×

Method of generating security rule-set and system thereof

  • US 9,021,549 B2
  • Filed: 01/02/2014
  • Issued: 04/28/2015
  • Est. Priority Date: 12/16/2010
  • Status: Active Grant
First Claim
Patent Images

1. A method of generating a security rule-set using a computer comprising a processor operatively coupled to a memory, the method comprising:

  • a. obtaining in the memory a group of log records of communication events resulting from traffic related to a security gateway;

    b. providing by the processor the following;

    i. generating a first rule-set of permissive rules, said set covering the obtained group of log records;

    ii. selecting in the first rule-set a rule with the maximal ratio between a number of log records covered by the selected rule and the volume of the address space of the selected rule;

    iii. including the selected rule into a second rule-set;

    iv. amending the first rule-set of permissive rules to cover only log records from the obtained group of log records that are non-overlapping with the address space of the selected rules in the second rule-set;

    v. repeating steps ii)-iv) thereby generating a rule-set of non-overlapping rules covering the obtained group of log records, the generated rule-set corresponding to the second rule-set after the obtained group of log records comprises no records that are non-overlapping with the address space of the selected rules in the second rule-set; and

    vi. generating an operational rule-set by processing the generated rule-set of non-overlapping rules, said processing including mapping the generated rule-set of non-overlapping rules to the obtained group of log records.

View all claims
  • 5 Assignments
Timeline View
Assignment View
    ×
    ×