公开(公告)号：US10027691B2

公开(公告)日：2018-07-17

申请号：US14791929

申请日：2015-07-06

申请人： ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

发明人： Sung-Jin Kim ,  ByungJoon Kim ,  HyoungChun Kim

IPC分类号： H04L29/06

摘要： An apparatus and method for performing a real-time network antivirus function, which can perform, at high speed, real-time antivirus scanning on a transmission file in a network to be protected and blocking of a malicious file. The apparatus includes a packet processing unit for parsing input packets and outputting a transmission data stream, a packet-based checksum calculation unit for calculating a checksum of the transmission data stream for each packet, and outputting a signature included in the transmission data stream when a last packet of the transmission data stream is input, a virus scanning unit for performing virus scanning based on the signature, a detection and blocking unit for blocking each input packet or transmitting it to a destination, based on result of the virus scanning unit, and a caching unit for updating a blacklist, based on result of the detection and blocking unit.

公开(公告)号：US10263992B2

公开(公告)日：2019-04-16

申请号：US15213556

申请日：2016-07-19

申请人： ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

发明人： Taeho Nam ,  Seung-hun Han ,  Jung-hwan Kang ,  Wook Shin ,  HyoungChun Kim ,  ByungJoon Kim ,  Sung-Jin Kim

IPC分类号： H04L29/06 ,  G06F16/9535 ,  G06F21/55

摘要： A method for providing a browser using browser processes separated based on access privileges and an apparatus using the method. The method includes acquiring a first address corresponding to a first webpage; acquiring a first set of terminal access privileges based on the first address from a privilege control list and executing a first browser process corresponding to the first set of terminal access privileges; determining whether to allow rendering by comparing the first set of terminal access privileges with a second set of terminal access privileges corresponding to a second webpage when the first browser process attempts to render the second webpage; and if the rendering is not allowed, blocking the first browser process from rendering and rendering the second webpage by executing a second browser process corresponding to the second set of terminal access privileges.

公开(公告)号：US10121004B2

公开(公告)日：2018-11-06

申请号：US15274126

申请日：2016-09-23

申请人： ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

发明人： Sung-Jin Kim ,  Woomin Hwang ,  ByungJoon Kim ,  ChulWoo Lee ,  HyoungChun Kim

IPC分类号： G08B23/00 ,  G06F12/16 ,  G06F12/14 ,  G06F11/00 ,  G06F21/56 ,  G06F9/455

摘要： An apparatus and method for monitoring a virtual machine based on a hypervisor. The method for monitoring a virtual machine based on a hypervisor includes monitoring an attempt to access an executable file located in a virtual machine, when the attempt to access the executable file is detected, extracting a system call transfer factor, input through a task that attempted to make access, acquiring, based on the system call transfer factor, an execution path corresponding to the executable file and a reference path corresponding to a reference file that is executed together with the executable file, and checking based on the execution path and the reference path whether any of the executable file and the reference file is malicious, and collecting a file in which malicious code is present when the malicious code is present in any of the executable file and the reference file.

公开(公告)号：US09674143B2

公开(公告)日：2017-06-06

申请号：US14474242

申请日：2014-09-01

申请人： ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

发明人： ChulWoo Lee ,  ByungJoon Kim ,  Sung-Jin Kim ,  HyoungChun Kim

IPC分类号： H04L29/06 ,  H04L12/22 ,  H04L12/26

CPC分类号： H04L63/0218 ,  H04L12/22 ,  H04L41/046 ,  H04L63/20

摘要： The security control apparatus includes a network control unit for receiving a security protocol-based packet that includes a protocol control header and data and that is transmitted between a cloud-based virtual desktop interaction remote agent unit and a virtual machine of a cloud-based virtual desktop interaction device, and blocking network traffic between cloud-based virtual desktop interaction remote agent unit and the virtual machine, depending on received results of checking. A policy checking unit checks whether information extracted from the security protocol-based packet is compliant with control policies, and transmits results of checking to the network control unit. If the information is not compliant with the control policies, a security solution interaction unit transmits the extracted information to an external security solution, and transmits results of checking by a corresponding security solution to the network control unit.

公开(公告)号：US09734330B2

公开(公告)日：2017-08-15

申请号：US14791729

申请日：2015-07-06

申请人： ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

发明人： Sung-Jin Kim ,  ByungJoon Kim ,  ChulWoo Lee ,  HyoungChun Kim

IPC分类号： G06F21/57 ,  G06F21/55 ,  G06F21/53

CPC分类号： G06F21/552 ,  G06F21/53

摘要： An inspection and recovery method and apparatus for handling virtual machine vulnerability, which inspect the security status of a virtual machine in a hypervisor domain, and recover a main system file or limit the use of a virtual machine suspected of being damaged due to hacking depending on the results of inspection, thus providing a secure virtual machine use environment for cloud computing. In the presented method, collection target information and inspection criteria including vulnerability inspection criteria, recovery criteria, and hacking damage criteria are updated. Then, the collection target information is collected from the virtual disk and virtual memory of each virtual machine. Vulnerability is inspected in conformity with the inspection criteria, based on the collected information. A damaged main system file depending on inspection results is recovered based on recovery criteria.

公开(公告)号：US09294463B2

公开(公告)日：2016-03-22

申请号：US14466971

申请日：2014-08-23

申请人： ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

发明人： Sung-Jin Kim ,  ChulWoo Lee ,  ByungJoon Kim ,  HyoungChun Kim

IPC分类号： H04L29/06

CPC分类号： H04L63/08 ,  H04L63/205

摘要： An apparatus, method and system for context-aware security control in a cloud environment are provided. The apparatus includes an authentication header inspection unit and a packet data processing unit. The authentication header inspection unit generates an authentication header based on the received context information and key of a user, compares the generated authentication header with the authentication header of packet data received from a remote user terminal, and outputs the results of the comparison. The packet data processing unit performs one of the transmission, modulation and discarding of packet data from the cloud server of a cloud service network based on the results of the comparison by the authentication header inspection unit.

摘要翻译： 提供了一种用于云环境中的上下文感知安全控制的装置，方法和系统。 该装置包括认证报头检查单元和分组数据处理单元。 认证报头检查部基于接收的用户的上下文信息和密钥生成认证报头，将生成的认证报头与从远程用户终端接收到的分组数据的认证报头进行比较，并输出比较结果。 分组数据处理单元基于认证报头检查单元的比较结果，从云服务网络的云服务器执行分组数据的传输，调制和丢弃之一。