发明名称 |
NETWORK BASED IDS |
摘要 |
PURPOSE: A network based IDS(Intrusion Detection System) is provided to enhance a packet catch performance by catching a small size packet in a high speed network without a loss and to fast and exactly detect the misuse and the abnormal activity in the network. CONSTITUTION: The system comprises an intrusion detect sensor(130) detecting the misuse through the pattern matching after collecting the packets by connecting to the network, and an intrusion detect server generating a normal profile for each source by receiving the packets collected by the intrusion detect sensor and detecting the abnormal activity. The intrusion sensor includes a packet collecting and distributing part collecting and distributing the packet from the network, a pattern matching part detecting the intrusion by comparing the packet transferred from the packet collecting and distributing part with the previously stored pattern, a packet filtering and dissembling part dissembling the packet from the pattern matching part, and a distributing part for transferring the data from the packet filtering and dissembling part to the intrusion detect server.
|
申请公布号 |
KR20020072618(A) |
申请公布日期 |
2002.09.18 |
申请号 |
KR20010012532 |
申请日期 |
2001.03.12 |
申请人 |
INSTITUTE INFORMATION TECHNOLOGY ASSESSMENT;SEVOI CO., LTD. |
发明人 |
CHOI, GYEONG HUI;JUNG, GI HYEON |
分类号 |
G06F15/00;(IPC1-7):G06F15/00 |
主分类号 |
G06F15/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|