JP4753264B2 - ネットワーク攻撃を検出するための方法、装置、およびコンピュータ・プログラム(ネットワーク攻撃の検出) - Google Patents
ネットワーク攻撃を検出するための方法、装置、およびコンピュータ・プログラム(ネットワーク攻撃の検出) Download PDFInfo
- Publication number
- JP4753264B2 JP4753264B2 JP2008502525A JP2008502525A JP4753264B2 JP 4753264 B2 JP4753264 B2 JP 4753264B2 JP 2008502525 A JP2008502525 A JP 2008502525A JP 2008502525 A JP2008502525 A JP 2008502525A JP 4753264 B2 JP4753264 B2 JP 4753264B2
- Authority
- JP
- Japan
- Prior art keywords
- user system
- originating user
- router
- intrusion detection
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 47
- 238000000034 method Methods 0.000 title claims abstract description 35
- 238000004590 computer program Methods 0.000 title claims description 7
- 238000004891 communication Methods 0.000 claims abstract description 28
- 230000007246 mechanism Effects 0.000 claims abstract description 23
- 238000012544 monitoring process Methods 0.000 claims abstract description 11
- 238000012545 processing Methods 0.000 claims description 28
- 230000003993 interaction Effects 0.000 claims description 3
- 230000008569 process Effects 0.000 description 15
- 238000010586 diagram Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 5
- 230000008901 benefit Effects 0.000 description 4
- 230000004044 response Effects 0.000 description 4
- 238000009434 installation Methods 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 230000015556 catabolic process Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000006731 degradation reaction Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 208000015181 infectious disease Diseases 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/22—Arrangements for preventing the taking of data from a data transmission channel without authorisation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| EP05006462 | 2005-03-24 | ||
| EP05006462.5 | 2005-03-24 | ||
| PCT/IB2006/050554 WO2006100613A1 (en) | 2005-03-24 | 2006-02-21 | Network attack detection |
Publications (3)
| Publication Number | Publication Date |
|---|---|
| JP2008535304A JP2008535304A (ja) | 2008-08-28 |
| JP2008535304A5 JP2008535304A5 (https=) | 2009-02-12 |
| JP4753264B2 true JP4753264B2 (ja) | 2011-08-24 |
Family
ID=36716621
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| JP2008502525A Expired - Fee Related JP4753264B2 (ja) | 2005-03-24 | 2006-02-21 | ネットワーク攻撃を検出するための方法、装置、およびコンピュータ・プログラム(ネットワーク攻撃の検出) |
Country Status (9)
| Country | Link |
|---|---|
| US (1) | US20120096548A1 (https=) |
| EP (1) | EP1866725B1 (https=) |
| JP (1) | JP4753264B2 (https=) |
| KR (1) | KR101090815B1 (https=) |
| CN (1) | CN100561492C (https=) |
| AT (1) | ATE485552T1 (https=) |
| CA (1) | CA2600517A1 (https=) |
| DE (1) | DE602006017668D1 (https=) |
| WO (1) | WO2006100613A1 (https=) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP5476578B2 (ja) * | 2009-01-06 | 2014-04-23 | 独立行政法人情報通信研究機構 | ネットワーク監視システム及びその方法 |
| CN101719906B (zh) * | 2009-11-10 | 2012-05-30 | 电子科技大学 | 一种基于蠕虫传播行为的蠕虫检测方法 |
| US10432587B2 (en) | 2012-02-21 | 2019-10-01 | Aventail Llc | VPN deep packet inspection |
| WO2023233582A1 (ja) * | 2022-06-01 | 2023-12-07 | 日本電信電話株式会社 | 攻撃検知装置、攻撃検知システム、攻撃検知方法および攻撃検知プログラム |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2000261483A (ja) * | 1999-03-09 | 2000-09-22 | Hitachi Ltd | ネットワーク監視システム |
| JP2004241831A (ja) * | 2003-02-03 | 2004-08-26 | Rbec Corp | ネットワーク管理システム |
| JP2004304752A (ja) * | 2002-08-20 | 2004-10-28 | Nec Corp | 攻撃防御システムおよび攻撃防御方法 |
