发明授权
US07710971B2 Method of blocking network attacks using packet information and apparatus thereof
失效
使用分组信息来阻止网络攻击的方法及其装置
- 专利标题: Method of blocking network attacks using packet information and apparatus thereof
- 专利标题(中): 使用分组信息来阻止网络攻击的方法及其装置
-
申请号: US11592136申请日: 2006-11-03
-
公开(公告)号: US07710971B2公开(公告)日: 2010-05-04
- 发明人: Jae Deok Lim , Young Ho Kim , Seung Ho Ryu , Bo Heung Chung , Ki Young Kim
- 申请人: Jae Deok Lim , Young Ho Kim , Seung Ho Ryu , Bo Heung Chung , Ki Young Kim
- 申请人地址: KR Daejeon
- 专利权人: Electronics and Telecommunications Research Institute
- 当前专利权人: Electronics and Telecommunications Research Institute
- 当前专利权人地址: KR Daejeon
- 代理机构: Lowe Hauptman Ham & Berner, LLP
- 优先权: KR10-2005-0108290 20051112
- 主分类号: H04L12/56
- IPC分类号: H04L12/56
摘要:
A method of blocking network attacks using information included in a packet, and an apparatus thereof are provided. The method includes: receiving a packet containing information on the packet including at least information on a source from which the packet is sent, and information on a destination to which the packet is sent; and extracting the information on the packet included in the packet, comparing the information with a predetermined access control condition, and blocking or passing the packet. By doing so, a packet being transferred with a routing header capable of bypassing a security device as in an Internet Protocol version 6 (IPv6) network can be appropriately blocked or passed. Accordingly, security problems caused by the routing header can be overcome, and as a result, usage of the routing header can be promoted. Also, since a routing header can be used for transmitting a packet along a desired path, the routing header can be widely used without security problems, and can ease network security concerns relating to IPv6 networks that are expected to come into increasingly wide use.
公开/授权文献
信息查询