公开(公告)号：US11522906B2

公开(公告)日：2022-12-06

申请号：US17120868

申请日：2020-12-14

申请人： Somma, Inc.

发明人： Yonghwan Roh

IPC分类号： H04L9/40 ,  H04L61/2557 ,  H04L41/16 ,  H04L61/3015 ,  H04L61/4511

摘要： A malware detection method for preventing execution of malware, a method for detecting a domain generation algorithm, and a computer device therefor are provided. The malware detection method includes monitoring, by a processor of a computer, domain name system (DNS) query requests for all processes and replies to the query requests and counting, by the processor, the number of times of failure DNS query requests per unit process and determining, by the processor, malware.

公开(公告)号：US20220109698A1

公开(公告)日：2022-04-07

申请号：US17474420

申请日：2021-09-14

申请人： Somma, Inc.

发明人： Yonghwan ROH

IPC分类号： H04L29/06 ,  G06N20/00

摘要： A security management system for a remove working environment, a computer program therefor, and a method therefor are provided. The security management system monitors and tracks a behavior of an endpoint in real time after execution of a process or a network access time point. Furthermore, the security management system monitors a behavior of an operating system level on the endpoint to which the security policy is not applied in real time to detect a behavior which threatens the security management system and controls the endpoint. Furthermore, the security management system corrects and manages the security policy in response to a request about exception application of a predetermined security policy in real time to flexibly perform security management of the endpoint.

公开(公告)号：US20210194892A1

公开(公告)日：2021-06-24

申请号：US17120868

申请日：2020-12-14

申请人： Somma, Inc.

发明人： Yonghwan ROH

IPC分类号： H04L29/06 ,  H04L29/12 ,  H04L12/24

摘要： A malware detection method for preventing execution of malware, a method for detecting a domain generation algorithm, and a computer device therefor are provided. The malware detection method includes monitoring, by a processor of a computer, domain name system (DNS) query requests for all processes and replies to the query requests and counting, by the processor, the number of times of failure DNS query requests per unit process and determining, by the processor, malware.

公开(公告)号：US11784661B2

公开(公告)日：2023-10-10

申请号：US17122261

申请日：2020-12-15

申请人： Somma, Inc.

发明人： Yonghwan Roh

IPC分类号： H03M7/30 ,  G06F9/54 ,  G06F17/18

CPC分类号： H03M7/60 ,  G06F9/542 ,  G06F17/18 ,  H03M7/3091 ,  H03M7/70

摘要： A method for compressing a behavior event and a computer device therefor are provided. The method for compressing the behavior event includes generating, by a processor of the computer, an event block on the basis of an event target, when the behavior event occurs, updating, by the processor, input/output (I/O) information while the behavior event occurs to the event block, and storing, by the processor, the event block, when the behavior event is ended.

公开(公告)号：US11785050B2

公开(公告)日：2023-10-10

申请号：US17474420

申请日：2021-09-14

申请人： Somma, Inc.

发明人： Yonghwan Roh

IPC分类号： H04L29/06 ,  H04L9/40 ,  G06N20/00

CPC分类号： H04L63/20 ,  G06N20/00 ,  H04L63/101 ,  H04L63/1425

摘要： A security management system for a remove working environment, a computer program therefor, and a method therefor are provided. The security management system monitors and tracks a behavior of an endpoint in real time after execution of a process or a network access time point. Furthermore, the security management system monitors a behavior of an operating system level on the endpoint to which the security policy is not applied in real time to detect a behavior which threatens the security management system and controls the endpoint. Furthermore, the security management system corrects and manages the security policy in response to a request about exception application of a predetermined security policy in real time to flexibly perform security management of the endpoint.

公开(公告)号：US20210194501A1

公开(公告)日：2021-06-24

申请号：US17122261

申请日：2020-12-15

申请人： Somma, Inc.

发明人： Yonghwan ROH

IPC分类号： H03M7/30 ,  G06F17/18 ,  G06F9/54

摘要： A method for compressing a behavior event and a computer device therefor are provided. The method for compressing the behavior event includes generating, by a processor of the computer, an event block on the basis of an event target, when the behavior event occurs, updating, by the processor, input/output (I/O) information while the behavior event occurs to the event block, and storing, by the processor, the event block, when the behavior event is ended.