-
公开(公告)号:US07787394B2
公开(公告)日:2010-08-31
申请号:US11599909
申请日:2006-11-15
申请人: Beom Hwan Chang , Jung Chan Na , Geon Lyang Kim , Dong Young Kim , Jin Oh Kim , Hyun Joo Kim , Hyo Chan Bang , Soo Hyung Lee , Seon Gyoung Sohn , Jong Soo Jang , Sung Won Sohn
发明人: Beom Hwan Chang , Jung Chan Na , Geon Lyang Kim , Dong Young Kim , Jin Oh Kim , Hyun Joo Kim , Hyo Chan Bang , Soo Hyung Lee , Seon Gyoung Sohn , Jong Soo Jang , Sung Won Sohn
CPC分类号: H04L43/045 , H04L43/0817 , H04L43/16
摘要: A network status display device using a traffic flow-radar is provided. The network status display device includes: a traffic feature extractor calculating flow occupancy rates for total flows, micro-flows and macro-flows with respect to each of a plurality of traffic features with reference to traffic information for each traffic feature such as a network address, a port, a transmitting/receiving host address or a protocol collected by an external traffic information collector, and storing the calculation result; a traffic status display unit displaying the flow occupancy rates for each traffic feature calculated and stored in the traffic feature extractor on a radar with dots for each traffic feature; and a traffic anomaly determination unit determining whether a network status is abnormal with reference to the radar for each traffic feature, detecting and reporting the type of the abnormal network status and harmful or abnormal traffic that generates the abnormal network status, when the abnormal status occurs.
摘要翻译: 提供了使用交通流量雷达的网络状态显示装置。 网络状态显示装置包括:业务特征提取器,参考每个业务特征(例如网络地址)的业务信息来计算关于多个业务特征中的每一个的总流量,微流量和宏流量的流量占用率 ,端口,发送/接收主机地址或由外部交通信息收集器收集的协议,并存储计算结果; 交通状态显示单元,其显示针对每个交通特征点的雷达上计算并存储在交通特征提取器中的每个交通特征的流量占用率; 以及交通异常判定单元,针对每个流量特征,参照雷达确定网络状态是否异常,检测和报告异常网络状态的类型以及产生异常网络状态的有害或异常流量,当发生异常状态时 。
-
32.发明申请LOG-BASED TRACEBACK SYSTEM AND METHOD USING CENTROID DECOMPOSITION TECHNIQUE 有权基于LOG的跟踪系统和使用中心分解技术的方法公开(公告)号:US20100212013A1
公开(公告)日:2010-08-19
申请号:US12669633
申请日:2007-11-21
申请人: Jong Hyun Kim , Geon Lyang Kim , Seon Gyoung Sohn , Beom Hwan Chang , Chi Yoon Jeong , Jong Ho Ryu , Jung Chan Na , Jong Soo Jang , Sung Won Sohn
发明人: Jong Hyun Kim , Geon Lyang Kim , Seon Gyoung Sohn , Beom Hwan Chang , Chi Yoon Jeong , Jong Ho Ryu , Jung Chan Na , Jong Soo Jang , Sung Won Sohn
IPC分类号: G06F11/34
CPC分类号: H04L45/00 , H04L45/12 , H04L63/1416 , H04L63/1425 , H04L63/1441 , H04L2463/146
摘要: There are provided a system and method for tracing back an attacker by using centroid decomposition technique, the system including: a log data input module collecting log data of an intrusion alarm from an intrusion detection system; a centroid node detection module generating a shortest path tree by applying a shortest path algorithm to network router connection information collected by a network administration server, detecting a centroid node by applying centroid decomposition technique removing a leaf-node to the shortest path tree, and generating a centroid tree whose node of each level is the detected centroid node; and a traceback processing module requesting log data of a router matched with the node of each level of the centroid tree, and tracing back a router identical to the log data of the collected intrusion alarm as a router connected to a source of an attacker by comparing the log data of the router with the log data of the collected intrusion alarm. According to the system and method, an attacker causing a security intrusion event may be quickly detected, a load on the system is reduced, and a passage host exposed to a danger or having weaknesses may be easily recognized, thereby easily coping with an attack.
