| 摘要 |
PURPOSE: A network protection system and an operating method thereof are provided to implement a kernel as an intrusion detection engine, and to install the kernel on stream paths of each data, so as to cut off error generating data before the error generating data are transmitted to a target computer system. CONSTITUTION: An IDS(Intrusion Detection System) installed on a data transfer path between a hub and a network forms session connection with the data transfer path through an NIC(Network Interface Card)(S110). The IDS receives data packets delivered through the session(S120). An interrupt unit of the IDS delivers the received data packets to an IDS kernel(S130). The IDS kernel interworks with an MDB(Memory DataBase), to check errors of the data packets and perform defense for the error(S140). If errors are generated in the data packets, the IDS kernel disallows transmission of the data packets to a target computer system and stores details on the error(S150), then disconnects the session(S160). If an error is not generated in the data packets, the IDS kernel allows transmission of the data packets and stores details thereon(S170), then transmits the data packets to the target computer system(S180).
|
