BROWSE
Detail
Registered SYSTEM AND METHOD FOR CONNECTION FINGERPRINT GENERATION AND STEPPING-STONE TRACEBACK BASED ON NETFLOW
이미지 확대
SYSTEM AND METHOD FOR CONNECTION FINGERPRINT GENERATION AND STEPPING-STONE TRACEBACK BASED ON NETFLOW
- Inventors
- Jung Tae Kim, 강구홍, Kim Ik Kyun
- Application No.
- 201610987131.2 (2016.11.09)
- Publication No.
- 107070851 (2017.08.18)
- Registration No.
- ZL201610987131.2 (2020.07.14)
- Country
- CHINA
- Project Code
- 14MS2300, Cyber targeted attack recognition and trace-back technology based-on long-term historic analysis of multi-source data, Kim Ik Kyun
- Abstract
- The present invention relates to a method for tracing a cyber hacking attack and, more particularly, to a system and a method for generating a connection fingerprint and tracing back a source site using a network flow. The method for connection fingerprint generation and traceback based on netflow comprises: a step of receiving a traceback request including IP packet attribute information of a victim and an attacker corresponding to a target connection, which is a final connection of a connection chain; a step of generating a fingerprint for a related connection based on the IP packet attribute information and requesting related information to a network flow collector; a step of detecting connection of a stepping stone for the target connection, which is made when the fingerprint is generated, to confirm whether a selected subject connection is present on the same chain as the target connection; and a step of determining a connection sequence with respect to an attacker host for the subject connection confirmed to be present on the same connection chain as the target connection.
- KSP Keywords
- Connection chain, IP packet, Network flow, Stepping-stone, connection based
- Family
| Status | Patent | Country | KIPRIS |
|---|---|---|---|
| Registered | 넷플로우 기반 연결 핑거프린트 생성 및 경유지 역추적 방법 | KOREA | KIPRIS |
| Registered | SYSTEM AND METHOD FOR CONNECTION FINGERPRINT GENERATION AND STEPPING-STONE TRACEBACK BASED ON NETFLOW | UNITED STATES | |
| Registered | SYSTEM AND METHOD FOR CONNECTION FINGERPRINT GENERATION AND STEPPING-STONE TRACEBACK BASED ON NETFLOW | JAPAN |