-
公开(公告)号:US20230180004A1
公开(公告)日:2023-06-08
申请号:US17811540
申请日:2022-07-08
申请人: WINS Co., Ltd.
发明人: Yong Sig JIN , Jong Gu LEE
IPC分类号: H04W12/121 , H04W12/06
CPC分类号: H04W12/121 , H04W12/06
摘要: A 5G smart factory replay attack detection method includes (A) acquiring and managing, by a 5G smart factory replay attack detection apparatus, user information including IP information assigned to a user terminal, (B) acquiring factory facility command data based on user data in a GTP-U protocol between a 5G base station and a user plane function (UPF), and managing the acquired factory facility command data as an authentication command for each user terminal, (C) acquiring the factory facility command data and user terminal IP information based on the user data, (D) comparing the factory facility command data and the user terminal IP information with the authentication command for each user terminal and the IP information acquired in the (A) acquiring and managing of the user information, respectively, and (E) detecting an attack based on the command comparison result and the IP information comparison result.
-
公开(公告)号:US20220150152A1
公开(公告)日:2022-05-12
申请号:US17128826
申请日:2020-12-21
申请人: WINS Co., Ltd.
发明人: Yong Sig Jin
IPC分类号: H04L12/26 , H04L29/06 , H04L12/819
摘要: Disclosed is an apparatus for distributed processing of an identical packet in high-speed network security equipment, including: a plurality of analysis modules for each determining whether vulnerability analysis is required by analyzing a received packet; a circular queue for receiving the packet from an analysis module initially determining that the vulnerability analysis is required and storing the received packet as a bucket structure; and a plurality of analysis engines for each performing different vulnerability analyses for the packet acquired from the circular queue based on a packet address of the bucket structure, in which the bucket structure includes a packet data storage unit and packet use information storage units which are as many as the plurality of analysis engines, and the packet use information storage units store packet use information of the plurality of respective analysis engines, respectively.
-
公开(公告)号:US11025650B2
公开(公告)日:2021-06-01
申请号:US16138254
申请日:2018-09-21
申请人: WINS Co., Ltd.
发明人: Yong Sig Jin , Ji Yoon Hwang
摘要: Provided are a multi-pattern policy detection system and method, wherein, in an environment that operates a plurality of policies for determining matching or non-matching by a string or a normalized format, the plurality of policies are expressed by a data structure that is searchable at a time, and are optimized to improve search performance. The multi-pattern policy detection system includes: a search front stage optimizer configured to register a string of a signature fragment received from a signature fragment list as a registration pattern of a front stage of a signature by taking into account length and uniqueness of the string; a search rear stage optimizer configured to receive the signature fragment from the signature fragment list, and register the signature fragment as a registration pattern of a rear stage when there is no registration signature fragment of the rear stage; and a detection engine configured to perform attack detection by using the front stage of the search front stage optimizer and the rear stage of the search rear stage optimizer.
-
4.发明申请公开(公告)号:US20200082083A1
公开(公告)日:2020-03-12
申请号:US16553054
申请日:2019-08-27
申请人: WINS Co., Ltd.
发明人: Byung Hwan Choi , In Ho Kim , Seung Yeon Park
摘要: Disclosed is an apparatus for verifying a malicious code machine learning classification model, which includes: a main feature processing subsystem performing feature extracting and processing functions in an input file; and a multi-layer cyclic verification subsystem performing multi-layer verification in order to determine whether the file is normal or malicious based on the extracted and processed features to verify a machine learning model that classifies malicious codes, thereby ensuring reliability of a prediction result for a machine learning model.
-
5.发明申请公开(公告)号:US20180121544A1
公开(公告)日:2018-05-03
申请号:US15665915
申请日:2017-08-01
申请人: WINS Co., Ltd.
发明人: HARKSU CHO , YONGSIG JIN , BRUCE NDIBANJE
CPC分类号: G06F16/951 , G06F16/24549 , H04L63/1416
摘要: The present invention is directed to configure an effective search node based on splitting, regrouping, complexity calculation, and learning information, and perform high-performance regular expression search. To this end, the present invention includes: a policy database; a regular expression extraction processor; a regular expression fragment processor that splits each of the regular expression character strings extracted by the regular expression extraction processor in accordance with a fragmentation rule; a regular expression normalization processor that generates an optimized regular expression fragment table; a cost calculation engine processor that determines a cost for each of the regular expression fragments; a decision tree generation processor that generates a decision tree based on cost information; and a pattern matching engine processor that configures a search engine.
-
6.发明授权Method and apparatus for managing session based on general packet radio service tunneling protocol network 有权基于通用分组无线业务隧道协议网络的会话管理方法和装置公开(公告)号:US09510377B2
公开(公告)日:2016-11-29
申请号:US14682965
申请日:2015-04-09
申请人: WINS Co., Ltd.
发明人: Yong Sig Jin
CPC分类号: H04W76/022 , H04L12/4633 , H04L63/029 , H04L63/1441 , H04L65/1023 , H04L65/1033 , H04L65/1069 , H04L65/1073 , H04W12/00 , H04W76/11 , H04W76/12 , H04W76/22
摘要: The present invention includes creating a session in response to a session setup request for a general packet radio service (GPRS) application service, receiving GTP packet data using GPRS tunneling protocol (GTP) tunnel, performing decoding on the GTP packet data, determining whether there is an attack attributable to malicious behavior based on a predetermined management DB, identifying the type of the GTP packet data as the type of GTP packet for attacked GTP packet data and the type of GTP packet for non-attacked packet data based on a result of the determination, carrying out a predetermined policy for the identified type of GTP packet, performing the standardization of the packet data of each GTP version, determining whether the standardized packet data has been registered with a hash buffer in accordance with the type of pairing message for each command, and processing a session based on a result of the determination.
