会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 11. 发明公开
    • 라돈-씨큐리티 게이트웨이 시스템의 정책 전달 및 경보용데이터베이스 관리방법
    • 交付安全网关系统政策和管理数据库报警的方法
    • KR1020030051929A
    • 2003-06-26
    • KR1020010081570
    • 2001-12-20
    • 한국전자통신연구원
    • 박상길장종수류걸우
    • H04L12/22
    • H04L63/20H04L63/1425H04L63/1441
    • PURPOSE: A method for delivering a policy of a Ladon-SGS(Security Gateway System) and managing a database for alarms is provided to reflect countermeasures on the database for alarms according to types of generated terrors, and to update the countermeasures in a cache interworking with an analyzer of the Ladon-SGS, thereby rapidly processing a monitoring system as well as being applied to detecting or breaking polices. CONSTITUTION: A policy and system manager of an optional Ladon-SGS receives packet data from a Ladon-CPCS through a network(301), to discriminate the packet data with reference to breaking information(302). If the packet data are included in the breaking information, the policy and system manager provides the packet data to a breaker through a message queue(303), and the breaker breaks the packet data(304). If the packet data are not included in the breaking information, the policy and system manager abbreviates the packet data to an event and provides the event to an analyzer through the message queue(305). The analyzer stores the event in a cache(306), and analyzes the event by using an analysis function according to types(307). The analyzer reads a pattern class to check whether a 'start' state exists(308). If so, the analyzer inserts the pattern class in a stack class(309), and if not, the analyzer decides whether a state is a 'final' state(310). If so, the analyzer copes with an invasion according to a defined invasion pattern(311), and if not, the analyzer checks whether a certain time stamp passes(312). If so, the analyzer deletes the pattern class(313), and if not, the analyzer checks whether all patterns included in a corresponding thread are inspected(314). If so, the step 307 is returned, and if not, the step 308 is returned.
    • 目的:提供一种用于提供Ladon-SGS(安全网关系统)策略和管理数据库以进行警报的方法,以根据产生的恐怖的类型反映数据库中的警报对策,并更新缓存交互中的对策 使用Ladon-SGS的分析仪,从而快速处理监控系统,并应用于检测或破坏政策。 规定:可选Ladon-SGS的策略和系统管理器通过网络(301)从Ladon-CPCS接收分组数据,以参考断开信息来区分分组数据(302)。 如果分组数据被包含在分组信息中,则策略和系统管理器通过消息队列(303)向分组数据提供分组数据,并且断路器破坏分组数据(304)。 如果分组数据不包括在分组信息中,则策略和系统管理器将分组数据缩写为事件,并通过消息队列(305)将事件提供给分析器。 分析仪将事件存储在高速缓存(306)中,并且通过使用根据类型(307)的分析功能来分析事件。 分析仪读取模式类以检查是否存在“开始”状态(308)。 如果是这样,分析器将模式类插入堆栈类(309),如果不是,分析器决定状态是否为“最终”状态(310)。 如果是这样,分析器根据定义的入侵模式(311)处理入侵,如果不是,分析器检查某个时间戳是否通过(312)。 如果是,则分析仪删除模式类(313),如果不是,则分析器检查包括在相应线程中的所有模式是否被检查(314)。 如果是,则返回步骤307,否则返回步骤308。
    • 12. 发明授权
    • 에이티엠 적응 계층 2에서 동적 결합 사용타이머(Timer_CU) 기반의 호 연결 제어 방법
    • 에이티엠적응계층계층2에서동적결합사용타이머(Timer_CU)기반의호연결제어방
    • KR100380998B1
    • 2003-04-23
    • KR1020010047861
    • 2001-08-09
    • 한국전자통신연구원
    • 류걸우이규호이형호박성우
    • H04L12/28
    • PURPOSE: A method for controlling a dynamic combined use timer based call connection in an ATM(asynchronous transfer mode) adaptive layer 2 is provided to minimize a consumption of a bandwidth by dynamically controlling a Time_CU value to reduce the time out number and use a remained bandwidth in a traffic for an available bit rate/unspecified bit rat service. CONSTITUTION: When a call is requested(S501), a cell assembly delay time is tested(S503). A Time_CU is increased(S505) and the cell assembly delay time is again tested(S507). The Time_CU is reduced to a previous value(S509) and a call request is received(S511). The Time_CU is compared with a MAX_TCU(S513). When the Time_CU is greater than the MAX_TCU, the call request is received(S511). When the Time_CU is less than the MAX_TCU, steps S505 to S513 are sequentially performed. The Time_CU is reduced(S515) and the cell assembly delay time is again tested(S517). The Time_CU is compared with a MIN_TCU(S519). When the Time_CU is greater than the MIN_TCU, the call request is rejected(S521). When the Time_CU is less than the MIN_TCU, steps S515 to S519 are sequentially performed.
