Patent · US Active

Intrusion detection system alerts mechanism

US7991726B2 · kind B2 · utility

14Cited by

11References

20Claims

0Family size

Assignee

Bank of America Corporation · US

Inventors

Mian Zhou · Dallas, US
Sean Catlett · Dallas, US

Key dates

Filing date	Nov 30, 2007
Grant date	Aug 2, 2011
Priority date	—
Expiry date	Mar 15, 2030

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1416
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A system and method for analyzing Intrusion Detection System (IDS) alert data associated with a computer network is described. The method includes applying first association rules to obtained IDS alert data associated with a computer network and processing the obtained IDS alert data with the first association rules. Analyst feedback data associated with the processed obtained IDS alert data is received, and a training data set from the analyst feedback data is received. New association rules are determined based upon the training data set, and the new association rules are outputted to a display of a computing device. Outputting the new association rules may include outputting patterns within the IDS alert data of false positive alerts. The new association rules may be applied back to the obtained IDS alert data.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.