The baseline references, which uniquely identify the execution of a given software routine, are extracted during a controlled “learning” phase before the system is deployed.
After the user has collected meaningful data, selection of “Baseline Extraction” guides the user through a series of straightforward steps to create the baseline.
Once the baseline is created, P2Scan monitors the user’s system with a simple button push. From that point, P2Scan continuously looks for deviations from the baseline to determine whether an intrusion has occurred. During Run-Time Monitoring, P2Scan provides a number of data views to allow the user to review and interpret the system performance in real time. A persistent graph provides a quick, easy display using colors to indicate status. For example, a “red” point indicates an intrusion.