Hierarchy-based method and apparatus for detecting attacks on a computer system
First Claim
Patent Images
1. A method of provisioning a computer against computer attacks, comprising:
- categorizing different computer attacks and counter measures into a plurality of categories each associated with at least one of a plurality of different target platforms;
constructing a hierarchy characterizing the different computer attacks and counter measures;
traversing said hierarchy to identify the computer attacks and counter measures relevant to a particular one of the different target platforms utilizing the catezorization by identifying the different computer attacks and counter measures categorized into one of the categories associated with the particular one of the different target platforms;
collecting detection and protection measures in response to said traversing; and
downloading said detection and protection measures to a security sensor associated with said target platform;
wherein the target platform is categorized to facilitate provisioning the computer against computer attacks.
12 Assignments
0 Petitions
Accused Products
Abstract
A method of provisioning a computer against computer attacks includes constructing a hierarchy characterizing different computer attacks and counter measures, and traversing this hierarchy to identify computer attacks and countermeasures relevant to a target platform. Detection and protection measures are collected in response to this traversing. These detection and protection measures are then downloaded to a security sensor associated with the target platform.
214 Citations
23 Claims
-
1. A method of provisioning a computer against computer attacks, comprising:
-
categorizing different computer attacks and counter measures into a plurality of categories each associated with at least one of a plurality of different target platforms; constructing a hierarchy characterizing the different computer attacks and counter measures; traversing said hierarchy to identify the computer attacks and counter measures relevant to a particular one of the different target platforms utilizing the catezorization by identifying the different computer attacks and counter measures categorized into one of the categories associated with the particular one of the different target platforms; collecting detection and protection measures in response to said traversing; and downloading said detection and protection measures to a security sensor associated with said target platform; wherein the target platform is categorized to facilitate provisioning the computer against computer attacks.
-
-
2. A method of provisioning a computer against computer attacks, comprising:
-
categorizing different computer attacks or counter measures into a plurality of categories each associated with at least one of a plurality of different target platforms; identifying computer attacks or counter measures relevant to a particular one of the different target platforms utilizing the categorization, by identifying the different computer attacks or counter measures categorized into one of the categories associated with the particular one of the different target platforms; collecting detection and protection measures in response to the identification; and downloading the detection and protection measures to a security sensor associated with the target platform. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 20, 21, 22, 23)
-
-
18. A computer program product for provisioning a computer against computer attacks, comprising:
-
computer code for categorizing different computer attacks or counter measures into a plurality of catagories each associated with at least one of a plurality of different target platforms; computer code for identifying computer attacks or counter measures relevant to a particular one of the different target platforms utilizing the categorization, by identifying the different computer attacks or counter measures categorized into one of the categories associated with the particular one of the different target platforms; computer code for collecting detection or protection measures in response to the identification; and computer code for downloading the detection or protection measures to a security sensor associated with the target platform.
-
-
19. A system for provisioning a computer against computer attacks, comprising:
-
logic for categorizing different computer attacks or counter measures into a plurality of categories each associated with at least one of a plurality of different target platforms; logic for identifying computer attacks or counter measures relevant to a particular one of the different target platforms utilizing the categorization, by identifying the different computer attacks or counter measures categorized into one of the categories associated with the particular one of the different target platforms; logic for collecting detection and protection measures in response to the identification; and logic for downloading the detection and protection measures to a security sensor associated with the target platform.
-
Specification