Adaptive System and Method for Responding to Computer Network Security Attacks

Abstract

A dynamic network security system (20) responds to a security attack (92) on a computer network (22) having a multiplicity of computer nodes (24). The security system (20) includes a plurality of security agents (36) that concurrently detect occurrences of security events (50) on associated computer nodes (24). A processor (40) processes the security events (50) that are received from the security agents (36) to form an attack signature (94) of the attack (92). A network status display (42) displays multi-dimensional attack status information representing the attack (92) in a two dimensional image to indicate the overall nature and severity of the attack (92). The network status display (42) also includes a list of recommended actions (112) for mitigating the attack. The security system (20) is adapted to respond to a subsequent attack that has a subsequent signature most closely resembling the attack signature (94).

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jul 11, 2002
Accession Number
ADA412132

Entities

People

  • Douglas W. Hill
  • James T. Lynn

Organizations

  • Motorola Mobility

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Adaptive Systems
  • Analyzers
  • Computer Network Security
  • Computer Networks
  • Computers
  • Control Systems
  • Cybersecurity
  • Databases
  • Detection
  • Detectors
  • Digital Communications
  • Information Operations
  • Intrusion Detection
  • Malware
  • Neural Networks
  • Trojan Horse
  • Two Dimensional

Fields of Study

  • Computer science
  • Mathematics

Readers

  • Computational Modeling and Simulation
  • Computer Networking
  • Cybersecurity.

Technology Areas

  • Cyber