发明申请
US20130160122A1 TWO-STAGE INTRUSION DETECTION SYSTEM FOR HIGH-SPEED PACKET PROCESSING USING NETWORK PROCESSOR AND METHOD THEREOF
有权
使用网络处理器进行高速分组处理的两级侵入检测系统及其方法
- 专利标题: TWO-STAGE INTRUSION DETECTION SYSTEM FOR HIGH-SPEED PACKET PROCESSING USING NETWORK PROCESSOR AND METHOD THEREOF
- 专利标题(中): 使用网络处理器进行高速分组处理的两级侵入检测系统及其方法
-
申请号: US13452894申请日: 2012-04-22
-
公开(公告)号: US20130160122A1公开(公告)日: 2013-06-20
- 发明人: Young-Han CHOI , Deok-Jin KIM , Sung-Ryoul LEE , Man-Hee LEE , Byung-Chul BAE , Sang-Woo PARK , E-Joong YOON
- 申请人: Young-Han CHOI , Deok-Jin KIM , Sung-Ryoul LEE , Man-Hee LEE , Byung-Chul BAE , Sang-Woo PARK , E-Joong YOON
- 申请人地址: KR Daejeon
- 专利权人: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
- 当前专利权人: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
- 当前专利权人地址: KR Daejeon
- 优先权: KR10-2011-0135926 20111215
- 主分类号: G06F21/00
- IPC分类号: G06F21/00 ; G06F11/00
摘要:
A system and method for detecting network intrusion by using a network processor are provided. The intrusion detection system includes: a first intrusion detector, configured to use a first network processor to perform intrusion detection on layer 3 and layer 4 of a protocol field among information included in a packet header of a packet transmitted to the intrusion detection system, and when no intrusion is detected, classify the packets according to stream and transmit the classified packets to a second intrusion detector; and a second intrusion detector, configured to use a second network processor to perform intrusion detection through deep packet inspection (DPI) for the packet payload of the packets transmitted from the first intrusion detector. Thereby, intrusion detection for high-speed packets can be performed in a network environment.
公开/授权文献
信息查询
