首页>
外国专利>
An apparatus and method for invasion detection system based on host system including access control function
An apparatus and method for invasion detection system based on host system including access control function
展开▼
机译:基于包括访问控制功能的主机系统的入侵检测系统的装置和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
PURPOSE: A host-based IDS(Intrusion Detection System) including an access control function on a kernel level and a method thereof are provided to offer a post and pre-intrusion detecting function by including an access controller for controlling execution of a system call on the kernel level. CONSTITUTION: A collector(303) collects/stores logs of a system call level generated by the system kernel(302). The access controller(301) judges intrusion by using the system call. An intrusion detector(304) judges the intrusion by comparing log information of the system call level generated from the system kernel with preset intrusion patterns. A countering part(305) executes confrontation for the detected intrusion according to preset countering methods and makes the log for a confronting result. A communicator(306) undertakes communication between an engine and a management console(307), sends the log received from the intrusion detector and the countering part to the management console, and transfers information for engine control from the management console to each part.
展开▼