    • 目的:提供一种用于在ATM(异步传输模式)自适应层2中控制基于动态组合使用定时器的呼叫连接的方法,以通过动态地控制Time_CU值来减少超时数并使用剩余 在可用比特率/未指定比特鼠标服务的流量中的带宽。 构成:当请求呼叫时(S501),测试单元组件延迟时间(S503)。 Time_CU增加(S505),并再次测试单元组件延迟时间(S507)。 Time_CU减少到先前值(S509)并且接收到呼叫请求(S511)。 Time_CU与MAX_TCU进行比较(S513)。 当Time_CU大于MAX_TCU时,接收呼叫请求(S511)。 当Time_CU小于MAX_TCU时,顺序执行步骤S505至S513。 Time_CU被减少(S515)并且再次测试单元组件延迟时间(S517)。 Time_CU与MIN_TCU进行比较(S519)。 当Time_CU大于MIN_TCU时,呼叫请求被拒绝(S521)。 当Time_CU小于MIN_TCU时,顺序执行步骤S515至S519。
    • 13. 发明授权
    • 라우팅 기능 분산 기법을 이용하여 복수망간 연동을지원하는 시스템의 성능을 향상시키는 장치 및 그 방법
    • 使用路由功能分配技术来提高支持多网络互通的系统的性能的设备和方法
    • KR100362206B1
    • 2002-11-23
    • KR1020000083379
    • 2000-12-27
    • 한국전자통신연구원
    • 김성혜류걸우이규호이형호
    • H04L12/28
    • 1. 청구범위에 기재된 발명이 속한 기술분야
      본 발명은 라우팅 기능 분산 기법을 이용하여 복수망간 연동을 지원하는 시스템의 성능을 향상시키는 장치 및 그 방법에 관한 것임.
      2. 발명이 해결하려고 하는 기술적 과제
      본 발명은, 이더넷 접속 기능부에 IP(Internet Protocol) 전달 테이블을 적재하여 라우터 기능을 분산시켜 기존의 연동 지원시스템에 구비된 라우터의 부담을 경감시킴으로써, 시스템 성능을 향상시키는 라우팅 기능 분산 기법을 이용한 복수망간 연동 지원시스템 성능 향상 장치 및 그 방법과, 그를 실현시키기 위한 프로그램을 기록한 컴퓨터로 읽을 수 있는 기록매체를 제공하고자 함.
      3. 발명의 해결방법의 요지
      본 발명은, 제1 IP(Internet Protocol) 전달테이블을 포함하는 라우팅 기능부를 구비하고 있으며, 이더넷 접속기능을 수행하는 적어도 하나의 제1 접속기능부와, 비동기전달모드(ATM) 접속기능을 포함하는 적어도 하나의 제2 접속기능부를 구비하여, 복수망간의 연동을 지원하는 공지의 시스템에서 라우팅 기능 분산을 통한 연동 지원 성능 향상 방법에 있어서, 상기 라우팅 기능부의 기능을 분산시키기 위하여, 상기 적어도 하나의 제1 접속기능부에 각각 제2 IP 전달테이블을 구비시키는 제 1 단계; 상기 제1 IP 전달테이블의 연결정보와 상기 적어도 하나의 제1 접속기능부에 각각 구비된 제2 IP 전달테이블의 연결정보를 일치시키는 제 2 단계; 상기제2 IP 전달테이블의 연결정보에 따라, 상기 제1 접속기능부를 통해 다른 영역으로 전달되어야 할 이더넷 데이터를 상기 라우팅 기능부를 거치지 않고 착신측으로 직접 전달하는 제 3 단계를 포함함.
