Fandom

The IT Law Wiki

Automated attack detection, warning, and response

32,191pages on
this wiki
Add New Page
Talk0 Share

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Overview Edit

Automated attack detection, warning, and response capabilities enable systems and networks to recognize that they are under attack, respond defensively, and alert human operators. Today’s static signature- and rule-based technologies can detect certain types of network disturbances and can respond by alerting human operators. But these technologies generally cannot recognize novel forms of attack, and they have limited abilities to automatically act to defend the system and make repairs to keep it functioning.

Automated attack detection requires next-generation tools based not only on predefined signatures but also on technologies based on dynamic learning techniques. These techniques must be integrated and sensors distributed at the host and network layers in order to provide coverage of both outsider and insider threats.

Automated responses should include not only warnings but defensive actions that occur within the propagation time of an attack in order to mitigate it.

Also on Fandom

Random Wiki