| 发明名称 |
INTRUSION DETECTION SYSTEM FALSE POSITIVE DETECTION APPARATUS AND METHOD |
| 摘要 |
Disclosed herein is an Intrusion Detection System (IDS) false positive detection apparatus and method. An IDS false positive detection apparatus includes a payload extraction unit for extracting payloads by dividing each packet corresponding to an IDS detection rule into a header and a payload. A false positive payload information generation unit generates false positive payload information required to identify a false positive payload by extracting a payload of a false positive packet based on results of packet analysis received from a manager. A false positive payload determination unit transmits results of a determination of whether each payload extracted by the payload extraction unit corresponds to a false positive payload, based on the false positive payload information, to the manager. |
| 申请公布号 |
US2015150132(A1) |
申请公布日期 |
2015.05.28 |
| 申请号 |
US201414470119 |
申请日期 |
2014.08.27 |
| 申请人 |
ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE |
发明人 |
LEE Taek kyu;KIM Geun Yong;LEE Seok won;CHOI Myeong Ryeol;OH Hyung Geun;SOHN KiWook |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. An Intrusion Detection System (IDS) false positive detection apparatus, comprising:
a payload extraction unit for extracting payloads by dividing each packet corresponding to an IDS detection rule into a header and a payload; a false positive payload information generation unit for generating false positive payload information required to identify a false positive payload by extracting a payload of a false positive packet based on results of packet analysis received from a manager; and a false positive payload determination unit for transmitting results of a determination of whether each payload extracted by the payload extraction unit corresponds to a false positive payload, based on the false positive payload information, to the manager. |
| 地址 |
Daejeon KR |
