| 发明名称 |
DETECTING DEVICE FOR INDUSTRIAL CONTROL NETWORK INTRUSION AND DETECTING METHOD OF THE SAME |
| 摘要 |
According to an embodiment of the present invention, a device for detecting intrusion into a control network connected to control facilities via the control network, comprises: a flow information extraction unit parsing packets collected via the control network to extract flow information; a flow information management unit generating a flow table by using the flow information; a flow pattern information generation unit analyzing the flow information stored in the flow table to generate flow pattern information; a setup information collection unit collecting setup information from the control facilities via the network; and a determination unit determining whether a flow corresponding to the flow information is normal by using the flow information transmitted from the flow information management unit, the flow pattern information transmitted from the flow pattern information generation unit and the setup information transmitted from the setup information collection unit. |
| 申请公布号 |
KR20150081889(A) |
申请公布日期 |
2015.07.15 |
| 申请号 |
KR20140001838 |
申请日期 |
2014.01.07 |
| 申请人 |
ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE |
发明人 |
HEO, YOUNG JUN;SOHN, SEON GYOUNG;NA, JUNG CHAN;KANG, DONG HO;KIM, BYOUNG KOO |
| 分类号 |
H04L12/26;H04L12/801 |
主分类号 |
H04L12/26 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
