摘要 |
A dynamic network security system and its control method are provided to allow an IDS(Intrusion Detection System) not to check whether intrusion is detected or select the number of checked packets by setting a pattern check rule and giving flexibility to the set pattern check rule. An intrusion detection module, which includes an attack signal check module(111) and an IP/Port check module, stores communication information of a correspondent device for applying or not applying a provided intrusion detection function, checks communication information of a received packet according to the stored communication information, and determines whether to apply the intrusion detection function. A VoIP(Voice over Internet Protocol) signaling processing unit(210) obtains correspondent device communication information for determining whether to apply the intrusion detection function through a VoIP signaling with the correspondent device, and provides the obtained correspondent device communication information to the intrusion detection module.
|