component notifications of having received traffic as instructed by said software service component configured as a simulation coordinator. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for automating network intrusion training, comprising:
-
(a) providing a software service for coordinating a simulation; (b) providing a sensor component configured to detect patterns of network traffic; (c) providing an intrusion detection management component; (d) providing a database component configured to store patterns of intrusion scenarios; (e) providing a software service for intrusion simulation analysis; and (f) providing a software application configured as an intrusion simulation analyst interface; whereby said software service for coordinating a simulation will transmit a set of instructions to said sensor component, and said sensor component will send to said intrusion detection management component notifications of having received traffic as instructed by said software service for coordinating a simulation. - View Dependent Claims (11, 12, 13)
-
Specification