ETRI-Knowledge Sharing Plaform

KOREAN
특허 검색
Status Country
Year ~ Keyword

Detail

Registered STEPPING-STONE DETECTION APPARATUS AND METHOD

넷플로우를 이용한 타이밍 교란을 동반한 스텝핑 스톤 공격 검출 기법
이미지 확대
Inventors
Jung Tae Kim, Kim Ik Kyun, 강구홍
Application No.
15807425 (2017.11.08)
Publication No.
20180234436 (2018.08.16)
Registration No.
10805319 (2020.10.13)
Country
UNITED STATES
Project Code
16MH2100, Cyber targeted attack recognition and trace-back technology based-on long-term historic analysis of multi-source data, Kim Ik Kyun
Abstract
Disclosed herein are a stepping-stone detection apparatus and method. The stepping-stone detection apparatus includes a target connection information reception unit for receiving information about a target connection from an intrusion detection system (IDS), a fingerprint generation unit for generating a target connection fingerprint based on the information about the target connection, and generating one or more candidate connection fingerprints using information about one or more candidate connections corresponding to one or more flow information collectors, and a stepping-stone detection unit for detecting a stepping stone by comparing the target connection fingerprint, in which a maximum allowable delay time is reflected, with the candidate connection fingerprints.
KSP Keywords
Delay Time, Generation unit, Intrusion detection system(IDS), Stepping-stone, Stepping-stone detection, Using information, intrusion detection
Family
 
패밀리 특허 목록
Status Patent Country KIPRIS
Registered 스텝핑 스톤 검출 장치 및 방법 KOREA KIPRIS