| JP2005039591A (ja) * | 2003-07-16 | 2005-02-10 | Toshiba Corp | 不正アクセス防御装置及びプログラム |
| JP2005051588A (ja) * | 2003-07-30 | 2005-02-24 | Matsushita Electric Ind Co Ltd | 自動フィルタリング方法、および機器 |
| WO2006043310A1 (ja) * | 2004-10-19 | 2006-04-27 | Fujitsu Limited | 不正アクセスプログラム監視処理方法、不正アクセスプログラム検出プログラムおよび不正アクセスプログラム対策プログラム |
| JP2006165910A (ja) * | 2004-12-06 | 2006-06-22 | Mitsubishi Electric Corp | 不正侵入検知システム、不正侵入検知装置および管理装置 |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| ATE322790T1 (de) | 2002-01-18 | 2006-04-15 | Stonesoft Corp | Ueberwachung des datenflusses zur verbesserung des netzwerksicherheitsschutzes |
| WO2004008700A2 (en) * | 2002-07-12 | 2004-01-22 | The Penn State Research Foundation | Real-time packet traceback and associated packet marking strategies |
| CN1450758A (zh) * | 2003-05-16 | 2003-10-22 | 上海金诺网络安全技术发展股份有限公司 | 高性能网络入侵检测系统和检测方法 |
| AU2003280126A1 (en) | 2003-05-30 | 2005-01-21 | International Business Machines Corporation | Detecting network attacks |
| AU2003279517A1 (en) | 2003-08-11 | 2005-02-25 | Telecom Italia S.P.A. | Method and system for detecting unauthorised use of a communication network |
| US7992204B2 (en) * | 2004-05-02 | 2011-08-02 | Markmonitor, Inc. | Enhanced responses to online fraud |
| CN1322712C (zh) * | 2004-05-28 | 2007-06-20 | 南京邮电学院 | 一种实现诱骗网络数据流重定向的方法 |
| US7748040B2 (en) * | 2004-07-12 | 2010-06-29 | Architecture Technology Corporation | Attack correlation using marked information |
-
2006
- 2006-02-21 AT AT06727631T patent/ATE485552T1/de not_active IP Right Cessation
- 2006-02-21 EP EP06727631A patent/EP1866725B1/en not_active Expired - Lifetime
- 2006-02-21 CN CNB2006800091644A patent/CN100561492C/zh not_active Expired - Fee Related
- 2006-02-21 WO PCT/IB2006/050554 patent/WO2006100613A1/en not_active Ceased
- 2006-02-21 JP JP2008502525A patent/JP4753264B2/ja not_active Expired - Fee Related
- 2006-02-21 CA CA002600517A patent/CA2600517A1/en not_active Abandoned
- 2006-02-21 US US11/909,495 patent/US20120096548A1/en not_active Abandoned
- 2006-02-21 KR KR1020077021070A patent/KR101090815B1/ko not_active Expired - Fee Related
- 2006-02-21 DE DE602006017668T patent/DE602006017668D1/de not_active Expired - Lifetime
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2000261483A (ja) * | 1999-03-09 | 2000-09-22 | Hitachi Ltd | ネットワーク監視システム |
| JP2004304752A (ja) * | 2002-08-20 | 2004-10-28 | Nec Corp | 攻撃防御システムおよび攻撃防御方法 |
| JP2004241831A (ja) * | 2003-02-03 | 2004-08-26 | Rbec Corp | ネットワーク管理システム |
| JP2005039591A (ja) * | 2003-07-16 | 2005-02-10 | Toshiba Corp | 不正アクセス防御装置及びプログラム |
| JP2005051588A (ja) * | 2003-07-30 | 2005-02-24 | Matsushita Electric Ind Co Ltd | 自動フィルタリング方法、および機器 |
| WO2006043310A1 (ja) * | 2004-10-19 | 2006-04-27 | Fujitsu Limited | 不正アクセスプログラム監視処理方法、不正アクセスプログラム検出プログラムおよび不正アクセスプログラム対策プログラム |
| JP2006165910A (ja) * | 2004-12-06 | 2006-06-22 | Mitsubishi Electric Corp | 不正侵入検知システム、不正侵入検知装置および管理装置 |
Also Published As
| Publication number | Publication date |
|---|---|
| EP1866725B1 (en) | 2010-10-20 |
| DE602006017668D1 (de) | 2010-12-02 |
| KR101090815B1 (ko) | 2011-12-08 |
| CA2600517A1 (en) | 2006-09-28 |
| WO2006100613A1 (en) | 2006-09-28 |
| KR20070114155A (ko) | 2007-11-29 |
| EP1866725A1 (en) | 2007-12-19 |
| ATE485552T1 (de) | 2010-11-15 |
| US20120096548A1 (en) | 2012-04-19 |
| JP2008535304A (ja) | 2008-08-28 |
| CN100561492C (zh) | 2009-11-18 |
