APPARATUS FOR DETECTING AND PREVENTING APPLICATION LAYER DISTRIBUTE DENIAL OF SERVICE ATTACK AND METHOD
摘要
PURPOSE: A device and a method for detecting and blocking service attack of applied layer distribution are provided to enable a general user to continuously use a service by removing only attacker traffic by exactly extracting an internet address of an attacker. CONSTITUTION: An information collecting unit(104) monitors a service request packet which a plurality of server and a client request during a preset monitoring time. The information collecting unit collects data information transmitted by applied layer. A monitoring unit(106) set the monitoring time. The monitoring unit extracts traffic information in data information collected during a set monitoring time. An analyzing unit(108) determines whether an attack traffic exists or not by comparing the extracted traffic information with a previously learned traffic model.
申请公布号
KR20110022141(A)
申请公布日期
2011.03.07
申请号
KR20090079569
申请日期
2009.08.27
申请人
ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
发明人
CHOI, YANG SEO;OH, JIN TAE;JANG, JONG SOO;LEE, YOU RI;NA, JUNG CHAN;CHO, HYUN SOOK