attack patterns


An attack pattern is a recurring pattern of actions that show an attack as such. They are often used by antivirus programs. Edit the source text

In the computer world, attack patterns are used, for example, in intrusion detection systems (IDS) to determine whether a particular system is currently under attack by hackers (white-hat) or attacked (black-hat). Such a typical pattern can only be created after a successful attack. If it is determined that an attack takes place on certain successive actions, the sequence of these actions can be used as a pattern for attack detection in the future. These attack patterns are often created by IDS vendors or antivirus programs and sold to their users. Edit the error code

The error possibilities are manifold because a sequence of certain actions does not necessarily have to be an attack. A normal process, which is marked as an attack by pattern recognition, ie a false alarm, is called False Positive. If an attack is not detected because the pattern has changed sufficiently or a new attack occurs, the incident is not recognized at all; this is called False Negative.

wiki

Popular Posts