Invention Grant
US09444828B2 Network intrusion detection apparatus and method using Perl compatible regular expressions-based pattern matching technique
有权
网络入侵检测装置和方法采用Perl兼容的基于正则表达式的模式匹配技术
- Patent Title: Network intrusion detection apparatus and method using Perl compatible regular expressions-based pattern matching technique
- Patent Title (中): 网络入侵检测装置和方法采用Perl兼容的基于正则表达式的模式匹配技术
-
Application No.: US14023635Application Date: 2013-09-11
-
Publication No.: US09444828B2Publication Date: 2016-09-13
- Inventor: Sung-Ryoul Lee , Young-Han Choi , Jung-Hee Lee , Byung-Chul Bae , Hyung-Geun Oh , Ki-Wook Sohn
- Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
- Applicant Address: KR Daejeon
- Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESERACH INSTITUTE
- Current Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESERACH INSTITUTE
- Current Assignee Address: KR Daejeon
- Agency: LRK Patent Law Firm
- Priority: KR10-2012-0123019 20121101
- Main IPC: H04L29/06
- IPC: H04L29/06
Abstract:
A network intrusion detection apparatus and method that perform Perl Compatible Regular Expressions (PCRE)-based pattern matching on the payloads of packets using a network processor equipped with a Deterministic Finite Automata (DFA) engine. The network intrusion detection apparatus includes a network processor core for receiving packets from a network, and transmitting payloads of the received packets to a Deterministic Finite Automata (DFA) engine. A detection rule converter converts a PCRE-based detection rule, preset to detect an attack packet, into a detection rule including a pattern to which only PCRE grammar corresponding to the DFA engine is applied. The DFA engine performs PCRE pattern matching on the payloads of the packets based on the detection rule converted by the detection rule converter.
Public/Granted literature
Information query