摘要翻译: 提供了一种通过使用质心分解技术跟踪攻击者的系统和方法,该系统包括:日志数据输入模块,从入侵检测系统收集入侵警报的日志数据; 质心节点检测模块,通过对网络管理服务器收集的网络路由器连接信息应用最短路径算法,生成最短路径树,通过应用质心分解技术检测质心节点,去除叶节点到最短路径树,并生成 每个级别的节点是检测到的质心节点的质心树; 以及回溯处理模块,请求与质心树的每个级别的节点匹配的路由器的日志数据,并且通过比较来跟踪与收集的入侵警报器的日志数据相同的路由器作为连接到攻击者的源的路由器 路由器的日志数据与收集的入侵报警的日志数据。 根据系统和方法,可以快速地检测到导致安全入侵事件的攻击者,系统上的负载减少,并且易于识别暴露于危险或具有弱点的通道主机,从而容易地应对攻击。
-
公开(公告)号:US07735137B2
公开(公告)日:2010-06-08
申请号:US11484257
申请日:2006-07-10
申请人: Kwang Ho Baik , Byoung Koo Kim , Jin Tae Oh , Jong Soo Jang , Sung Won Sohn
发明人: Kwang Ho Baik , Byoung Koo Kim , Jin Tae Oh , Jong Soo Jang , Sung Won Sohn
CPC分类号: H04L63/1416
摘要: A method and apparatus for storing an intrusion rule are provided. The method stores a new intrusion rule in an intrusion detection system having already stored intrusion rules, and includes: generating combinations of divisions capable of dividing the new intrusion rule into a plurality of partial intrusion rules; calculating the frequency of hash value collisions between each of the generated division combinations and the already stored intrusion rules; dividing the new intrusion rule according to the division combination which has the lowest calculated frequency of hash value collisions; and storing the divided new intrusion rule in a corresponding position of the intrusion detection system. According to the method and apparatus, the size of the storage unit occupied by the intrusion rule can be reduced, and by performing pattern matching, the performance of the intrusion detection system can be enhanced.
摘要翻译: 提供了一种用于存储入侵规则的方法和装置。 该方法在已经存储了入侵规则的入侵检测系统中存储新的入侵规则,并且包括:生成能够将新的入侵规则划分成多个部分入侵规则的分割组合; 计算每个生成的分割组合与已经存储的入侵规则之间的散列值冲突的频率; 根据哈希值碰撞计算频率最低的划分组合划分新的入侵规则; 并将分割的新入侵规则存储在入侵检测系统的相应位置。 根据该方法和装置,可以减少入侵规则占用的存储单元的大小,通过执行模式匹配,能够提高入侵检测系统的性能。
-
34.发明授权Method of storing pattern matching policy and method of controlling alert message 失效存储模式匹配策略的方法和控制报警信息的方法公开(公告)号:US07735128B2
公开(公告)日:2010-06-08
申请号:US11635245
申请日:2006-12-07
申请人: Byoung Koo Kim , Kwang Ho Baik , Jin Tae Oh , Jong Soo Jang , Sung Won Sohn
发明人: Byoung Koo Kim , Kwang Ho Baik , Jin Tae Oh , Jong Soo Jang , Sung Won Sohn
CPC分类号: H04L12/5602
摘要: A method of storing a pattern matching policy and a method of controlling an alert message are provided. The method includes (a) generating a content structure as a sub-structure of a header combination structure of a stored traffic pattern which is a policy to be newly applied to a pattern matching apparatus; (b) determining whether a content of the stored traffic pattern is identical to a content of an original traffic pattern stored in advance in the pattern matching apparatus; (c) allocating a content index of the content of the original traffic pattern to the content of the stored traffic pattern if the content of the stored traffic pattern is identical to the content of the original traffic pattern; and (d) determining whether a header combination structure of the original traffic pattern comprises only one content structure or more than one content structure and allocating a header index of the header combination structure of the stored traffic pattern to the header combination structure of the original traffic pattern if the header combination structure of the original traffic pattern is found to comprise only one content structure. Accordingly, it is possible to efficiently use hardware memories with limited storage capacities and effectively perform a pattern matching function.
