-
公开(公告)号:US20210382997A1
公开(公告)日:2021-12-09
申请号:US16991362
申请日:2020-08-12
Inventor: Hyunyi YI , Sung-Jin KIM , Chulwoo LEE , Woomin HWANG , Byungjoon KIM
IPC: G06F21/57
Abstract: A method and apparatus for providing security visibility into a container image. The method includes generating a software list by analyzing layers forming a container image, generating a vulnerability check result based on the software list, and generating a container image content report based on the software list and the vulnerability check result.
-
公开(公告)号:US20210390172A1
公开(公告)日:2021-12-16
申请号:US16944480
申请日:2020-07-31
Inventor: Sung-Jin KIM , Hyunyi YI , Chulwoo LEE , Woomin HWANG , Byungjoon KIM
IPC: G06F21/53
Abstract: An apparatus and method for generating a system call whitelist for an application container. The method may include determining whether a container is based on machine code or non-machine code by analyzing the internal configuration of the running container, identifying system calls included in an application through binary static analysis or static analysis of source code selected depending on the determination of whether the container is based on machine code or non-machine code, and generating a whitelist based on the numbers of all of the identified system calls.
-
公开(公告)号:US20190012465A1
公开(公告)日:2019-01-10
申请号:US15938017
申请日:2018-03-28
Inventor: Sung-Jin KIM , Hyunyi YI , Seong-Joong KIM , Woomin HWANG , Byung-Joon KIM , Chulwoo LEE , Hyoung-Chun KIM
CPC classification number: G06F21/575 , G06F9/45533 , G06F9/45558 , G06F21/53 , G06F21/552 , G06F21/554 , G06F21/566 , G06F2009/45575 , G06F2009/45587 , G06F2009/45591 , G06F2221/034 , G06F2221/2101
Abstract: An apparatus and method for collecting an audit trail in a virtual machine boot process, the audit-trail-collecting apparatus including an event detection unit for detecting a software interrupt event, a register state information extraction unit for extracting state information of a CPU register corresponding to a detection time of the software interrupt event, a monitoring unit for monitoring a change in a vector value corresponding to the software interrupt event in an interrupt vector table, a threat occurrence detection unit for detecting a threat occurrence in a virtual machine boot process based on at least one of the CPU register state information and a monitored result, and an audit trail collection unit for storing an audit trail corresponding to at least one of the CPU register state information and the monitored result when the threat occurrence is detected in the virtual machine boot process.
-
Patent Agency Ranking
公开(公告)号:US20200285733A1
公开(公告)日:2020-09-10
申请号:US16411354
申请日:2019-05-14
Inventor: Sung-Jin KIM , Hyunyi YI , Chulwoo LEE , Woomin HWANG , Hyoung-Chun KIM
Abstract: An operation method of a system for generating a security profile of a security instance includes extracting executable code and a library file from a container, thereby identifying a target to be analyzed; performing binary static analysis for the executable code and the library file in order to generate a system call list; and generating a Secure Computing Mode (SECCOMP) security profile based on the system call list.
-
公开(公告)号:US20180300182A1
公开(公告)日:2018-10-18
申请号:US15810790
申请日:2017-11-13
Inventor: Woomin HWANG , Sung-Jin KIM , Byung-Joon KIM , Hyunyi YI , Chulwoo LEE , Hyoung-Chun KIM
Abstract: A hypervisor-based virtual machine isolation apparatus and method. The hypervisor-based virtual machine isolation method performed by the hypervisor-based virtual machine isolation apparatus includes when a hypervisor starts to run virtual machines, allocating one or more colors to each of the virtual machines, allocating a page frame corresponding to the allocated colors to the corresponding virtual machine, allocating an accessible core depending on the colors of the virtual machine, and performing isolation between virtual machines corresponding to an identical color by changing a temporal/spatial scheduling order between the virtual machines corresponding to the identical color.
-
公开(公告)号:US20210306304A1
公开(公告)日:2021-09-30
申请号:US16933427
申请日:2020-07-20
Inventor: Woomin HWANG , Chulwoo LEE , Sung-Jin KIM , Hyunyi YI , Byungjoon KIM
Abstract: A method and apparatus for distributing confidential execution software. The method includes loading a payload into memory in a confidential execution region, checking a vulnerability related to the payload, generating bridge code for calling a function that is not present in the payload, among functions used in the payload, generating confidential execution code for generating a confidential execution region in a target cloud node having privileges to execute the payload, encrypting the payload, and distributing the confidential execution code and the encrypted payload.
-
公开(公告)号:US20190044946A1
公开(公告)日:2019-02-07
申请号:US15938003
申请日:2018-03-28
Inventor: Woomin HWANG , Hyunyi YI , Sung-Jin KIM , Seong-Joong KIM , Chulwoo LEE , Byung-Joon KIM , Hyoung-Chun KIM
Abstract: An apparatus for monitoring file access in a virtual machine in a cloud-computing system based on a virtualized environment includes a hypervisor for implementing at least one virtual machine and managing the virtual machine by monitoring a task in which a the virtual machine accesses a file loaded from storage to memory, the storage storing data including environment information of the virtual machine.
-
8.发明申请公开(公告)号:US20190012194A1
公开(公告)日:2019-01-10
申请号:US15975932
申请日:2018-05-10
Inventor: Hyunyi YI , Sung-Jin KIM , Woomin HWANG , Seong-Joong KIM , Chulwoo LEE , Byung-Joon KIM , Hyoung-Chun KIM
Abstract: An apparatus and method for storing an audit trail in response to execution of a virtual-machine process. The method for storing an audit trail, performed by the apparatus for storing an audit trail in response to execution of a virtual-machine process, includes detecting execution of a process inside a virtual machine, determining whether the executed process is a monitoring target process and determining a type of the process, activating one or more monitoring events for monitoring at least one of an upload, a download and a drop by the process based on a result of the determination, and storing information about occurrence of the activated monitoring event as an audit trail.
-
-
-
-
-
-
-
Search Results
8
records
(took 0.016 seconds)
