Process Monitoring System Based on Anomaly Detection Statistics Algorithm
In order to find more efficient and handle the internal network threat with the LAN network threat warning and real-time processing, remote process monitoring and management of computer systems is used in this paper. By getting the system process handle on the local computer, realizes the acquisition of the threat source information of the system. By customization of the application layer protocol AMCP, realizes the efficient information transmission between server and client. In order to enhance the reliability of the system security threat model, the System security threat information is analysised with the anomaly detection algorithm based on statistics. Analysis of the test data shows that: through getting the system process handle on the local computer, the system treating information can be obtained. Through the security threat model based the anomaly detection algorithm based on statistics, network threat is dealed efficiently and real time.