상세정보
등록 규칙기반 물리/IT 보안 이벤트 연관성 분석 장치 및 방법
- 출원번호
- 13714362 (2012.12.13)
- 공개번호
- 20130160074 (2013.06.20)
- 등록번호
- 9158894 (2015.10.13)
- 출원국
- 미국
- 협약과제
- 11MS2500, 산업시설 정보자산 보호용 공간연동 침입 탐지 및 대응 기술 개발, 나중찬
- 초록
- An apparatus for analyzing rule-based security event association includes a rule management unit to check whether an security event is a candidate security event requiring association analysis, and an event management unit to analyze the candidate security event and check whether the analyzed security event is the candidate security event requiring association analysis. An association processing unit analyzes whether an association event of a rule DB corresponding to a user ID of the candidate security event is matched with a user event list to generate an association analysis result.
- KSP 제안 키워드
- Event Management, Processing unit, Rule management, Rule-based, User ID, association analysis, security event