      4. 발명의 중요한 용도
      본 발명은 이더넷 접속기능부를 구비한 동종 또는 이종 연동 지원시스템 등에 이용됨.
    • 14. 发明公开
    • 라우팅 기능 분산 기법을 이용하여 복수망간 연동을지원하는 시스템의 성능을 향상시키는 장치 및 그 방법
    • 使用路由分配方法在多个网络之间应用链路的系统性能提升的装置和方法
    • KR1020020054251A
    • 2002-07-06
    • KR1020000083379
    • 2000-12-27
    • 한국전자통신연구원
    • 김성혜류걸우이규호이형호
    • H04L12/28
    • H04L45/44H04L45/02H04L45/60
    • PURPOSE: An apparatus and a method for enhancing performance of system applying link between plural networks using a routing distribution method are provided to distribute the routing function and reduce a burden of routing by loading IP(Internet Protocol) transmission table, thereby enhancing the performance of system. CONSTITUTION: In the case of the data to be transmitted to other region, in order to make the existing complex routing processes in which each data is transmitted/received to/from a routing function unit(601) exclude, IP transmission tables(61,62) are loaded to the respective Ethernet connection function units(604,605). So, it is unnecessary to transmit the Ethernet data to the routing function unit(601) for referencing the contents of the IP transmission table(602). The Ethernet data transmitted from a LAN(606) is analyzed and if the data must be transmitted toward the other region, the data are directly transmitted to the corresponding destination in reference to the managed IP table(61).
    • 目的:提供一种使用路由分发方法提高多个网络之间系统应用链路性能的装置和方法,以分发路由功能,并通过加载IP(因特网协议)传输表减少路由负担,从而提高 系统。 构成:在要发送到其他区域的数据的情况下,为了使从路由功能单元(601)发送/接收每个数据的现有复杂路由处理不包括IP传输表(61, 62)被加载到相应的以太网连接功能单元(604,605)。 因此,不需要将以太网数据发送到路由功能单元(601),用于参考IP传输表(602)的内容。 分析从LAN(606)发送的以太网数据,并且如果数据必须朝向其他区域发送,则参照被管理的IP表(61)将数据直接发送到对应的目的地。
    • 15. 发明授权
    • 글로벌 침입탐지 시스템에서 보안정책전달을 위한메시지전송수단과, 그에 의한 보안정책전달 및 처리방법
    • 글로벌침입탐지시스보기정보정책전을위한메시지전송수단과,그에의한보안정책전달및처리방글
    • KR100432166B1
    • 2004-05-17
    • KR1020010084800
    • 2001-12-26
    • 한국전자통신연구원
    • 윤승용안개일류걸우장종수
    • H04L12/22
    • PURPOSE: A message transmission unit for delivering a security policy in a global intrusion detection system and a method for delivering the security policy using the same, are provided to enable a policy server to comprehensively collect and analyze alarm messages delivered from many clients, so as to establish and transmit security policies for the alarm messages in real time. CONSTITUTION: An initialization function unit(211) initializes a protocol stack(200). A connection manager(212) sets up connections between a policy server(100) and clients, and manages connected states. A basic message generator(213) generates a basic message for delivering a message with the policy server(100) and the clients. A basic message processor(214) processes the basic message. An encoding/decoding processor(215) performs encoding and decoding according to data transmission/receiving. An event generator(216) generates an event for message delivery with the policy server(100) and the clients. An alarm message processor(221) delivers alarm messages transmitted from the clients to the policy server(100), and performs processing therefor. A resource processor(222) detects resources of the clients requesting connections to the policy server(100), to transmit detected results to the policy server(100). And a security policy information processor(223) delivers security policy information distributed by the policy server(100) to the clients.