摘要翻译: 提供了一种存储模式匹配策略的方法和一种控制警报消息的方法。 该方法包括:(a)生成内容结构作为作为新应用于模式匹配装置的策略的存储的流量模式的头部组合结构的子结构; (b)确定存储的业务模式的内容是否与预先存储在模式匹配装置中的原始业务模式的内容相同; (c)如果存储的业务模式的内容与原始业务模式的内容相同,则将原始业务模式的内容的内容索引分配给所存储的业务模式的内容; 和(d)确定原始业务模式的报头组合结构是否仅包含一个内容结构或多于一个内容结构,并且将所存储的业务模式的报头组合结构的报头索引分配给原始业务的报头组合结构 如果发现原始流量模式的头组合结构仅包含一个内容结构,则模式。 因此,可以有效地使用具有有限存储容量的硬件存储器并且有效地执行模式匹配功能。
-
35.发明授权Method and apparatus for storing pattern matching data and pattern matching method using the same 有权用于存储模式匹配数据的方法和装置以及使用其的模式匹配方法公开(公告)号:US07613669B2
公开(公告)日:2009-11-03
申请号:US11453954
申请日:2006-06-14
申请人: Seung Won Shin , Jin Tae Oh , Jong Soo Jang , Sung Won Sohn
发明人: Seung Won Shin , Jin Tae Oh , Jong Soo Jang , Sung Won Sohn
CPC分类号: G06F21/56 , G06F17/30949 , G06F21/55 , G06F21/567 , G06K9/62 , Y10S707/99936
摘要: A method and apparatus for storing pattern matching data and a pattern matching method using the method and apparatus are provided. The method of storing original data for pattern matching in a pattern matching apparatus includes: dividing the original data into segments of a predetermined size; performing a hash operation on each of the divided segments; determining whether or not the hash operation value of each segment causes a hash collision with a hash operation value stored in a first external memory disposed outside the pattern matching apparatus; and controlling the hash operation value of each segment determined not to cause a hash collision to be stored in the first external memory. According to the method and apparatus, the original data desired to be used for pattern matching can be stored at a faster speed in a pattern matching data storing apparatus.
摘要翻译: 提供一种用于存储模式匹配数据的方法和装置以及使用该方法和装置的模式匹配方法。 在模式匹配装置中存储用于模式匹配的原始数据的方法包括:将原始数据划分成预定大小的段; 对每个分割的段执行散列操作; 确定每个段的散列操作值是否与存储在布置在模式匹配装置外部的第一外部存储器中的散列操作值引起哈希冲突; 并且将被确定为不引起散列冲突的每个段的散列操作值控制在第一外部存储器中。 根据该方法和装置,可以在模式匹配数据存储装置中以更快的速度存储期望用于模式匹配的原始数据。
-
36.发明授权Access pointer for interconnecting power line communication network and wireless network and method therefor 有权用于互连电力线通信网络和无线网络的接入指针及其方法公开(公告)号:US07583952B2
公开(公告)日:2009-09-01
申请号:US11286560
申请日:2005-11-23
申请人: Hyung Kyu Lee , Jong Wook Han , Jong Soo Jang , Sung Won Sohn
发明人: Hyung Kyu Lee , Jong Wook Han , Jong Soo Jang , Sung Won Sohn
CPC分类号: H04W4/18 , H04B3/54 , H04B2203/5441 , H04B2203/5445 , H04B2203/5454 , H04L12/2803 , H04L12/2832 , H04L12/4625 , H04L2012/2841 , H04L2012/2843 , H04W80/00 , H04W88/08 , Y02D70/142
摘要: An access pointer for interconnecting a power line communication (PLC) network of a home network and a wireless network and a method therefor are provided. When data is received from the PLC network through media access control of a data link layer, data on upper layers above a network layer in the received data is converted into a format suitable to a wireless network layer. The converted data is transmitted to the wireless network through the media access control of the data link layer. Accordingly, the PLC network and the wireless network are easily interconnected.
