公开(公告)号：US20130347069A1

公开(公告)日：2013-12-26

申请号：US13609126

申请日：2012-09-10

Applicant: Chul-Woo LEE ,  Deok-Jin KIM ,  Byoung-Jin HAN ,  Byung-Chul BAE ,  Sang-Woo PARK ,  Man-Hee LEE ,  E-Joong YOON

Inventor： Chul-Woo LEE ,  Deok-Jin KIM ,  Byoung-Jin HAN ,  Byung-Chul BAE ,  Sang-Woo PARK ,  Man-Hee LEE ,  E-Joong YOON

IPC: G06F21/00

CPC classification number: G06F21/51 ,  G06F2221/2119

Abstract: A referer verification apparatus and method for controlling web traffic having malicious code are provided. In the referer verification method, whether a referer is present in a Hypertext Transfer Protocol (HTTP) packet is determined. If it is determined that the referer is present in the HTTP packet, Uniform Resource Locators (URLs) are extracted from a referer web page corresponding to the referer. The referer is verified based on a URL corresponding to a referer verification request received from a server and the extracted URLs. A Completely Automated Public Test to tell Computers and Humans Apart (CAPTCHA) verification procedure conducted by a user is performed based on results of the verification of the referer.

Abstract translation: 提供了一种用于控制具有恶意代码的网络流量的引用者验证装置和方法。 在引用者验证方法中，确定超文本传输​​协议（HTTP）分组中是否存在引用者。 如果确定在HTTP分组中存在引用者，则从与引用者相对应的参考网页中提取统一资源定位符（URL）。 基于与从服务器接收到的引用者验证请求和提取的URL相对应的URL验证引用。 根据用户的验证结果，对用户进行的完全自动化的公共测试，告诉计算机和人员（CAPTCHA）验证程序。

公开(公告)号：US08375428B2

公开(公告)日：2013-02-12

申请号：US12824761

申请日：2010-06-28

Applicant: Yoo-Jae Won ,  Hyun-Cheol Jeong ,  Hwan-Jin Lee ,  Byoung-Jin Han

Inventor： Yoo-Jae Won ,  Hyun-Cheol Jeong ,  Hwan-Jin Lee ,  Byoung-Jin Han

IPC: H04L9/32 ,  G06F21/00

CPC classification number: G09C1/00 ,  G06F21/36

Abstract: The present invention relates to a password input algorithm, more particularly to a password input system and method using alphanumeric matrices. An aspect of the invention can provide a password input system and method using alphanumeric matrices that can defend against keylogging attacks and shoulder surfing attacks by including a movable second alphanumeric matrix and a fixed first alphanumeric matrix and enabling a user to input a password by moving the password letters of the second alphanumeric matrix to the user-defined value of the first alphanumeric matrix. Another aspect of the invention can provide a password input system and method using alphanumeric matrices that can defend against shoulder surfing attacks by enabling a user to input a password by dividing the password by every two digits and moving the cross-points for the two digits, respectively, to the user-defined value of the first alphanumeric matrix.

Abstract translation: 本发明涉及密码输入算法，更具体地说，涉及使用字母数字矩阵的密码输入系统和方法。 本发明的一个方面可以提供一种使用字母数字矩阵的密码输入系统和方法，该字母数字矩阵可以通过包括可移动的第二字母数字矩阵和固定的第一字母数字矩阵来防止键盘记录攻击和肩上冲击攻击，并且使用户能够通过移动 第二个字母数字矩阵的密码字母与第一个字母数字矩阵的用户定义值。 本发明的另一方面可以提供一种使用字母数字矩阵的密码输入系统和方法，该字母数字矩阵可以通过使用户通过将密码除以每两位数字输入密码并移动两位数字的交叉点来防止肩上冲击攻击， 分别是第一个字母数字矩阵的用户定义值。

公开(公告)号：US08893233B2

公开(公告)日：2014-11-18

申请号：US13609126

申请日：2012-09-10

Applicant: Chul-Woo Lee ,  Deok-Jin Kim ,  Byoung-Jin Han ,  Byung-Chul Bae ,  Sang-Woo Park ,  Man-Hee Lee ,  E-Joong Yoon

Inventor： Chul-Woo Lee ,  Deok-Jin Kim ,  Byoung-Jin Han ,  Byung-Chul Bae ,  Sang-Woo Park ,  Man-Hee Lee ,  E-Joong Yoon