    • 目的:提供一种用于在全球入侵检测系统中传递安全策略的消息传输单元以及使用该消息传递单元来传递安全策略的方法,以使得策略服务器能够全面地收集和分析从多个客户端传递的警报消息,例如 实时建立并传输警报消息的安全策略。 构成:初始化功能单元(211)初始化协议栈(200)。 连接管理器(212)在策略服务器(100)和客户端之间建立连接,并管理连接状态。 基本消息生成器(213)生成用于向策略服务器(100)和客户端传递消息的基本消息。 基本消息处理器(214)处理基本消息。 编码/解码处理器(215)根据数据发送/接收来执行编码和解码。 事件生成器(216)生成用于与策略服务器(100)和客户端进行消息传递的事件。 警报消息处理器(221)将从客户端发送的警报消息传送给策略服务器(100),并且为此执行处理。 资源处理器(222)检测请求连接到策略服务器(100)的客户端的资源,以将检测到的结果传输到策略服务器(100)。 并且安全策略信息处理器(223)将由策略服务器(100)分发的安全策略信息传递到客户端。
    • 16. 发明公开
    • 은닉형 침입 탐지 및 차단 제어 시스템 및 그 제어방법
    • 隐藏式入侵检测和切断控制系统及其控制方法
    • KR1020030054659A
    • 2003-07-02
    • KR1020010084868
    • 2001-12-26
    • 한국전자통신연구원
    • 김익균류걸우장종수
    • H04L12/22
    • H04L63/10H04L63/1408H04L63/30
    • PURPOSE: A hidden-type intrusion detection and cutoff controlling system and a controlling method thereof are provided to detect illegal intrusion of hackers through a network by using a line speed, so as to cut off packets of the illegal intrusion in advance. CONSTITUTION: An RISC(Reduced Instruction Set Computer) processor(110) provides a management function and instructs a security policy. An external MAC(Media Access Controller)(150) transceives packets by being connected with an external connection unit(200). An internal MAC(160) transceives packets by being connected with an internal connection unit(300). A packet memory(120) temporarily stores the packets received through the external MAC(150) and the packets received through the internal MAC(160). A packet control engine(130) temporarily stores the packets received through the external and internal MACs(150,160) in the packet memory(120), and checks whether the packets are harmful, if the packets are normal, to deliver the packets to the external and internal connection units(200,300) through the external and internal MACs(150,160) or to the RISC processor(110) at need, and if harmful, to cut off the packets or generate an alarm to the RISC processor(110). A CAM(Contents Address Memory)(140) extracts stored contents by using contents rather than an address of a memory. And a statistical value memory(170) stores statistical values.
    • 目的:提供隐藏式入侵检测和切断控制系统及其控制方法,通过使用线速度来检测黑客通过网络的非法入侵,提前切断非法入侵的数据包。 构成:RISC(精简指令集计算机)处理器(110)提供管理功能并指示安全策略。 外部MAC(媒体访问控制器)(150)通过与外部连接单元(200)连接来收发数据包。 内部MAC(160)通过与内部连接单元(300)连接来收发数据包。 分组存储器(120)临时存储通过外部MAC(150)接收的分组和通过内部MAC(160)接收的分组。 分组控制引擎(130)将通过外部和内部MAC(150,160)接收的分组临时存储在分组存储器(120)中,并且如果分组是正常的,则检查分组是否有害,以将分组传送到外部 以及在需要时通过外部和内部MAC(150,160)或RISC处理器(110)的内部连接单元(200,300),如果有害的话,则切断数据包或向RISC处理器(110)产生报警。 CAM(内容地址存储器)(140)通过使用内容而不是存储器的地址来提取存储的内容。 并且统计值存储器(170)存储统计值。
    • 17. 发明公开
    • 글로벌 침입탐지 시스템에서 보안정책전달을 위한메시지전송수단과, 그에 의한 보안정책전달 및 처리방법
    • 用于在全球入侵检测系统中传送安全策略的信息传输单元和使用该传输装置传送安全策略的方法
    • KR1020030054604A
    • 2003-07-02
    • KR1020010084800
    • 2001-12-26
    • 한국전자통신연구원
    • 윤승용안개일류걸우장종수
    • H04L12/22
    • H04L63/205H04L63/102H04L63/1408
    • PURPOSE: A message transmission unit for delivering a security policy in a global intrusion detection system and a method for delivering the security policy using the same, are provided to enable a policy server to comprehensively collect and analyze alarm messages delivered from many clients, so as to establish and transmit security policies for the alarm messages in real time. CONSTITUTION: An initialization function unit(211) initializes a protocol stack(200). A connection manager(212) sets up connections between a policy server(100) and clients, and manages connected states. A basic message generator(213) generates a basic message for delivering a message with the policy server(100) and the clients. A basic message processor(214) processes the basic message. An encoding/decoding processor(215) performs encoding and decoding according to data transmission/receiving. An event generator(216) generates an event for message delivery with the policy server(100) and the clients. An alarm message processor(221) delivers alarm messages transmitted from the clients to the policy server(100), and performs processing therefor. A resource processor(222) detects resources of the clients requesting connections to the policy server(100), to transmit detected results to the policy server(100). And a security policy information processor(223) delivers security policy information distributed by the policy server(100) to the clients.
