公开(公告)号：US09444828B2

公开(公告)日：2016-09-13

申请号：US14023635

申请日：2013-09-11

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Sung-Ryoul Lee ,  Young-Han Choi ,  Jung-Hee Lee ,  Byung-Chul Bae ,  Hyung-Geun Oh ,  Ki-Wook Sohn

IPC: H04L29/06

CPC classification number: H04L63/1416

Abstract: A network intrusion detection apparatus and method that perform Perl Compatible Regular Expressions (PCRE)-based pattern matching on the payloads of packets using a network processor equipped with a Deterministic Finite Automata (DFA) engine. The network intrusion detection apparatus includes a network processor core for receiving packets from a network, and transmitting payloads of the received packets to a Deterministic Finite Automata (DFA) engine. A detection rule converter converts a PCRE-based detection rule, preset to detect an attack packet, into a detection rule including a pattern to which only PCRE grammar corresponding to the DFA engine is applied. The DFA engine performs PCRE pattern matching on the payloads of the packets based on the detection rule converted by the detection rule converter.

Abstract translation: 一种网络入侵检测装置和方法，其使用配备有确定性有限自动机（DFA）引擎的网络处理器，对分组的有效载荷执行基于Perl兼容正则表达式（PCRE）的模式匹配。 网络入侵检测装置包括用于从网络接收分组并将接收的分组的有效载荷发送到确定性有限自动机（DFA）引擎的网络处理器核心。 检测规则转换器将基于PCRE的检测规则转换为包含仅对应于DFA引擎的PCRE语法的模式的检测规则，以检测攻击包。 DFA引擎根据检测规则转换器转换的检测规则对报文的有效载荷进行PCRE模式匹配。

公开(公告)号：US09336398B2

公开(公告)日：2016-05-10

申请号：US14337306

申请日：2014-07-22

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Dong-Phil Kim ,  Jun-Young Choi ,  Tae-Hyung Kim ,  Ji-Eun Lee ,  Hyung-Geun Oh ,  Kiwook Sohn

IPC: G06F11/36 ,  G06F21/57 ,  H04L29/06 ,  G06F21/56

CPC classification number: G06F21/577 ,  G06F2221/034 ,  H04L63/00 ,  H04W4/00

Abstract: An apparatus and method for manifesting an event to verify the security of a mobile application are provided. The apparatus for manifesting an event to verify the security of a mobile application includes a tester application production unit, a tester application execution unit, and a tester application daemon execution unit. The tester application production unit produces a tester application for testing an application to be tested based on application information which is extracted from the application to be tested. The tester application execution unit executes the application to be tested by manifesting an event included in the extracted application information, and extracts a user view object output to a screen of a smart device when the application to be tested is executed. The tester application daemon execution unit generates a touch event based on the extracted user view object, and performs a screen change.

Abstract translation: 提供了用于显示事件以验证移动应用的安全性的装置和方法。 用于显示用于验证移动应用的安全性的事件的装置包括测试者应用程序生产单元，测试者应用程序执行单元和测试应用程序守护程序执行单元。 测试者应用程序生产单元根据从被测试应用程序提取的应用程序信息生成测试应用程序，以测试要测试的应用程序。 测试者应用程序执行单元通过显示提取的应用程序信息中包含的事件来执行要测试的应用程序，并且当执行要测试的应用程序时，提取输出到智能设备的屏幕的用户视图对象。 测试者应用程序守护程序执行单元基于所提取的用户视图对象生成触摸事件，并且执行画面改变。