发明名称 |
INTRUSION DETECTION SYSTEM CAPABLE OF CONTROLLING ACCESS AND METHOD FOR RESPONDING INTRUSION |
摘要 |
PURPOSE: An intrusion detection system capable of controlling access and a method for responding the intrusion are provided to solve the difficulties for setting an intrusion responding function by providing an intrusion function according to a usage of an intrusion detection method. CONSTITUTION: All traffics to a network having a monitoring target server(110) from an external or internal network(100) are collected by a data collector(120), filtered by a data filtering and condensing part(130) and reported to the warning and reporting part(150) if the traffic is judged as the intrusion. An intrusion responding part(160) carries out a responding activity. The intrusion detector comprises a security policy violation detector(141), a misuse detector(142), an abnormal activity detector(143) and a re-analyzer(144). The intrusion responding part carries out the responding activity by linking with a general intrusion responding part(161) carrying out the general responding function such as an alarm, logging-in and an access cancellation. The access control system linking part generates an access control rule and transfers a filtering rule to a network or a host access control system(170,180).
|
申请公布号 |
KR20020062071(A) |
申请公布日期 |
2002.07.25 |
申请号 |
KR20010003296 |
申请日期 |
2001.01.19 |
申请人 |
INFOSEC TECHNOLOGIES CO., LTD. |
发明人 |
KIM, DONG UK;KIM, GI HYEON;PARK, BYEONG UK |
分类号 |
G06F15/00;(IPC1-7):G06F15/00 |
主分类号 |
G06F15/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|