Abstract:
A system and a method for controlling an abnormal IPSec traffic by using IPSec setup information and session information are provided to block the transmitted abnormal IPSec setup and communication step packets after storing information about normal IPSec setup and communication step packets by using an IPSec setup information table and an IPSec session information table. An extension header processing unit(10) receives an IPSec(Internet Protocol Security) packet, divides the packet into an IPSec setup step packet and an IPSec communication step packet, and extracts each information used for traffic control. An IPSec setup step packet confirmation unit(20) has an IPSec setup database unit(21) for managing IPSec setup information, and receives the information extracted from the IPSec setup step packet. The IPSec setup step packet confirmation unit compares the extracted information with information stored in the IPSec session database unit, and determines whether to pass the IPSec packet. An IPSec communication step packet confirmation unit(30) has an IPSec session database unit(31) for managing IPSec session information, and receives information extracted from the IPSec communication step packet. The IPSec communication step packet confirmation unit compares the extracted information with information stored in the IPSec session database unit, and determines whether to pass the IPSec packet. A control unit(40) passes or blocks the IPSec packet according to the determination result of the IPSec setup step packet confirmation unit or the IPSec communication step packet confirmation unit.