INTRUSION PREVENTION SYSTEM AND CONTROLLING METHOD

INTRUSION PREVENTION SYSTEM AND CONTROLLING METHOD

An intrusion prevention system and a controlling method thereof are provided to separately manage attack rule information applied to a secondarily detected attack, and to refer to accumulated information results of the attack rule, thereby minimizing false positive probability for normal packets as...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: RYU, YEON SIK, PYO, SEUNG JONG, SON, SO RA
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:An intrusion prevention system and a controlling method thereof are provided to separately manage attack rule information applied to a secondarily detected attack, and to refer to accumulated information results of the attack rule, thereby minimizing false positive probability for normal packets as predicting generation of harmful traffic. A detecting unit(102) detects packet information in a software way according to predetermined attack rule application. A storage(104) stores attack rule generation information on detected attack packets according to characteristics of the attack rule. An analysis coping module(126) compares the attack rule generation information with a preset threshold value, and provides a coping mode for selectively blocking the attack packets if the attack rule generation information exceeds the threshold value.