IPC: G06F7/04

CPC classification number: G06F21/51 ,  G06F2221/2119

Abstract: A referer verification apparatus and method for controlling web traffic having malicious code are provided. In the referer verification method, whether a referer is present in a Hypertext Transfer Protocol (HTTP) packet is determined. If it is determined that the referer is present in the HTTP packet, Uniform Resource Locators (URLs) are extracted from a referer web page corresponding to the referer. The referer is verified based on a URL corresponding to a referer verification request received from a server and the extracted URLs. A Completely Automated Public Test to tell Computers and Humans Apart (CAPTCHA) verification procedure conducted by a user is performed based on results of the verification of the referer.

Abstract translation: 提供了一种用于控制具有恶意代码的网络流量的引用者验证装置和方法。 在引用者验证方法中，确定超文本传输​​协议（HTTP）分组中是否存在引用者。 如果确定在HTTP分组中存在引用者，则从与引用者相对应的参考网页中提取统一资源定位符（URL）。 基于与从服务器接收到的引用者验证请求和提取的URL相对应的URL验证引用。 根据用户的验证结果，对用户进行的完全自动化的公共测试，告诉计算机和人员（CAPTCHA）验证程序。

公开(公告)号：US20140020067A1

公开(公告)日：2014-01-16

申请号：US13607762

申请日：2012-09-09

Applicant: Deok-Jin KIM ,  Byoung-Jin HAN ,  Chul-Woo LEE ,  Man-Hee LEE ,  Byung-Chul BAE ,  Hyung-Geun OH ,  Ki-Wook SOHN

Inventor： Deok-Jin KIM ,  Byoung-Jin HAN ,  Chul-Woo LEE ,  Man-Hee LEE ,  Byung-Chul BAE ,  Hyung-Geun OH ,  Ki-Wook SOHN

IPC: G06F21/00

CPC classification number: H04L63/0861 ,  G06F2221/2133

Abstract: An apparatus and method for controlling traffic based on a Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) are provided. The traffic control apparatus includes a traffic monitoring unit, a CAPTCHA verification unit, a list management unit, and a traffic control unit. The traffic monitoring unit monitors a packet between an internal network and an external network. The CAPTCHA verification unit, if packet information is not present in an access control list, sends a CAPTCHA request message to a client computer, receives a CAPTCHA response message, and verifies the CAPTCHA response message. The list management unit, if the packet information is present in the access control list, detects an access control policy corresponding to the packet information in the access control list. The traffic control unit controls traffic based the verification of the CAPTCHA response message and the control policy.

Abstract translation: 提供了一种基于全自动公共图灵测试来控制流量的装置和方法，用于告知计算机和人体（CAPTCHA）。 交通控制装置包括交通监控单元，人机验证验证单元，列表管理单元和交通控制单元。 流量监控单元监视内部网络和外部网络之间的数据包。 如果访问控制列表中不存在分组信息，则CAPTCHA验证单元向客户端计算机发送CAPTCHA请求消息，接收到CAPTCHA响应消息，并验证CAPTCHA响应消息。 列表管理单元，如果分组信息存在于访问控制列表中，则检测与访问控制列表中的分组信息相对应的访问控制策略。 流量控制单元根据CAPTCHA响应消息和控制策略的验证来控制流量。

公开(公告)号：US20140013389A1

公开(公告)日：2014-01-09

申请号：US13615942

申请日：2012-09-14

Applicant: Byoung-Jin HAN ,  Deok-Jin KIM ,  Chul-Woo LEE ,  Man-Hee LEE ,  Byung-Chul BAE ,  Hyung-Geun OH ,  Ki-Wook SOHN

Inventor： Byoung-Jin HAN ,  Deok-Jin KIM ,  Chul-Woo LEE ,  Man-Hee LEE ,  Byung-Chul BAE ,  Hyung-Geun OH ,  Ki-Wook SOHN

IPC: G06F21/20

CPC classification number: H04L63/10 ,  G06F21/36 ,  G06F21/556 ,  G06F21/74 ,  G06F2221/2133 ,  H04L63/1408

Abstract: A communication blocking control method includes receiving a communication blocking request from a terminal in an idle state in which it is difficult to find out whether information is leaked or not; registering a state of the terminal in a communication blocked list according to the communication blocking request; and blocking external communication of the terminal through a network.

