SYSTEM AND METHOD OF NETWORK ACTIVITY MONITORING TO PARTICULAR PROCESS

SYSTEM AND METHOD OF NETWORK ACTIVITY MONITORING TO PARTICULAR PROCESS

PURPOSE: A network action monitoring system for a specific process are provided to detect the malignant action of a process which communicates with outside by grasping the process in the TDI(Transport Driver Interface) file object of a TDI filter driver. CONSTITUTION: A TDI filter driver is arranged...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: KIM, KI HONG, JEONG, HYUN CHEOL, JI, SEUNG GOO, IM, CHAE TAE, KANG, DONG WAN, OH, JOO HYUNG, JUNG, GA RAM
Format: Patent
Sprache:eng ; kor
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:PURPOSE: A network action monitoring system for a specific process are provided to detect the malignant action of a process which communicates with outside by grasping the process in the TDI(Transport Driver Interface) file object of a TDI filter driver. CONSTITUTION: A TDI filter driver is arranged at a host personal computer. The TDI filter deriver extracts processes. The process creates and receives packets between the TDI client and a TDI transport driver. A malignant action detecting module detects the malignant action of the process. The process includes a PID(Process Identifier) extraction module. A PID creates a first local address object. A recognition processing unit recognizes the action of a network in a personal computer.