Real-time stateful packet inspection method and apparatus

Assignee

• KOREA ADVANCED INSTITUTE OF SCIENCE AND TECHNOLOGY · KR

Inventors

• Seung-Yong YOON · Daejeon, KR
• Jin Tae Oh · Daejeon, KR
• Jong Soo Jang · Jicheon-myeon, KR

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L67/14
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A real-time stateful packet inspection method and apparatus is provided, which uses a session table processing method that can efficiently generate state information. In the apparatus, a session table stores session data of a packet received from an external network. A hash key generator hashes a parameter extracted from the received packet and generates a hash pointer of the session table corresponding to the packet. A session detection module searches the session table for a session corresponding to the received packet. A session management module performs management of the session table such as addition, deletion, and change of sessions of the session table. A packet inspection module generates state information corresponding to the received packet from both directionality information of the packet and entry header information of the packet stored in the session table and then inspects the packet based on the generated state information.