-
公开(公告)号:US20180191761A1
公开(公告)日:2018-07-05
申请号:US15823209
申请日:2017-11-27
发明人: Jong-Hoon LEE , Ik-Kyun KIM
IPC分类号: H04L29/06
摘要: Disclosed is a method for detecting a cyberthreat through correlation analysis of security events, which includes extracting a false-positive data set by extracting, from source data, information about security events occurring during a predetermined time period based on a time at which erroneous detection occurred; extracting a true-positive data set by extracting, from the source data, information about security events occurring during the predetermined time period based on a time at which an intrusion threat was correctly detected; extracting a current data set by extracting information about security events occurring during the predetermined time period from data to be analyzed; generating event coincidence statistics by extracting a frequency of each security event in the respective data sets and by compiling statistics thereon; generating an event vector based on the event coincidence statistics; and performing intrusion threat detection through a vector space model based on the event vector.
-
公开(公告)号:US20210240827A1
公开(公告)日:2021-08-05
申请号:US17100541
申请日:2020-11-20
发明人: Jung-Tae KIM , Ji-Hyeon SONG , Ik-Kyun KIM , Young-Su KIM , Jong-Hyun KIM , Jong-Geun PARK , Sang-Min LEE , Jong-Hoon LEE
摘要: Disclosed herein are an apparatus and method for detecting a malicious script. The apparatus includes one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program is configured to extract token-type features, each of which corresponds to a lexical unit, and tree-node-type features of an abstract syntax tree from an input script, to train two learning models to respectively learn two pieces of learning data that are generated in consideration of features extracted respectively from the token-type features and the node-type features as having the highest frequency, and to detect whether the script is a malicious script based on the result of ensemble-based malicious script detection performed for the script, which is acquired using an ensemble detection model generated from the two learning models.
-
公开(公告)号:US20190394215A1
公开(公告)日:2019-12-26
申请号:US16202869
申请日:2018-11-28
发明人: Jong-Hoon LEE , Youngsoo KIM , Ik Kyun KIM , Jung Tae KIM , Jonghyun KIM , Hyun Joo KIM , Jong Geun PARK , Sang-Min LEE , Sunoh CHOI
摘要: A method and a computation apparatus detecting cyber threats using a neural network through steps of: generating a learning model by performing machine learning on training data based on baseline data, converting a security event collected in real time into input data for the neural network, and determining, as an output corresponding to the input data based on the learning model, whether the security event is normal or threat are provided.
-
公开(公告)号:US20230123045A1
公开(公告)日:2023-04-20
申请号:US17967999
申请日:2022-10-18
发明人: Hyun-Jin KIM , Jong-Hoon LEE , Young-Soo KIM , Jong-Geun PARK , Cheol-Hee PARK
摘要: Disclosed herein are an apparatus and method for generating a data set. The apparatus includes one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program classifies collected data into numerical feature data and categorical feature data using a filter method, performs correlation analysis on the numerical feature data and the categorical feature data using an analysis of variance (ANOVA) method and a Chi-Squared method, and generates a data set for supervised learning and a data set for unsupervised learning using correlation scores calculated through correlation analysis.
-
公开(公告)号:US20190327164A1
公开(公告)日:2019-10-24
申请号:US16206662
申请日:2018-11-30
发明人: Jung Tae KIM , Youngsoo KIM , Jonghyun KIM , Hyun Joo KIM , Jong Geun PARK , Sang-Min LEE , Jong-Hoon LEE , Sunoh CHOI
IPC分类号: H04L12/26
摘要: A method, an apparatus, and a system for analyzing traffic through obtaining flow data of a flow from a switch or a router of a network, calculating an average byte per packet rate (BPR) and a TCP flag ratio (TCPFR) for all flows included in a session including the flow using the flow data, and comparing the average BPR and the TCPFR with an average BPR and a TCPFR of previously-known traffic and determining whether the traffic including the flow is normal traffic or abnormal traffic based on the comparison result are provided.
