INTRUSION DETECTION METHOD AND APPARATUS USING APPLICATION PROTOCOL INFERENCE
摘要
PURPOSE: A network intrusion detection method and apparatus using application protocol inference are provided to prevent the waste of resources and time by creating a protocol model without previous examination for target services. CONSTITUTION: A keyword extracting unit(140) extracts characters as keywords from a packet. A protocol extracting unit extracts a usage case of protocol using the keywords extracted by the keyword extracting unit. A model generating unit(160) creates a protocol model on the basis of stored PTA(Prefix Tree Acceptor). An intrusion detecting unit(170) executes network intrusion detection using the new protocol model.
申请公布号
KR20100073135(A)
申请公布日期
2010.07.01
申请号
KR20080131726
申请日期
2008.12.22
申请人
ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
发明人
YI, SUNG WON;MOON, HWA SHIN;OH, JIN TAE;JANG, JONG SOO;CHO, HYUN SOOK;PARK, SANG KIL