The present invention relates to network systems and, more particularly, to systems and methods for detecting attacks to network systems.
Presently, in conventional intrusion detection systems, all packets are detected and reported ahead without a systematic technique to filter out those deemed to be of interest in a particular situation. Higher transmission speeds and new attack patterns can overwhelm such a monolithic arrangement of “mass detection and reporting.” Thus, there remains a need for a more effective process of filtering detected events.