Differential intrusion detection in networks
First Claim
Patent Images
1. An apparatus comprising:
- an intrusion detection system adapted to perform pattern matching on a received packet to detect intrusion, and to determine whether to perform pattern matching based on a received first control signal; and
a switching device adapted to determine whether the received packet is a packet requiring pattern matching, and to generate and transmit the first control signal to the intrusion detection system based on the determination result, the first control signal including information indicating whether pattern matching is to be performed on the received packet.
1 Assignment
0 Petitions
Accused Products
Abstract
Automatic differential intrusion detection in a network using an Intrusion Detection System (IDS) as a security device is provided, in order to enhance Quality of Service (QoS) for a packet requiring real-time processing. A delay caused by the IDS is reduced by applying differential IDS pattern matching according to the type of packet, thus reducing the time needed to process the packet.
35 Citations
18 Claims
-
1. An apparatus comprising:
-
an intrusion detection system adapted to perform pattern matching on a received packet to detect intrusion, and to determine whether to perform pattern matching based on a received first control signal; and
a switching device adapted to determine whether the received packet is a packet requiring pattern matching, and to generate and transmit the first control signal to the intrusion detection system based on the determination result, the first control signal including information indicating whether pattern matching is to be performed on the received packet. - View Dependent Claims (2)
-
-
3. An apparatus comprising:
-
an intrusion detection system adapted to perform pattern matching on a received packet to detect intrusion, and to determine whether to perform pattern matching based on a received first control signal; and
a switching device adapted to determine whether the received packet is a packet requiring real-time processing, and to generate and transmit the first control signal to the intrusion detection system based on the determination result, the first control signal including information indicating whether pattern matching is to be performed on the received packet. - View Dependent Claims (4, 5, 6, 7, 8)
-
-
9. An apparatus comprising:
-
an intrusion detector adapted to perform pattern matching on a received packet to detect intrusion; and
a switch adapted to determine whether the received packet is a packet requiring real-time processing and, upon a determination that the received packet requires real-time processing, to transmit a control signal to the intrusion detector via Inter-Processor Communication (IPC), the control signal including information to block pattern matching on the received packet.
-
-
10. An apparatus comprising:
-
an intrusion detection system adapted to perform pattern matching on a received packet to detect intrusion, and to determine whether to perform pattern matching based on a received control signal; and
a switching device adapted to determine whether the received packet is a first packet of a call and, upon a determination that the received packet is the first packet of a call, to transmit the control signal to the intrusion detection system, the control signal including information indicates whether pattern matching is to be performed on the received packet. - View Dependent Claims (11, 12)
-
-
13. A method comprising:
-
receiving a packet;
determining whether the received packet is a packet requiring perform pattern matching; and
performing packet matching on the packet requiring pattern matching and not performing packet matching on a packet not requiring pattern matching, based on the determination result. - View Dependent Claims (14, 15, 16)
-
-
17. A method comprising:
-
receiving a packet;
determining whether the received packet is a packet requiring real-time processing; and
not performing pattern matching on packet requiring the real-time processing, and performing pattern matching on a packet not requiring the real-time processing, based on the determination result. - View Dependent Claims (18)
-
Specification