Detection of an attack such as a pre-attack on a computer network

   
   

A computer program detects a potential attack on a computer network. A list E is made from network traffic data including source and destination addresses of traffic on the network. The list E includes all source addresses in the data which are not allocated to the network and are not in a list X. A first address in list E is chosen. A number of data entries including A and B and representing network traffic passing between source address A, chosen from list E, and destination address B, allocated to the network, is counted. If the number of such data entries is more than T, address A is output, thereby identifying address A as a potential source of attack. If it is determined that any entries in list E are left, the next address in list E is moved to, and the counting, outputting and determining is repeated, otherwise, stopping.

 
Web www.patentalert.com

< Charging device having curved grid

< Routing arbiter for data network switching

> Method and apparatus for sharing an interrupt between disk drive interfaces

> Data backup method of using storage area network

~ 00123