摘要翻译: 提供了用于互连家庭网络的电力线通信(PLC)网络和无线网络的接入指针及其方法。 当通过数据链路层的媒体访问控制从PLC网络接收到数据时,接收到的数据中的网络层上的上层数据被转换为适合于无线网络层的格式。 转换的数据通过数据链路层的媒体访问控制被发送到无线网络。 因此,PLC网络和无线网络容易互连。
-
37.发明授权Apparatus and method for detecting and visualizing anomalies in network traffic 有权用于检测和可视化网络流量异常的装置和方法公开(公告)号:US07539147B2
公开(公告)日:2009-05-26
申请号:US11077638
申请日:2005-03-11
申请人: Beom Hwan Chang , Soo Hyung Lee , Jin Oh Kim , Jung Chan Na , Jong Soo Jang , Sung Won Sohn
发明人: Beom Hwan Chang , Soo Hyung Lee , Jin Oh Kim , Jung Chan Na , Jong Soo Jang , Sung Won Sohn
IPC分类号: G01R31/08
CPC分类号: H04L41/22 , H04L41/06 , H04L43/0817
摘要: Provided is an apparatus for detecting and visualizing anomalies in network traffic which includes a traffic information storing portion storing information on network traffic, a traffic state display portion presenting a status of the network traffic generated for a predetermined threshold time based on the information on network traffic on an orthogonal coordinates system in a form of a graph connecting at least one point data as a coordinate value, and a traffic anomalies determination portion determining an existence of anomalies in the network traffic based on a shape of the graph.
摘要翻译: 提供了一种用于检测和可视化网络流量异常的装置,其包括存储关于网络流量的信息的交通信息存储部分,基于关于网络流量的信息呈现针对预定阈值时间生成的网络流量的状态的交通状态显示部分 以连接至少一个点数据作为坐标值的图形的正交坐标系,以及基于图形的形状来确定网络业务中的异常的存在的业务异常确定部分。
-
38.发明授权公开(公告)号:US07535872B2
公开(公告)日:2009-05-19
申请号:US10923184
申请日:2004-08-19
申请人: Jung Hoon Jee , Jae Hoon Nah , Taek Yong Nam , Sung Won Sohn
发明人: Jung Hoon Jee , Jae Hoon Nah , Taek Yong Nam , Sung Won Sohn
IPC分类号: G06F15/16
CPC分类号: H04W40/02 , H04L45/00 , H04L67/303 , H04L69/329 , H04W8/02 , H04W8/26 , H04W36/0016
摘要: A network apparatus and packet routing method for ubiquitous computing are provided. In the network apparatus, a movement detection unit detects movement from a first network to a second network, and a movement address setting unit generates care-of-address (CoA) information corresponding to prefix information of the second network. A movement registration unit registers a movement address by transmitting a binding update message containing the generated CoA and home address (HoA) mapping information, to a home agent. A resource setting unit registers information on current terminal apparatuses among network terminal apparatuses on the second network. A packet distribution unit distributes the received packet to a current terminal apparatus corresponding to the application characteristic of the packet received from the home agent based on the information on the current terminal apparatuses.
