Patent · US Active

Method and apparatus for detecting network attacks and generating attack signatures based on signature merging

US10225269B2 · kind B2 · utility

5Cited by

1References

13Claims

0Family size

Assignee

KOREA ADVANCED INSTITUTE OF SCIENCE AND TECHNOLOGY · KR

Inventor

Sungwon Yi · Daejeon, KR

Key dates

Filing date	Aug 1, 2016
Grant date	Mar 5, 2019
Priority date	—
Expiry date	Mar 27, 2037

Classification

Technology area (CPC G)Physics
CPC primaryG06F16/22
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

There are provided a method and an apparatus for detecting attacks and automatically generating attack signatures based on signature merging. A method for detecting attacks and automatically generating attack signatures based on signature merging includes detecting a character string matched to at least one previously stored compressed attack signature in an input packet received from a network, determining whether the character string detected in the primary attack detection is matched to at least one previously stored individual attack signature, and, if the detected character string is matched to the at least one previously stored individual attack signature, determining the input packet as an attack packet, and, if the detected character string is not matched, determining the input packet as a new attack signature.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.