会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 5. 发明申请
    • APPARATUS AND METHOD FOR DETECTING NETWORK ATTACK
    • 用于检测网络攻击的装置和方法
    • US20080134334A1
    • 2008-06-05
    • US11926132
    • 2007-10-29
    • Ik Kyun KimYang Seo ChoiDae Won KimJin Tae OhJong Soo Jang
    • Ik Kyun KimYang Seo ChoiDae Won KimJin Tae OhJong Soo Jang
    • G06F11/00
    • H04L63/1408
    • There are provided a network attack detection apparatus and method capable of determining even unknown network attack, the apparatus connected between two networks or connected by port mirroring of an Ethernet switch to real-time monitor all packets flowing through the networks. The apparatus decodes a payload portion of an inputted network packet into a machine code instruction, determines whether an executable code is included in the decoded machine code by analyzing relationship between instructions, and determines whether the packet is harmful based on statistics with respect to a possibility that an executable code exists in a service and a certain transaction of the service when the executable code is included.
    • 提供了能够确定甚至未知网络攻击的网络攻击检测装置和方法,连接在两个网络之间的装置或通过以太网交换机的端口镜像连接的实时监视通过网络流动的所有分组的网络攻击检测装置和方法。 该装置将输入的网络分组的有效载荷部分解码为机器码指令,通过分析指令之间的关系来确定解码的机器码中是否包括可执行代码,并且基于关于可能性的统计来确定分组是否有害 当包括可执行代码时,可执行代码存在于服务和服务的某个事务中。