-
1.发明申请APPARATUS FOR PREVENTING ILLEGAL ACCESS OF INDUSTRIAL CONTROL SYSTEM AND METHOD THEREOF 审中-公开防止工业控制系统非法访问的装置及其方法公开(公告)号:US20140380458A1
公开(公告)日:2014-12-25
申请号:US14245310
申请日:2014-04-04
Inventor: Byoung-Koo KIM , Dong-Ho KANG , Seon-Gyoung SOHN , Young-Jun HEO , Jung-Chan NA
IPC: H04L29/06
CPC classification number: H04L63/0227 , H04L67/12
Abstract: Disclosed is an apparatus for preventing illegal access of industrial control system and a method thereof in accordance with the present invention. The apparatus for preventing illegal access of industrial control system includes: a first interface communicating a packet by interoperating with a management network group that requests a control command; a second interface communicating a packet by interoperating with a control network group that receives a control command from the management network group and processes it; and a control device, which, when a packet flows therein from the management network group or the control network group, checks whether or not at least one filter rule is set and controls the packet flow between the management network group and the control network group using the filter where the rule is set.
Abstract translation: 公开了一种用于防止工业控制系统的非法访问的装置及其根据本发明的方法。 用于防止工业控制系统的非法访问的装置包括:通过与请求控制命令的管理网络组互操作来传送分组的第一接口; 第二接口,通过与从所述管理网络组接收控制命令的控制网络组进行交互操作来传送分组,并对其进行处理; 以及控制装置,当分组在管理网络组或控制网络组中流动时,检查是否设置了至少一个过滤规则,并且使用以下来控制管理网络组和控制网络组之间的分组流 设置规则的过滤器。
-
公开(公告)号:US20230065588A1
公开(公告)日:2023-03-02
申请号:US17736722
申请日:2022-05-04
Inventor: Seon-Gyoung SOHN , Young-Ho KIM , Jae-Deok LIM , Kyeong-Tae KIM , Jeong-Nyeo KIM , Yun-Kyung LEE
Abstract: Disclosed herein are an apparatus for determining a device group to be isolated using similarity of features between devices and a method using the apparatus. The method includes generating device groups in consideration of respective features of all devices, generating a security threat device group based on devices in which a security threat has occurred, among all of the devices, calculating the cosine similarity between the security threat device group and all of the device groups, and determining at least one device group to be isolated, among all of the device groups, in consideration of the cosine similarity.
-
公开(公告)号:US20140298399A1
公开(公告)日:2014-10-02
申请号:US13927794
申请日:2013-06-26
Inventor: Youngjun HEO , Seon-Gyoung SOHN , Dong Ho KANG , Byoung-Koo KIM , Jung-Chan NA , Ik Kyun KIM
IPC: H04L29/06
CPC classification number: H04L63/1416
Abstract: An apparatus for detecting an abnormality sign in a control system, the control system comprising control equipments, network equipments, security equipments or server equipments, the apparatus includes an information collection module configured to collect system information, network information, security event information or transaction information in interworking with a control equipments, network equipments, security equipments or server equipments. The apparatus includes storage module that stores the information collected by the information collection module. The apparatus includes an abnormality detection module configured to analyze a correlation between the collected information and a prescribed security policy to detect whether there is an abnormality sign in the control system.
Abstract translation: 一种用于检测控制系统中的异常信号的装置,所述控制系统包括控制设备,网络设备,安全设备或服务器设备,所述设备包括:信息收集模块,用于收集系统信息,网络信息,安全事件信息或交易信息 与控制设备,网络设备,安全设备或服务器设备相互配合。 该装置包括存储由信息收集模块收集的信息的存储模块。 该装置包括:异常检测模块,被配置为分析所收集的信息与规定的安全策略之间的相关性,以检测控制系统中是否存在异常信号。
-
公开(公告)号:US20210365434A1
公开(公告)日:2021-11-25
申请号:US17229423
申请日:2021-04-13
Inventor: Young-Ho KIM , Kyeong-Tae KIM , Jeong-Nyeo KIM , Seon-Gyoung SOHN , Yun-Kyung LEE , Jae-Deok LIM
Abstract: Disclosed herein are an apparatus and method for providing sensor data in a sensor device based on a blockchain. A method for providing sensor data in a sensor device based on a blockchain may include creating a device record using encrypted device identification information, registering the device record in the blockchain, creating an event record using event information collected from a sensor, registering the header of the event record, including information about a link to the device record, in the blockchain, and distributing the body of the event record, the body being linked to the header of the event record.
-
公开(公告)号:US20220210164A1
公开(公告)日:2022-06-30
申请号:US17334051
申请日:2021-05-28
Inventor: Jae-Deok LIM , Kyeong-Tae KIM , Young-Ho KIM , Jeong-Nyeo KIM , Seon-Gyoung SOHN , Yun-Kyung LEE
IPC: H04L29/06
Abstract: Disclosed herein are an apparatus and method for managing remote attestation. The apparatus includes one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program may request a gateway to verify the integrity of devices connected with the gateway, receive a verification result about whether the integrity of the devices is damaged from the gateway, identify a device, the integrity of which is damaged, using the verification result, perform detailed integrity verification on the device, the integrity of which is damaged, in order to identify an object, the integrity of which is damaged, and perform an operation for responding to the object, the integrity of which is damaged.
