发明名称 |
PATTER-FREE INTERNET WORM RESPONSE SYSTEM AND METHOD FOR DETECTION, FORECASTING, AND ADAPTIVE COUNTERMEASURE |
摘要 |
N categorization of traffics, and a method and a system for detecting/warning an unknown Internet worm attack based on the same are provided to take gradual countermeasures by defining a predictable network or system damage state based on classified traffic property, and predict, forecast, and warn worm risk by quantifying the property of the previously grouped worms. A traffic classifier(500) generates the groups grouping traffic factors causing a similar result by collecting/classifying the traffics, which are generated by executing various worms. The traffic classifier defines the damage by classifying damage factors of the group into a plurality of layers and matching the countermeasure to each layer. A traffic collector(100) collects the new worm traffic generated by using the traffic property of the group defined in the traffic classifier. A forecasting, warning, and managing part(400) forecasts, warns, and manages the countermeasure of each layer of the most similar group by comparing similarity between the new worm traffic and each group.
|
申请公布号 |
KR20070066826(A) |
申请公布日期 |
2007.06.27 |
申请号 |
KR20060046245 |
申请日期 |
2006.05.23 |
申请人 |
ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE |
发明人 |
CHOI, DAE SIK;KIM, WOO NYON;KIM, DONG SU;LEE, CHEOL WON;PARK, EUNG KI |
分类号 |
G06F15/00;H04L9/00 |
主分类号 |
G06F15/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|