×

Automatic Categorization of IDPS Signatures from multiple different idps systems

  • US 20170331841A1
  • Filed: 05/11/2016
  • Published: 11/16/2017
  • Est. Priority Date: 05/11/2016
  • Status: Active Grant
First Claim
Patent Images

1. A method, comprising:

  • accessing unknown and reference signatures, wherein the unknown and reference signatures indicate patterns that correspond to known threats to resources in a computer environment and comprise a plurality of descriptive elements having information describing different aspects of a corresponding signature;

    creating a set of similarity measures of the unknown and reference signatures from different perspectives, each perspective corresponding to a descriptive element;

    integrating the set of similarity measures to generate an overall similarity metric;

    using the overall similarity metric to find appropriate categories in the reference signatures into which the unknown signatures should be placed;

    placing the unknown signatures into the appropriate categories to create a mapping from the unknown signatures to the reference signatures; and

    outputting the mapping for use by an intrusion detection and prevention system for determining whether a threat has occurred to the resources in the computer environment.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×