首页>
外国专利>
Intrusion detection system and method based on kernel module in security gateway system for high-speed intrusion detection on network
Intrusion detection system and method based on kernel module in security gateway system for high-speed intrusion detection on network
展开▼
机译:安全网关系统中基于内核模块的入侵检测系统和方法,用于网络高速入侵检测
展开▼
页面导航
摘要
著录项
相似文献
摘要
PURPOSE: A kernel based fast IDS(Intrusion Detection System) of a security gateway and a method thereof are provided to offer a stable and improved performance by receiving a packet from a card device collecting the packet and performing filtering fast, and analyzing the packet in a kernel area. CONSTITUTION: A packet information extractor(210) transfers the packet information filtering the actually received network packet to an upper analysis module. A fast intrusion detecting tool(220) gives an alarm if intrusion is detected by comparing the packet information received from the packet information extractor with a previously defined intrusion pattern on a kernel level. A system controlling/managing tool(230) generates an alarm message of the alarm is received from the fast intrusion detecting tool and provides the information for updating the intrusion pattern to the fast intrusion detecting tool on an application level.
展开▼