Abstract translation: 通信阻断控制方法包括从空闲状态的终端接收通信阻塞请求，其中难以发现信息是否泄漏; 根据通信阻塞请求，在通信阻塞列表中注册终端的状态; 并通过网络阻止终端的外部通信。

公开(公告)号：US20110004928A1

公开(公告)日：2011-01-06

申请号：US12824761

申请日：2010-06-28

Applicant: Yoo-Jae Won ,  Hyun-Cheol Jeong ,  Hwan-Jin Lee ,  Byoung-Jin Han

Inventor： Yoo-Jae Won ,  Hyun-Cheol Jeong ,  Hwan-Jin Lee ,  Byoung-Jin Han

IPC: H04L9/32 ,  G06F21/00

CPC classification number: G09C1/00 ,  G06F21/36

Abstract: The present invention relates to a password input algorithm, more particularly to a password input system and method using alphanumeric matrices. An aspect of the invention can provide a password input system and method using alphanumeric matrices that can defend against keylogging attacks and shoulder surfing attacks by including a movable second alphanumeric matrix and a fixed first alphanumeric matrix and enabling a user to input a password by moving the password letters of the second alphanumeric matrix to the user-defined value of the first alphanumeric matrix. Another aspect of the invention can provide a password input system and method using alphanumeric matrices that can defend against shoulder surfing attacks by enabling a user to input a password by dividing the password by every two digits and moving the cross-points for the two digits, respectively, to the user-defined value of the first alphanumeric matrix.

Abstract translation: 本发明涉及密码输入算法，更具体地说，涉及使用字母数字矩阵的密码输入系统和方法。 本发明的一个方面可以提供一种使用字母数字矩阵的密码输入系统和方法，该字母数字矩阵可以通过包括可移动的第二字母数字矩阵和固定的第一字母数字矩阵来防止键盘记录攻击和肩上冲击攻击，并且使用户能够通过移动 第二个字母数字矩阵的密码字母与第一个字母数字矩阵的用户定义值。 本发明的另一方面可以提供一种使用字母数字矩阵的密码输入系统和方法，该字母数字矩阵可以通过使用户通过将密码除以每两位数字输入密码并移动两位数字的交叉点来防止肩上冲击攻击， 分别是第一个字母数字矩阵的用户定义值。

公开(公告)号：US20110004769A1

公开(公告)日：2011-01-06

申请号：US12824714

申请日：2010-06-28

Applicant: Yoo-Jae Won ,  Hyun-Cheol Jeong ,  Hwan-Jin Lee ,  Byoung-Jin Han

Inventor： Yoo-Jae Won ,  Hyun-Cheol Jeong ,  Hwan-Jin Lee ,  Byoung-Jin Han

IPC: G06F21/00

CPC classification number: G06F21/36

Abstract: The present invention relates to a password input algorithm, more particularly to a password input system and method using an alphanumeric matrix. An aspect of the invention can provide a password input system and method that can defend against keylogging attacks and shoulder surfing attacks, by having the final password inputted by way of certain alphanumeric matrix letters which are separated by a particular distance from the letters forming the password in the alphanumeric matrix. Also, an aspect of the invention can provide a password input system and method that can further increase the probability of defending against keylogging attacks and shoulder surfing attacks, by having the final password inputted by way of certain alphanumeric matrix letters which are separated by a particular distance from the letters forming the password in the alphanumeric matrix, but with the alphanumeric matrix rotated every time a letter is inputted.

Abstract translation: 本发明涉及密码输入算法，更具体地说，涉及使用字母数字矩阵的密码输入系统和方法。 本发明的一个方面可以提供一种口令输入系统和方法，该密码输入系统和方法可以通过将特定距离与形成密码的字母分开特定字母数字矩阵字母的最终密码来防止键盘记录攻击和肩章冲击攻击 在字母数字矩阵中。 此外，本发明的一个方面可以提供一种密码输入系统和方法，其可以通过将特定字母数字矩阵字母输入的特定字母数字矩阵字母输入最终密码，从而进一步增加防止键盘记录攻击和肩上冲击攻击的可能性 与字母数字矩阵中形成密码的字母的距离，但是每次输入一个字母时都会旋转字母数字矩阵。