diff --git a/lib/attack-signatures.sh b/lib/attack-signatures.sh
index b484de4..7af0147 100644
--- a/lib/attack-signatures.sh
+++ b/lib/attack-signatures.sh
@@ -255,10 +255,11 @@ check_attack_pattern() {
 }
 
 # Get all matching patterns across all categories
-# Usage: detect_all_attacks "$request_line"
+# Usage: detect_all_attack_signatures "$request_line"
 # Returns: max_severity|match_count|matches (space-separated)
 # Each match format: severity|category|pattern_name|description
-detect_all_attacks() {
+# Note: Renamed to avoid conflict with legacy detect_all_attacks in attack-patterns.sh
+detect_all_attack_signatures() {
     local request="$1"
     local matches=()
     local max_severity=0
diff --git a/lib/http-attack-analyzer.sh b/lib/http-attack-analyzer.sh
index c6c62c2..eba7a2c 100644
--- a/lib/http-attack-analyzer.sh
+++ b/lib/http-attack-analyzer.sh
@@ -43,7 +43,7 @@ Referer: $referer
 User-Agent: $user_agent"
 
     # Detect attacks using signature database
-    local attack_result=$(detect_all_attacks "$full_request" 2>/dev/null)
+    local attack_result=$(detect_all_attack_signatures "$full_request" 2>/dev/null)
 
     if [ -n "$attack_result" ]; then
         # Parse result: max_severity||match_count||matches...