摘要翻译: 提供了一种用于无处不在的计算的网络设备和分组路由方法。 在网络装置中,移动检测部检测从第一网络向第二网络的移动,移动地址设定部生成与第二网络的前缀信息对应的转交地址(CoA)信息。 移动注册单元通过将包含所生成的CoA和归属地址(HoA)映射信息的绑定更新消息发送到归属代理来注册移动地址。 资源设置单元在第二网络上的网络终端装置中登记当前终端装置的信息。 分组分发单元基于关于当前终端设备的信息,将接收的分组分发到与归属代理接收的分组的应用特性相对应的当前终端设备。
-
39.发明申请System and method of managing encryption key management system for mobile terminals 审中-公开管理移动终端加密密钥管理系统的系统和方法公开(公告)号:US20050144439A1
公开(公告)日:2005-06-30
申请号:US10940090
申请日:2004-09-13
申请人: Nam Je Park , Ki Young Moon , Sung Won Sohn , Chee Hang Park
发明人: Nam Je Park , Ki Young Moon , Sung Won Sohn , Chee Hang Park
CPC分类号: H04L63/06 , H04L9/0891 , H04L9/3263 , H04L63/0823 , H04L2209/80 , H04W12/04031 , H04W12/06
摘要: An encryption key management method for mobile terminals for providing at least one mobile terminal which is connected to a network to use services with an encryption key required for issuing a certificate which is needed for the services and managed by a certification authority by using an encryption key management server is provided. The method includes operations of: a registration requesting operation where the mobile terminal generates an encryption key registration request; an encryption key managing operation where the encryption key management server generates and manages the encryption key in response to the encryption key registration request; a transferring operation of sending the generated encryption key to the mobile terminal; and a security service providing operation of receiving the certificate managed by the certification authority and providing selective security services specific to the content of the services provided to the mobile terminal. The method can relieve the hardware load of mobile terminals while providing a security service using various conventional certification authorities.
摘要翻译: 一种用于移动终端的加密密钥管理方法,用于提供连接到网络的至少一个移动终端,以使用服务所需的加密密钥来发布服务所需的证书,并且由认证机构通过使用加密密钥来管理 提供管理服务器。 该方法包括以下操作:移动终端生成加密密钥注册请求的注册请求操作; 加密密钥管理服务器,其中所述加密密钥管理服务器响应于所述加密密钥注册请求生成并管理所述加密密钥; 将生成的加密密钥发送到移动终端的传送操作; 以及安全服务,提供接收由认证机构管理的证书的操作,并提供特定于提供给移动终端的服务的内容的选择性安全服务。 该方法可以减轻移动终端的硬件负载,同时使用各种常规认证机构提供安全服务。
-
公开(公告)号:US20130054499A1
公开(公告)日:2013-02-28
申请号:US13534589
申请日:2012-06-27
申请人: Jin Young MOON , Hyung Jik Lee , Chang Seok Bae , Sung Won Sohn
发明人: Jin Young MOON , Hyung Jik Lee , Chang Seok Bae , Sung Won Sohn
IPC分类号: G06F15/18
摘要: An apparatus for providing a digital mind service, includes a mind input module configured to receive gaze trace information, sensitivity information, or log information of a user. Further, the apparatus for providing the digital mind service includes a mind epigenomic map creating module configured to create a plurality of mind epigenomes in accordance with predetermined specifications by analyzing the log information of the user and to create a mind epigenomic map by defining relationship between the created mind epigenomes and structure thereof.
摘要翻译: 一种用于提供数字思维服务的装置,包括配置成接收注视跟踪信息,灵敏度信息或用户日志信息的思维输入模块。 此外,用于提供数字思维服务的装置包括心理表观遗传学图谱创建模块,其配置为通过分析用户的日志信息来根据预定规范创建多个心理表观基因组,并通过定义 形成心理表观基因及其结构。
-
-
-
-
-
-
-
-
-
搜索结果
47 条记录 (耗时 0.05 秒)
