Patent · US Active

Network intrusion detection and prevention system and method thereof

US7565693B2 · kind B2 · utility

34Cited by

15References

9Claims

0Family size

Assignee

KOREA ADVANCED INSTITUTE OF SCIENCE AND TECHNOLOGY · KR

Inventors

Seung Won SHIN · Daejeon, KR
Jintae Oh · Daejeon, KR
Ki Young Kim · Seongnam-si, KR
Jong Soo Jang · Jicheon-myeon, KR
Sung Won Sohn · Daejeon, KR

Key dates

Filing date	Dec 29, 2004
Grant date	Jul 21, 2009
Priority date	—
Expiry date	Feb 7, 2027

Classification

Technology area (CPC H)Electricity
CPC primaryH04L69/22
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

The present invention relates to a network intrusion detection and prevention system. The system includes: a signature based detecting device; an anomaly behavior based detecting device; and a new signature creating and verifying device disposed between the signature based detecting device and the anomaly behavior based detecting device, wherein if the anomaly behavior based detecting device detects network-attack-suspicious packets, the new signature creating and verifying device collects and searches the detected suspicious packets for common information, and then creates a new signature on the basis of the searched common information and at the same time, verifies whether or not the created new signature is applicable to the signature based detecting device, and then registers the created new signature to the signature based detecting device if it is determined that the created new signature is applicable.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.