USER IDENTIFICATION METHOD OF ATTACK/ANOMALY TRAFFIC IN MOBILE COMMUNICATION NETWORK
摘要
<p>The present invention relates to a method for identifying attacking/abnormal traffic inducing users in a mobile communication network, the method comprising the steps of: collecting and analyzing a GTP user (GTP-U) message to detect attacking/abnormal traffic; extracting a key to be used for referring to an index hash table from the GTP-U message detected as the attacking/abnormal traffic; referring to the index hash table for an index value using the extracted key; referring to a session hash table using the index value; and identifying attacking/abnormal traffic inducing user using session information retrieved from the session hash table.</p>
申请公布号
KR101501670(B1)
申请公布日期
2015.03.12
申请号
KR20130149106
申请日期
2013.12.03
申请人
KOREA INTERNET & SECURITY AGENCY
发明人
IM, CHAE TAE;OH, JOO HYUNG;KIM, SE KWON;CHO, JUN HYUNG;JANG, WOUNG;KOO, BON MIN;PARK, SEONG MIN;WOO, SU JEONG