Fecha de publicación: 25/11/2016 Fuente: Wipo "IOT" The present invention relates to an apparatus and method for providing a control service for Internet of Things (hereinafter referred to as an IoT) security, which can detect malicious operation of a packet transferred between an IoT sensor and an IoT information collection server over an IoT-based network and can control the malicious operation. Provided are the apparatus and method for providing a control service for IoT security, which control packets based on instruction control of an IoT gateway, which detect and block an instruction not permitted in real time by using a DB updated through automatic learning about a new instruction recognized based on the control of the packets, so that divulgence of information can be prevented. The apparatus and method for providing a control service for IoT security recognize the type of IoT instrument and an instruction set for the type of IoT instrument by using packet information of a read packet in order to minimize load of the IoT information collection server, determine whether there is a match through search and comparison using each corresponding pattern DB, and selectively process the corresponding packet based on a result of the determination. Furthermore, the apparatus and method for providing a control service for IoT security generate a session table based on a result of the processing, determine whether the packet corresponds to abnormal operation by checking a predetermined item of the session table, and execute a policy based on a packet blocking rule management flow, thereby preventing an abnormal packet from accessing an IoT server. COPYRIGHT KIPO 2016