    • 目的:提供一种用于在全局入侵检测系统中传递安全策略的消息传输单元,以及使用该安全策略传递安全策略的方法,使策略服务器能够全面收集和分析从许多客户端传递的报警消息,以便 实时建立和传送报警信息的安全策略。 构成:初始化功能单元(211)初始化协议栈(200)。 连接管理器(212)设置策略服务器(100)和客户机之间的连接,并管理连接的状态。 基本消息生成器(213)生成用于与策略服务器(100)和客户端传递消息的基本消息。 基本消息处理器(214)处理基本消息。 编码/解码处理器(215)根据数据发送/接收执行编码和解码。 事件生成器(216)生成与策略服务器(100)和客户端进行消息传递的事件。 警报消息处理器(221)将从客户端发送的报警消息传递到策略服务器(100),并进行处理。 资源处理器(222)检测请求到策略服务器(100)的连接的客户端的资源,以将检测到的结果发送到策略服务器(100)。 并且安全策略信息处理器(223)将由策略服务器(100)分发的安全策略信息传递给客户端。
    • 18. 发明授权
    • 다중 침입탐지 객체를 이용한 보안 게이트웨이 시스템 및침입 탐지방법
    • 다중침입탐지객체를이용한보안게이트웨이시스템및침입탐지방
    • KR100432168B1
    • 2004-05-17
    • KR1020010086312
    • 2001-12-27
    • 한국전자통신연구원
    • 김병구정연서류걸우장종수
    • H04L12/22
    • PURPOSE: A security gateway system using multiple intrusion detection objects and an intrusion detection method are provided to judge whether intrusion occurs, by generating the multiple intrusion detection objects on the basis of object-oriented modeling and analyzing contraction observation data with respect to a network packet according to each intrusion detection object. CONSTITUTION: A network packet information extracting and transmitting device(205) receives a network packet from a lower network layer, and generates contraction observation data. A network intrusion detection performing device(203) analyzes whether intrusion occurs by the contraction observation data generated in the network packet information extracting and transmitting device(205), and provides the analyzed result. An intrusion pattern database(204) stores intrusion patterns required for judging whether the intrusion occurs in the network intrusion detection performing device(203). A cyber patrol agent(202) manages the entire security gateway system, and generates and transmits an alarm message. An alarm processing device(201) transmits policy and the alarm message from the cyber patrol agent(202).
    • 目的:提供一种使用多个入侵检测对象和入侵检测方法的安全网关系统,通过基于面向对象建模生成多个入侵检测对象并分析关于网络分组的收缩观察数据来判断入侵是否发生 根据每个入侵检测对象。 组成:网络分组信息提取和发送设备(205)从下层网络层接收网络分组,并产生收缩观察数据。 网络入侵检测执行设备(203)通过在网络分组信息提取和发送设备(205)中生成的收缩观察数据来分析是否发生入侵,并提供分析结果。 入侵模式数据库(204)存储用于判断网络入侵检测执行设备(203)中是否发生入侵所需的入侵模式。 网络巡逻代理(202)管理整个安全网关系统,并生成并发送警报消息。 警报处理设备(201)从网络巡逻代理(202)发送策略和警报消息。
    • 19. 发明公开
    • 다중 침입탐지 객체를 이용한 보안 게이트웨이 시스템 및침입 탐지방법
    • 使用多个入侵检测对象和侵入检测方法的安全网关系统
    • KR1020030056148A
    • 2003-07-04
    • KR1020010086312
    • 2001-12-27
    • 한국전자통신연구원
    • 김병구정연서류걸우장종수
    • H04L12/22
    • H04L63/1416H04L63/1433H04L63/1441
    • PURPOSE: A security gateway system using multiple intrusion detection objects and an intrusion detection method are provided to judge whether intrusion occurs, by generating the multiple intrusion detection objects on the basis of object-oriented modeling and analyzing contraction observation data with respect to a network packet according to each intrusion detection object. CONSTITUTION: A network packet information extracting and transmitting device(205) receives a network packet from a lower network layer, and generates contraction observation data. A network intrusion detection performing device(203) analyzes whether intrusion occurs by the contraction observation data generated in the network packet information extracting and transmitting device(205), and provides the analyzed result. An intrusion pattern database(204) stores intrusion patterns required for judging whether the intrusion occurs in the network intrusion detection performing device(203). A cyber patrol agent(202) manages the entire security gateway system, and generates and transmits an alarm message. An alarm processing device(201) transmits policy and the alarm message from the cyber patrol agent(202).