-
6.发明申请APPARATUS AND METHOD FOR DETECTING ABNORMAL CONNECTION BEHAVIOR BASED ON ANALYSIS OF NETWORK DATA 审中-公开基于网络数据分析检测异常连接行为的装置和方法公开(公告)号:US20170034195A1
公开(公告)日:2017-02-02
申请号:US15004412
申请日:2016-01-22
发明人: Jong-Hoon LEE , Ik-Kyun KIM
IPC分类号: H04L29/06
CPC分类号: H04L63/1425
摘要: An apparatus and method for detecting abnormal connection behavior are disclosed. The apparatus for detecting abnormal connection behavior includes a data extraction unit, a data storage unit, and a detection unit. The data extraction unit collects network data transmitted and received over a network including a plurality of hosts, and extracts data required for the detection of abnormal connection behavior from the network data. The data storage unit stores the extracted data required for the detection of abnormal connection behavior. The detection unit detects abnormal connection behavior based on characteristic factors corresponding to the stored data required for the detection of abnormal connection behavior and characteristic factors corresponding to malicious behavior.
摘要翻译: 公开了一种用于检测异常连接行为的装置和方法。 用于检测异常连接行为的装置包括数据提取单元,数据存储单元和检测单元。 数据提取单元收集通过包括多个主机的网络发送和接收的网络数据,并从网络数据中提取检测异常连接行为所需的数据。 数据存储单元存储用于检测异常连接行为所需的提取数据。 检测单元根据对应于检测异常连接行为所需的存储数据和与恶意行为对应的特征因素的特征因素检测异常连接行为。
-
7.发明申请APPARATUS AND METHOD FOR SHARING COLLABORATIVE STORYBOARD USING SOCIAL GROUP 审中-公开使用社会团体共享协作板的装置和方法公开(公告)号:US20140304338A1
公开(公告)日:2014-10-09
申请号:US14223776
申请日:2014-03-24
发明人: Hoon-Ki LEE , Jong-Hoon LEE , Jung-Tae KIM , Jong-Youl PARK
IPC分类号: H04L29/08
CPC分类号: H04L67/22 , G06Q10/101 , G06Q50/01
摘要: Disclosed herein is an apparatus and method that process knowledge, experience information, or the like possessed by group members via a dynamically created social group, in the form of collaborative storyboards, thus enabling the collaborative storyboards to be shared among a plurality of social groups, as well as the corresponding members. The presented apparatus includes a social group management unit for managing information about a social group and a user joining the social group as a member, and an information management unit for accepting information finally determined with respect to information of content desired to be shared, which is posted by the user on a storyboard of the social group, in collaboration with other users, as a post of the storyboard of the social group, and distributing the post to the social group.
摘要翻译: 本文公开了一种通过动态创建的社会群体以组合故事板的形式处理组成员拥有的知识,经验信息等的装置和方法,从而使得协作故事板能够在多个社会群体之间共享, 以及相应的成员。 所呈现的装置包括用于管理关于社团的信息和作为成员加入社团的用户的社团组管理单元,以及信息管理单元,用于接受关于期望共享的内容的信息最终确定的信息, 由用户发布在社团的故事板上,与其他用户合作,作为社会团体故事板的帖子,并将帖子分发给社交群体。
-
公开(公告)号:US20140129636A1
公开(公告)日:2014-05-08
申请号:US14024792
申请日:2013-09-12
发明人: Jong-Hoon LEE , Hoon Ki LEE , Jung Tae KIM , Jongyoul PARK
IPC分类号: H04L29/06
摘要: A visualizing apparatus of social network elements collects social network relationship information, community information, and content information of a user, generates relationship data between the user, the contents, and the community using the collected information, and visualizes an association relationship between the user, the contents, and the community using the relationship data between the user, the contents, and the community.
摘要翻译: 社交网络元素的可视化装置收集用户的社交网络关系信息,社区信息和内容信息,使用收集到的信息生成用户,内容和社区之间的关系数据,并且可视化用户, 内容和社区使用用户,内容和社区之间的关系数据。
-
-
-
-
-
-
-
搜索结果
8 条记录 (耗时 0.016 秒)
