摘要:
An apparatus and method of diagnosing whether a program executed in a computer system is malware and repairing the computer system infected by malware. The apparatus includes a receiving unit which receives a first behavior vector for the malware from a malware control server; a determination unit which determines whether a diagnostic target program corresponds to malware based on the received first behavior vector and a second behavior vector for the diagnostic target program; and a repair unit which repairs the computer system based on a result of the determination.A behavior of a computer program executed in the computer system may be modeled in real time.
摘要:
An immunization system including: an immunization client apparatus which determines whether a target code is a malicious code by performing an immunization operation with respect to a first immunization signature and a code signature that is extracted from the target code and reports the result of the determination to an immunization server; and the immunization server which diagnoses whether the target code is the malicious code, updates a second immunization signature based on the reported result of the determination, and transmits to the immunization client apparatus an update message about the updated second immunization signature, wherein the immunization client apparatus updates the first immunization signature based on the received update message is provided.
摘要:
The invention provides blood compatible nanomaterials, biomaterials prepared therewith and blood compatible medical devices fabricated using the biomaterials of the invention. The invention further provides methods of making and using the nanomaterials, biomaterials and medical devices of the invention for the diagnosis, prevention and treatment of medical conditions. The invention further provides methods of using room temperature ionic liquids to make blood compatible nanomaterials.
摘要:
A method and apparatus for modeling a behavior of a computer program that is executed in a computer system is described. The method and apparatus for modeling a behavior of a computer program may be used to detect a malicious program based on the behavior of the computer program. A method includes collecting system use information about resources of the computer system the computer program uses; extracting a behavior signature of the computer program from the collected system use information; and encoding the extracted behavior signature to generate a behavior vector. As a result, behaviors of a particular computer program may be modeled to enable a malicious program detection program and to determine whether the computer program is either normal or malicious.
摘要:
An apparatus and method of detecting an intrusion code is provided. The apparatus for detecting an intrusion code includes: a set value input unit in which a set value differentiated for each group is input; an immune database generation unit which generates an immune database, based on the set value; and an intrusion code determination unit which determines whether data corresponds to an intrusion code, based on the generated immune database.
摘要:
An immunization system including: an immunization client apparatus which determines whether a target code is a malicious code by performing an immunization operation with respect to a first immunization signature and a code signature that is extracted from the target code and reports the result of the determination to an immunization server; and the immunization server which diagnoses whether the target code is the malicious code, updates a second immunization signature based on the reported result of the determination, and transmits to the immunization client apparatus an update message about the updated second immunization signature, wherein the immunization client apparatus updates the first immunization signature based on the received update message is provided.
摘要:
A method and apparatus for modeling a behavior of a computer program that is executed in a computer system is described. The method and apparatus for modeling a behavior of a computer program may be used to detect a malicious program based on the behavior of the computer program. A method includes collecting system use information about resources of the computer system the computer program uses; extracting a behavior signature of the computer program from the collected system use information; and encoding the extracted behavior signature to generate a behavior vector. As a result, behaviors of a particular computer program may be modeled to enable a malicious program detection program and to determine whether the computer program is either normal or malicious.
摘要:
An apparatus and method of diagnosing whether a computer program executed in a computer system is a malicious program and more particularly, an apparatus and method of diagnosing whether a computer program is a malicious program using a behavior of a computer program, and an apparatus and method of generating malicious code diagnostic data is provided. The apparatus for diagnosing a malicious code may include a behavior vector generation unit which generates a first behavior vector based on a behavior signature extracted from a diagnostic target program; a diagnostic data storage unit which stores a plurality of second behavior vectors for a plurality of sample programs predetermined to be malicious or normal; and a code diagnostic unit which diagnoses whether the diagnostic target program is a malicious code by comparing the first behavior vector with the plurality of second behavior vectors.
摘要:
An apparatus and method of detecting an intrusion code is provided. The apparatus for detecting an intrusion code includes: a set value input unit in which a set value differentiated for each group is input; an immune database generation unit which generates an immune database, based on the set value; and an intrusion code determination unit which determines whether data corresponds to an intrusion code, based on the generated immune database.
摘要:
In a section overspeed regulating method of determining whether a vehicle overspeeds on the basis of whether an average speed of the vehicle in a regulation section exceeds a speed limit, the section overspeed warning apparatus and system determine whether the current speed of the vehicle traveling on a regulation section exceeds the speed limit, and warn a driver. Whether the speed of the vehicle traveling on the regulation section exceeds the speed limit of the section is determined depending on a travel distance from a starting position of the regulation section to a current position of the vehicle, a travel time taken for the vehicle to travel by the travel distance, and a remaining distance from the current position of the vehicle to an end position of the regulation section. If it is determined that the current position of the vehicle will exceed the speed limit of the section, overspeed warning messages are output in the form of text, voice, or warning sound. Further, the section overspeed warning apparatus and system recommend the maximum speed, which allows the vehicle not to violate the speed limit of the section at the current position, to a driver as a recommended speed.