-
Patent Agency Ranking
公开(公告)号:US20220070179A1
公开(公告)日:2022-03-03
申请号:US17331156
申请日:2021-05-26
Inventor: Seon-Gyoung SOHN , Kyeong-Tae KIM , Young-Ho KIM , Jeong-Nyeo KIM , Yun-Kyung LEE , Jae-Deok LIM
IPC: H04L29/06
Abstract: Disclosed herein are a dynamic segmentation apparatus and method for preventing a spread of a security threat. The dynamic segmentation apparatus includes one or more processors and execution memory for storing at least one program executed by the processors, wherein the program is configured to register feature information of a first device, which is a target for which a security threat is to be managed, generate a first segment from the feature information of the first device, receive security threat information from an external system, extract feature information of a second device, in which a security threat has occurred, from the security threat information, perform clustering on the feature information of the second device using at least one clustering algorithm, generate at least one segment set by identifying segments from clustering results, and determine a security threat segment based on an inclusion relationship between segments in the segment set.
-
公开(公告)号:US20200187296A1
公开(公告)日:2020-06-11
申请号:US16553606
申请日:2019-08-28
Inventor: Kyeong-Tae KIM , Jeong-Nyeo KIM , Seon-Gyoung SOHN , Yun-Kyung LEE , Jae-Deok LIM
Abstract: A communication method and an IoT device in a multi-MAC (Media Access Control)-operating environment. The communication method in the multi-MAC-operating environment, including synchronous MAC and asynchronous MAC, includes periodically transmitting, by the IoT device included in the multi-MAC-operating environment, a first message to a first device; determining, by the IoT device, whether to transmit a second message; transmitting, by the IoT device, a preamble packet to a second device, to which the second message is to be transmitted, when the second message is determined to be transmitted; and transmitting, by the IoT device, the second message to the second device.
-
公开(公告)号:US20180109356A1
公开(公告)日:2018-04-19
申请号:US15641141
申请日:2017-07-03
Inventor: Byoung-Koo KIM , Seon-Gyoung SOHN , Boo-Sun JEON , Young-Jun HEO , Dong-Ho KANG , Jung-Chan NA , Byeong-Cheol CHOI , Jae-Hoon NAH , Seoung-Hyeon LEE
CPC classification number: H04L1/0075 , G05B19/00 , H04L1/0041 , H04L1/0045 , H04L41/0806 , H04L41/0866 , H04L43/0835 , H04L63/0209 , H04L63/0281
Abstract: Disclosed herein are a one-way data transmission apparatus, a one-way data reception apparatus, and a one-way data transmission/reception method using the apparatuses. The one-way data transmission/reception method uses a one-way data transmission apparatus and a one-way data reception apparatus, and includes receiving data from a high-security zone through a one-way path, generating tag information of the data, sending a message in which the tag information is added to the data to the one-way data reception apparatus, receiving the message from the one-way data transmission apparatus, checking the tag information of the message, and transmitting the data to a low-security zone.
-
9.发明申请PACKET MONITORING DEVICE AND PACKET MONITORING METHOD FOR COMMUNICATION PACKET 审中-公开分组监控设备和通信分组的分组监控方法公开(公告)号:US20160277547A1
公开(公告)日:2016-09-22
申请号:US15069831
申请日:2016-03-14
Inventor: Byoung-Koo KIM , Dong Ho KANG , Jung-Chan NA , Seon-Gyoung SOHN , Youngjun HEO
IPC: H04L29/06
CPC classification number: H04L43/18 , H04L43/028 , H04L63/1425
Abstract: Provided is a packet monitoring method for a communication packet transmitted and received between a server and a control device including receiving the communication packet transmitted and received between the server and the control device; determining whether the received communication packet is abnormal, based on a history table including control information on communication packets received before the received communication packet and control information on the received communication packet; and performing a security operation according to results of the determination.
Abstract translation: 提供了一种用于在服务器和控制设备之间发送和接收的通信分组的分组监视方法,包括:接收在服务器和控制设备之间发送和接收的通信分组; 基于包括在接收到的通信分组之前接收的通信分组的控制信息的历史表和关于所接收的通信分组的控制信息,确定接收到的通信分组是否异常; 以及根据确定的结果执行安全操作。
-
公开(公告)号:US20140297004A1
公开(公告)日:2014-10-02
申请号:US13933822
申请日:2013-07-02
Inventor: Byoung-Koo KIM , Dong Ho KANG , Seon-Gyoung SOHN , Youngjun HEO , Jung-Chan NA , Ik Kyun KIM
IPC: G05B15/02
CPC classification number: G05B15/02 , H04L63/0263 , H04L63/1408 , H04L63/1425 , H04L63/1441 , H04L63/20 , H04L2012/40228
Abstract: A method for detecting an abnormal traffic on a control system protocol, includes: checking whether session information exists in a management table; adding a new entry to the management table; checking whether a transaction ID in a table entry is the same as that of the received MODBUS request message; and checking whether data and length thereof of the received MODBUS request message are the same as those in the table entry. Further, the method includes detecting an abnormal traffic; and updating the table entry with packet information of the MODBUS request message.
Abstract translation: 一种用于检测控制系统协议上的异常业务的方法,包括:检查会话信息是否存在于管理表中; 在管理表中添加新条目; 检查表条目中的事务ID是否与接收的MODBUS请求消息的事务ID相同; 并检查其接收到的MODBUS请求消息的数据和长度是否与表条目中的相同。 此外,该方法包括检测异常业务; 以及使用所述MODBUS请求消息的分组信息更新所述表条目。
-
-
-
-
-
-
-
-
-
Search Results
10
records
(took 0.018 seconds)