    • 目的:提供一种使用多个入侵检测对象和入侵检测方法的安全网关系统,通过在面向对象建模的基础上生成多个入侵检测对象并分析相对于网络包的收缩观察数据,来判断是否发生入侵 根据每个入侵检测对象。 构成:网络分组信息提取与发送装置(205)从下层网络层接收网络分组,生成收缩观察数据。 网络入侵检测执行装置(203)通过网络分组信息提取和发送装置(205)中生成的收缩观察数据来分析入侵是否发生,并提供分析结果。 入侵模式数据库(204)存储用于判断入侵检测执行装置(203)中是否发生入侵所需的入侵模式。 网络巡逻代理(202)管理整个安全网关系统,并生成并发送警报消息。 报警处理装置(201)从网络巡逻代理(202)发送策略和报警消息。
    • 20. 发明公开
    • 라돈-보안게이트웨이 시스템 및 그 보안정책 설정방법과유해트래픽 탐지경보생성방법
    • 安防网关系统,安全策略设置方法及有效的交通检测报警生成方法
    • KR1020030050307A
    • 2003-06-25
    • KR1020010080720
    • 2001-12-18
    • 한국전자통신연구원
    • 허영준류걸우장종수
    • H04L12/22
    • H04L63/1416H04L63/1433
    • PURPOSE: A Ladon-SGS(Security Gateway System), its security policy setting method and a harmful traffic detection alarm generating method are provided to control an illegal intrusion or a harmful traffic by analyzing a large scale network traffic and packet information. CONSTITUTION: A communication processor(21) sets connection with a security policy server and a Ladon-SGS and transfers and receives information according to security policy. A system controller(22) performs operations related to initialization of the Ladon-SGS and controls an overall system. A security policy processor(23) converts the security policy transferred from a security policy server into a form applicable to the Ladon-SGS. An intrusion detection analyzer(24) analyzes an intrusion as occurred through a network and transfers an analysis result to an intrusion detection alarm processor. An intrusion detection alarm processor(25) analyzes an intrusion alarm importance according to a pre-set security policy on the basis of information related to the intrusion type analyzed by the intrusion detection analyzer(24), compares the importance with a reference value, and determines whether to cope with it by a system or transfer it to the security policy server. A security policy storing unit(26) stores the security policy which has been converted by the security policy processor(23), the intrusion detection and corresponding results of the detected intrusion. A firewall processor(27) cuts off an illegal intrusion defined by a firewall policy and a harmful traffic.
    • 目的:提供Ladon-SGS(安全网关系统),其安全策略设置方法和有害的流量检测报警生成方法,通过分析大规模网络流量和分组信息来控制非法入侵或有害流量。 规定:通信处理器(21)设置与安全策略服务器和Ladon-SGS的连接,并根据安全策略传输和接收信息。 系统控制器(22)执行与Ladon-SGS的初始化相关的操作并控制整个系统。 安全策略处理器(23)将从安全策略服务器传送的安全策略转换为适用于Ladon-SGS的形式。 入侵检测分析器(24)通过网络分析入侵,并将分析结果传送到入侵检测报警处理器。 入侵检测报警处理器(25)根据与入侵检测分析器(24)分析的入侵类型相关的信息,根据预设的安全策略分析入侵报警重要性,将重要性与参考值进行比较,以及 确定是否由系统处理或将其传输到安全策略服务器。 安全策略存储单元(26)存储由安全策略处理器(23)转换的安全策略,入侵检测和检测到的入侵的相应结果。 防火墙处理器(27)切断了防火墙策略和有害流量所定义的非法入侵。