-
公开(公告)号:US20170149830A1
公开(公告)日:2017-05-25
申请号:US15065179
申请日:2016-03-09
Inventor: Sung-Ho KIM , Sung-Il LEE , Su-Chul LEE , Han-Jun YOON , Do-Hoon LEE
IPC: H04L29/06
CPC classification number: H04L63/20 , H04L63/1408 , H04L63/1416 , H04L63/1425
Abstract: Disclosed herein are an apparatus and method for automatically generating a detection rule. The apparatus automatically generating a detection rule includes an analysis unit for analyzing network traffic of an input malicious traffic file, a malicious signature extraction unit for extracting a malicious signature from the malicious traffic file, and a detection rule generation unit for generating a detection rule using both the extracted malicious signature and information about packets of the malicious traffic file.
-
公开(公告)号:US20170149831A1
公开(公告)日:2017-05-25
申请号:US15066208
申请日:2016-03-10
Inventor: Sung-Ho KIM , Sung-Il LEE , Su-Chul LEE , Han-Jun YOON , Do-Hoon LEE
CPC classification number: H04L63/20 , G06N7/005 , H04L63/1416
Abstract: Disclosed herein are an apparatus and method for verifying a detection rule. The apparatus for verifying a detection rule includes a grammar checking unit for checking for a grammatical error in a loaded detection rule, a false-positive rate calculation unit for calculating a false-positive rate of the loaded detection rule by applying a latent Dirichlet allocation algorithm to a signature used in the detection rule, and a similarity checking unit for checking similarity between the detection rule and an existing pre-stored detection rule.
-
Search Results
2
records
(took 0.014 seconds)