| CN101147153A (zh) | 2008-03-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1771709B (zh) | 用于产生网络攻击特征标记的方法和装置 | |
| EP3297248B1 (en) | System and method for generating rules for attack detection feedback system | |
| US10079852B2 (en) | Sinkholing bad network domains by registering the bad network domains on the internet | |
| US9667589B2 (en) | Logical / physical address state lifecycle management | |
| US20180262520A1 (en) | Dga behavior detection | |
| US20170026387A1 (en) | Monitoring access of network darkspace | |
| Bailey et al. | Data reduction for the scalable automated analysis of distributed darknet traffic | |
| US20140096251A1 (en) | Apparatus, system and method for identifying and mitigating malicious network threats | |
| US8918838B1 (en) | Anti-cyber hacking defense system | |
| JP2006319982A (ja) | 通信ネットワーク内ワーム特定及び不活化方法及び装置 | |
| AU2004282937A1 (en) | Policy-based network security management | |
| Lukaseder et al. | An sdn-based approach for defending against reflective ddos attacks | |
| WO2017035373A1 (en) | System and method for network access control | |
| Salim et al. | Preventing ARP spoofing attacks through gratuitous decision packet | |
| Yang | A study on attack information collection using virtualization technology | |
| JP4753264B2 (ja) | ネットワーク攻撃を検出するための方法、装置、およびコンピュータ・プログラム(ネットワーク攻撃の検出) | |
| US20230370492A1 (en) | Identify and block domains used for nxns-based ddos attack | |
| US20050259657A1 (en) | Using address ranges to detect malicious activity | |
| Wu et al. | Virtual inline: a technique of combining IDS and IPS together in response intrusion | |
| JP7600463B1 (ja) | 仮想ホストを利用してネットワークに対するサイバー脅威を検出するサイバーセキュリティサービスを提供する方法およびこれを利用したサイバーセキュリティサービス提供サーバ | |
| Selvaraj et al. | Enhancing intrusion detection system performance using firecol protection services based honeypot system | |
| CN114338163A (zh) | 互联网的安全处理方法及装置 | |
| CN121441519A (zh) | 一种基于xdp技术的反测绘方法 |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20081217 |
|
| A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20081217 |
|
| A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20100817 |
|
| A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A821 Effective date: 20101025 Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20101025 |
|
| RD12 | Notification of acceptance of power of sub attorney |
Free format text: JAPANESE INTERMEDIATE CODE: A7432 Effective date: 20101025 |
|
| A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A821 Effective date: 20101025 |
|
| A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20110216 |
|
| A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A821 Effective date: 20110415 Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20110415 |
|
| TRDD | Decision of grant or rejection written | ||
| A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20110511 |
|
| A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A821 Effective date: 20110511 |
|
| RD14 | Notification of resignation of power of sub attorney |
Free format text: JAPANESE INTERMEDIATE CODE: A7434 Effective date: 20110511 |
|
| A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 |
|
| A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20110518 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20140603 Year of fee payment: 3 |
|
| R150 | Certificate of patent or registration of utility model |
Free format text: JAPANESE INTERMEDIATE CODE: R150 |
|
| LAPS | Cancellation because of no payment of annual fees |