摘要 |
<p>The present invention relates to a harmful traffic detecting device including a hardware-based packet collecting device and a software-based packet collecting device. The hardware-based packet collecting device captures a packet transmitted through a network for monitoring, carries out a pattern matching test for a position of the packet, and outputs the packet by each flow by applying a hash key. The software-based packet collecting device carries out a pattern matching test for a particular position within the packets by flows which are output by the hardware-based packet collecting device, and outputs the result to netflow.</p> |