发明名称 |
System and method for preventing intrusion of abnormal GTP packet |
摘要 |
Provided are a system and method for preventing the intrusion of an abnormal GPRS tunneling protocol (GTP) packet. The system includes: a system management unit including a monitoring unit which monitors a state of the system and a mode changing unit which changes an operation mode of the system based on the state of the system; a packet capture unit including a packet management unit which stores information about a GTP packet based on the operation mode of the system and a detection result checking unit which determines whether to drop the GTP packet; and a packet detection unit including a packet parsing unit which parses the information about the GTP packet and a packet analysis unit which analyzes the parsed information about the GTP packet, wherein the operation mode of the system is an intrusion prevention system (IPS) mode or a bypass mode. |
申请公布号 |
US8948019(B2) |
申请公布日期 |
2015.02.03 |
申请号 |
US201213549273 |
申请日期 |
2012.07.13 |
申请人 |
Korea Internet & Security Agency |
发明人 |
Kang Dong Wan;Oh Joo Hyung;Kim Se Kwon;Cho Jung Sik;Im Chae Tae |
分类号 |
G06F11/00 |
主分类号 |
G06F11/00 |
代理机构 |
Holland & Knight LLP |
代理人 |
Holland & Knight LLP ;Colandreo, Esq. Brian J.;Placker, Esq. Jeffrey T. |
主权项 |
1. A system for preventing the intrusion of an abnormal GPRS tunneling protocol (GTP) packet, the system comprising:
a system management unit comprising a monitoring unit which monitors a state of the system and a mode changing unit which changes an operation mode of the system based on the state of the system; a packet capture unit comprising a packet management unit which stores information about a GTP packet based on the operation mode of the system and a detection result checking unit which determines whether to drop the GTP packet; and a packet detection unit comprising a packet parsing unit which parses the information about the GTP packet and a packet analysis unit which analyzes the parsed information about the GTP packet, wherein the operation mode of the system comprises an intrusion prevention system (IPS) mode or a bypass mode. |
地址 |
Seoul KR |