-
公开(公告)号:US20170103202A1
公开(公告)日:2017-04-13
申请号:US15274126
申请日:2016-09-23
Inventor: Sung-Jin KIM , Woomin HWANG , ByungJoon KIM , ChulWoo LEE , HyoungChun KIM
CPC classification number: G06F21/566 , G06F9/45558 , G06F21/564 , G06F2009/45587
Abstract: An apparatus and method for monitoring a virtual machine based on a hypervisor. The method for monitoring a virtual machine based on a hypervisor includes monitoring an attempt to access an executable file located in a virtual machine, when the attempt to access the executable file is detected, extracting a system call transfer factor, input through a task that attempted to make access, acquiring, based on the system call transfer factor, an execution path corresponding to the executable file and a reference path corresponding to a reference file that is executed together with the executable file, and checking based on the execution path and the reference path whether any of the executable file and the reference file is malicious, and collecting a file in which malicious code is present when the malicious code is present in any of the executable file and the reference file.
-
Patent Agency Ranking
2.发明申请公开(公告)号:US20160065595A1
公开(公告)日:2016-03-03
申请号:US14791929
申请日:2015-07-06
Inventor: Sung-Jin KIM , ByungJoon KIM , HyoungChun KIM
CPC classification number: H04L63/1416 , H04L29/06877 , H04L29/06884 , H04L63/101
Abstract: An apparatus and method for performing a real-time network antivirus function, which can perform, at high speed, real-time antivirus scanning on a transmission file in a network to be protected and blocking of a malicious file. The apparatus includes a packet processing unit for parsing input packets and outputting a transmission data stream, a packet-based checksum calculation unit for calculating a checksum of the transmission data stream for each packet, and outputting a signature included in the transmission data stream when a last packet of the transmission data stream is input, a virus scanning unit for performing virus scanning based on the signature, a detection and blocking unit for blocking each input packet or transmitting it to a destination, based on result of the virus scanning unit, and a caching unit for updating a blacklist, based on result of the detection and blocking unit.
Abstract translation: 一种用于执行实时网络防病毒功能的装置和方法,其可以高速地执行要保护的网络中的传输文件的实时防病毒扫描和阻止恶意文件。 该装置包括用于解析输入分组并输出传输数据流的分组处理单元,用于计算每个分组的传输数据流的校验和的基于分组的校验和计算单元,以及当发送数据流中包含的签名时 输入传输数据流的最后一个分组,用于基于该签名执行病毒扫描的病毒扫描单元,用于阻止每个输入分组或将其发送到目的地的检测和阻断单元,基于病毒扫描单元的结果,以及 基于检测和阻塞单元的结果来更新黑名单的高速缓存单元。
-
3.发明申请INSPECTION AND RECOVERY METHOD AND APPARATUS FOR HANDLING VIRTUAL MACHINE VULNERABILITY 有权检查和恢复方法和设备处理虚拟机的易受攻击性公开(公告)号:US20160092679A1
公开(公告)日:2016-03-31
申请号:US14791729
申请日:2015-07-06
Inventor: Sung-Jin KIM , ByungJoon KIM , ChulWoo LEE , HyoungChun KIM
CPC classification number: G06F21/552 , G06F21/53
Abstract: An inspection and recovery method and apparatus for handling virtual machine vulnerability, which inspect the security status of a virtual machine in a hypervisor domain, and recover a main system file or limit the use of a virtual machine suspected of being damaged due to hacking depending on the results of inspection, thus providing a secure virtual machine use environment for cloud computing. In the presented method, collection target information and inspection criteria including vulnerability inspection criteria, recovery criteria, and hacking damage criteria are updated. Then, the collection target information is collected from the virtual disk and virtual memory of each virtual machine. Vulnerability is inspected in conformity with the inspection criteria, based on the collected information. A damaged main system file depending on inspection results is recovered based on recovery criteria.
