1. Technical Field
The present invention relates to an apparatus and method for processing packets.
2. Description of the Related Art
An apparatus for processing packets is used to monitor malicious actions, such as the propagation of malware or a malicious uniform resource locator (URL). Conventional apparatuses for processing packets, such as Wireshark, TCPDUMP, Network Minor and Kraken, basically provide session information regarding collected network packets.
Network Minor and Kraken provide the function of extracting content with respect to each application, such as FTP, SMTP, POP or HTTP.
In the conventional apparatuses for processing packets, however, the size of a packet group that can be processed at once is limited. In particular, the conventional apparatuses for processing packets do not support the processing of a packet group having a size equal to or larger than 10 Gigabytes. With an increase in the amount of use of the Internet and with the improvement of network performance, there are many cases where a network packet group having a size equal to or larger than 10 Gigabytes is collected per day.
Accordingly, there is a need for an apparatus and method for processing packets, which are capable of supporting the function of processing a large-sized packet group.
As a related technology, Korean Patent Application Publication No. 10-2013-0038975 discloses a method and apparatus for classifying packets.