System, method, and program product for managing an intrusion detection system

Assignee

• International Business Machines Corporation · US

Inventors

• Kevin D. Himberger · Durham, US
• Clark Debs Jeffries · Durham, US
• David M. McMillen · Ramapo, US
• John Ziraldo · King City, CA

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/1433
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

An intrusion event detection system, method, and program product with an enumeration of specific known benign intrusion events, and performing a vulnerability test on specific elements of the computer system for the particular known benign intrusion event. These vulnerability tests are performed at predetermined time intervals measured from a previous test or previous intrusion event of the known benign intrusion event. The predetermined time interval is increased based on various attributes, passage of time since the last intrusion event of either the specific known benign intrusion event or another known benign intrusion event, or even a an undetermined or harmful intrusion event, or the present detection of an intrusion even; or the vulnerability of a specific element in the computer system to a specific intrusion event.