Abstract translation: 一种用于处理虚拟机漏洞的检查和恢复方法和装置,用于检查虚拟机管理程序域中的虚拟机的安全状态,并恢复主系统文件或限制由于黑客而遭到破坏的虚拟机的使用,这取决于 检查结果,从而为云计算提供安全的虚拟机使用环境。 在提出的方法中,更新了收集目标信息和检查标准,包括漏洞检查标准,恢复标准和黑客损害标准。 然后,从每个虚拟机的虚拟盘和虚拟存储器收集收集目标信息。 根据收集到的信息,检查符合检验标准的漏洞。 根据检查结果,损坏的主系统文件将根据恢复标准进行恢复。
-
4.发明申请APPARATUS, METHOD AND SYSTEM FOR CONTEXT-AWARE SECURITY CONTROL IN CLOUD ENVIRONMENT 有权天气环境中的突发安全控制的装置,方法和系统公开(公告)号:US20150237027A1
公开(公告)日:2015-08-20
申请号:US14466971
申请日:2014-08-23
Inventor: Sung-Jin KIM , ChulWoo LEE , ByungJoon KIM , HyoungChun KIM
IPC: H04L29/06
CPC classification number: H04L63/08 , H04L63/205
Abstract: An apparatus, method and system for context-aware security control in a cloud environment are provided. The apparatus includes an authentication header inspection unit and a packet data processing unit. The authentication header inspection unit generates an authentication header based on the received context information and key of a user, compares the generated authentication header with the authentication header of packet data received from a remote user terminal, and outputs the results of the comparison. The packet data processing unit performs one of the transmission, modulation and discarding of packet data from the cloud server of a cloud service network based on the results of the comparison by the authentication header inspection unit.
Abstract translation: 提供了一种用于云环境中的上下文感知安全控制的装置,方法和系统。 该装置包括认证报头检查单元和分组数据处理单元。 认证报头检查部基于接收的用户的上下文信息和密钥生成认证报头,将生成的认证报头与从远程用户终端接收到的分组数据的认证报头进行比较,并输出比较结果。 分组数据处理单元基于认证报头检查单元的比较结果,从云服务网络的云服务器执行分组数据的传输,调制和丢弃之一。
-
5.发明申请公开(公告)号:US20170244714A1
公开(公告)日:2017-08-24
申请号:US15213556
申请日:2016-07-19
Inventor: Taeho NAM , Seung-hun HAN , Jung-hwan KANG , Wook SHIN , HyoungChun KIM , ByungJoon KIM , Sung-Jin KIM
CPC classification number: H04L63/101 , G06F17/30867 , G06F21/55 , H04L63/08 , H04L63/105 , H04L63/168
Abstract: A method for providing a browser using browser processes separated based on access privileges and an apparatus using the method. The method includes acquiring a first address corresponding to a first webpage; acquiring a first set of terminal access privileges based on the first address from a privilege control list and executing a first browser process corresponding to the first set of terminal access privileges; determining whether to allow rendering by comparing the first set of terminal access privileges with a second set of terminal access privileges corresponding to a second webpage when the first browser process attempts to render the second webpage; and if the rendering is not allowed, blocking the first browser process from rendering and rendering the second webpage by executing a second browser process corresponding to the second set of terminal access privileges.
-
6.发明申请公开(公告)号:US20150326611A1
公开(公告)日:2015-11-12
申请号:US14474242
申请日:2014-09-01
Inventor: ChulWoo LEE , ByungJoon KIM , Sung-Jin KIM , HyoungChun KIM
IPC: H04L29/06
CPC classification number: H04L63/0218 , H04L12/22 , H04L41/046 , H04L63/20
Abstract: The security control apparatus includes a network control unit for receiving a security protocol-based packet that includes a protocol control header and data and that is transmitted between a cloud-based virtual desktop interaction remote agent unit and a virtual machine of a cloud-based virtual desktop interaction device, and blocking network traffic between cloud-based virtual desktop interaction remote agent unit and the virtual machine, depending on received results of checking. A policy checking unit checks whether information extracted from the security protocol-based packet is compliant with control policies, and transmits results of checking to the network control unit. If the information is not compliant with the control policies, a security solution interaction unit transmits the extracted information to an external security solution, and transmits results of checking by a corresponding security solution to the network control unit.
Abstract translation: 安全控制装置包括网络控制单元,用于接收基于安全协议的分组,该分组包括协议控制头部和数据,并且在基于云的虚拟桌面交互远程代理单元与基于云的虚拟的虚拟机 桌面交互设备,以及根据接收到的检查结果阻止基于云的虚拟桌面交互远程代理单元与虚拟机之间的网络流量。 策略检查单元检查从基于安全协议的分组提取的信息是否符合控制策略,并将检查结果发送到网络控制单元。 如果信息不符合控制策略,则安全解决方案交互单元将提取的信息发送到外部安全解决方案,并将相应的安全解决方案的检查结果发送到网络控制单元。
-
-
-
-
-
Search Results
6
records
(took 0.038 seconds)
