发明名称 |
Alert transmission apparatus and method for policy-based intrusion detection and response |
摘要 |
An alert transmission apparatus for a policy-based intrusion detection and response has a central policy server (CPS) and an intrusion detection and response system (IDRS). In the CPS, a policy management tool generates security policy information and then stores the generated security policy information in a policy repository. A COPS-IDR server sends the information to the IDRS and an IDMEF-XML-type alert transmission message to a high-level module. An IDMEF-XML message parsing and translation module stores a parsed and translated IDMEF-XML-type alert transmission message in an alert DB or provides the message to an alert viewer. In the IDRS, a COPS-IDR client generates the IDMEF-XML-type alert transmission message and provides the message to the CPS. An intrusion detection module detects an intrusion. An intrusion response module responds to the intrusion. An IDMEF-XML message building module generates an IDMEF-XML alert message and provides the message to the COPS-IDR client.
|
申请公布号 |
US7386733(B2) |
申请公布日期 |
2008.06.10 |
申请号 |
US20030448414 |
申请日期 |
2003.05.30 |
申请人 |
ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE |
发明人 |
YOON SEUNG YONG;AHN GAE II;KIM KI YOUNG;JANG JONG SOO |
分类号 |
G06F11/00;H04L12/22;G06F11/30;G06F12/14;H04B17/00;H04L29/06 |
主分类号 |
G06F11/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|