摘要翻译: 本发明包括响应于通用分组无线业务(GPRS)应用业务的会话建立请求而创建会话,使用GPRS隧道协议(GTP)隧道接收GTP分组数据,对GTP分组数据进行解码,确定是否在 是基于预定管理DB的恶意行为的攻击,将GTP分组数据的类型识别为攻击的GTP分组数据的GTP分组的类型,以及基于以下结果的非攻击分组数据的GTP分组的类型 对所识别的GTP分组执行预定策略,执行每个GTP版本的分组数据的标准化,根据配对消息的类型确定标准化分组数据是否已经与散列缓冲器一起注册 每个命令,并且基于确定的结果来处理会话。
-
7.发明申请公开(公告)号:US20140321468A1
公开(公告)日:2014-10-30
申请号:US14260242
申请日:2014-04-23
申请人: Cheol Jeong PARK
发明人: Cheol Jeong PARK
IPC分类号: H04L12/725 , H04L12/741
CPC分类号: H04L45/306 , H04L45/745 , H04L45/7453 , H04L49/251
摘要: A fast application recognition system includes an output management unit to buffer an input packet and transmit the packet to an outside according to control information, a preprocessing path selection unit to receive the packet from the output management unit, extract control information corresponding to a packet's header information, and return the extracted control information to the output management unit, a primary processing unit to receive a packet not processed at the preprocessing path selection unit, extract control information corresponding to a packet's pattern using a primary pattern database, and return the extracted control information to the output management unit, and a statistics control unit to receive a packet from the output management unit according to the control information and the primary processing unit, extract control information corresponding to a packet's pattern using a secondary pattern database, and return the extracted control information to the output management unit.
摘要翻译: 快速应用识别系统包括:输出管理单元,用于根据控制信息缓冲输入分组并将分组发送到外部;预处理路径选择单元,用于从输出管理单元接收分组;提取与分组报头相对应的控制信息; 信息,并将所提取的控制信息返回给输出管理单元,主处理单元接收在预处理路径选择单元未被处理的分组,使用主模式数据库提取与分组的模式对应的控制信息,并返回提取的控制 信息到输出管理单元,以及统计控制单元,用于根据控制信息和主处理单元从输出管理单元接收分组,使用次模式数据库提取与分组的模式相对应的控制信息,并返回提取的 控制信息到输出 管理单位。
-
8.发明授权公开(公告)号:US11991522B2
公开(公告)日:2024-05-21
申请号:US17561868
申请日:2021-12-24
申请人: WINS Co., Ltd.
发明人: Eun Young Joo , Yong Sig Jin
IPC分类号: H04W12/106 , H04W12/121 , H04W28/06
CPC分类号: H04W12/106 , H04W12/121 , H04W28/065
摘要: An apparatus for traffic security processing in a slicing service of mobile edge computing according to an embodiment of the present invention includes: a plurality of security modules for analyzing a received packet to respectively execute security functions suitable for slicing security of mobile edge computing; a controller for managing a slicing security module list in the mobile edge computing; and a main security module for analyzing a received packet on the basis of the slicing security module list to determine a security function to be executed and priority of the security function to be executed, wherein the controller transmits the received packet to at least one corresponding security module among the plurality of security modules according to the priority of the security function to be executed, which is determined by the main security module.
-
9.发明申请公开(公告)号:US20220295283A1
公开(公告)日:2022-09-15
申请号:US17561868
申请日:2021-12-24
申请人: WINS Co., Ltd.
发明人: Eun Young JOO , Yong Sig JIN
IPC分类号: H04W12/106 , H04W12/121 , H04W28/06
摘要: An apparatus for traffic security processing in a slicing service of mobile edge computing according to an embodiment of the present invention includes: a plurality of security modules for analyzing a received packet to respectively execute security functions suitable for slicing security of mobile edge computing; a controller for managing a slicing security module list in the mobile edge computing; and a main security module for analyzing a received packet on the basis of the slicing security module list to determine a security function to be executed and priority of the security function to be executed, wherein the controller transmits the received packet to at least one corresponding security module among the plurality of security modules according to the priority of the security function to be executed, which is determined by the main security module.
-
公开(公告)号:US09882912B2
公开(公告)日:2018-01-30
申请号:US14968856
申请日:2015-12-14
申请人: WINS CO., LTD
发明人: Eun Young Joo
IPC分类号: H04L29/06
CPC分类号: H04L63/102 , H04L63/08 , H04L63/1425
摘要: A system and method for providing authentication service for IoT security are disclosed herein. The system for providing authentication service for IoT security includes an Internet of Things (IoT) service server, and an IoT gateway node. The IoT service server supports an IoT communication service in accordance with an IoT communication service policy. The IoT gateway node receives an IoT service request from a terminal attempting to control an IoT device that supports the IoT communication service while operating in conjunction with the IoT service server, identifies whether the terminal attempting to control the IoT device is a normal user based on profile information, collected from the terminal via the IoT service request, via the IoT service server, and performs the security authentication of the IoT device.
-
-
-
-
-
-
-
-
-
搜索结果
27 条记录 (耗时 0.019 秒)
