公开(公告)号：US10200155B2

公开(公告)日：2019-02-05

申请号：US15641141

申请日：2017-07-03

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Byoung-Koo Kim ,  Seon-Gyoung Sohn ,  Boo-Sun Jeon ,  Young-Jun Heo ,  Dong-Ho Kang ,  Jung-Chan Na ,  Byeong-Cheol Choi ,  Jae-Hoon Nah ,  Seoung-Hyeon Lee

IPC: H04L1/00 ,  H04L12/24 ,  H04L12/26 ,  H04L29/06

Abstract: Disclosed herein are a one-way data transmission apparatus, a one-way data reception apparatus, and a one-way data transmission/reception method using the apparatuses. The one-way data transmission/reception method uses a one-way data transmission apparatus and a one-way data reception apparatus, and includes receiving data from a high-security zone through a one-way path, generating tag information of the data, sending a message in which the tag information is added to the data to the one-way data reception apparatus, receiving the message from the one-way data transmission apparatus, checking the tag information of the message, and transmitting the data to a low-security zone.

公开(公告)号：US09130983B2

公开(公告)日：2015-09-08

申请号：US13927794

申请日：2013-06-26

Applicant: Electronics and Telecommunications Research Institute

Inventor： Youngjun Heo ,  Seon-Gyoung Sohn ,  Dong Ho Kang ,  Byoung-Koo Kim ,  Jung-Chan Na ,  Ik Kyun Kim

IPC: G06F17/00 ,  H04L29/06

CPC classification number: H04L63/1416

Abstract: An apparatus for detecting an abnormality sign in a control system, the control system comprising control equipments, network equipments, security equipments or server equipments, the apparatus includes an information collection module configured to collect system information, network information, security event information or transaction information in interworking with a control equipments, network equipments, security equipments or server equipments. The apparatus includes storage module that stores the information collected by the information collection module. The apparatus includes an abnormality detection module configured to analyze a correlation between the collected information and a prescribed security policy to detect whether there is an abnormality sign in the control system.

Abstract translation: 一种用于检测控制系统中的异常信号的装置，所述控制系统包括控制设备，网络设备，安全设备或服务器设备，所述设备包括：信息收集模块，用于收集系统信息，网络信息，安全事件信息或交易信息 与控制设备，网络设备，安全设备或服务器设备相互配合。 该装置包括存储由信息收集模块收集的信息的存储模块。 该装置包括：异常检测模块，被配置为分析所收集的信息与规定的安全策略之间的相关性，以检测控制系统中是否存在异常信号。

公开(公告)号：US11336444B2

公开(公告)日：2022-05-17

申请号：US16940146

申请日：2020-07-27

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Yong-Sung Jeon ,  You-Sung Kang ,  Byoung-Koo Kim ,  Sang-Jae Lee ,  Seung-Kwang Lee ,  Doo-Ho Choi

IPC: H04L9/08 ,  H04L9/06

Abstract: Disclosed herein are a hardware security module, a device having the hardware security module, and a method for operating the device. The method for verifying integrity of executable code in a device includes dividing, by a Micro-Control Unit (MCU), executable code into multiple blocks, generating, by the MCU, hash values corresponding to the blocks resulting from the division, storing, by a Hardware Security Module (HSM), the generated hash values, calculating, by the MCU, at least one hash value, among hash values of the multiple blocks when the executable code boots, and comparing, by the HSM, the calculated hash value with a hash value corresponding to the calculated hash value, among the hash values stored in the HSM.

公开(公告)号：US11329835B2

公开(公告)日：2022-05-10

申请号：US16855754

申请日：2020-04-22

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Byoung-Koo Kim ,  Seung-Yong Yoon ,  You-Sung Kang ,  Doo-Ho Choi ,  Ik-Kyun Kim ,  Tae-Sung Kim ,  Mi-Kyung Oh ,  Sang-Jae Lee

IPC: H04L9/32 ,  G06F21/44 ,  H04L9/08 ,  H04L29/06 ,  G06F7/58

Abstract: Disclosed herein are an apparatus and method for authenticating an IoT device. The method, performed by the IoT device authentication apparatus, includes transmitting, by the IoT device authentication apparatus, a random number to the IoT device and encrypting, by the IoT device authentication apparatus, the random number using a previously registered first white-box cryptography value through a white-box cryptography method; generating, by the IoT device, a first device response value from a previously registered first device challenge value using a Physical Unclonable Function (PUF) and encrypting, by the IoT device, the random number, received from the IoT device authentication apparatus, using the first device response value; and performing, by the IoT device authentication apparatus, authentication of the IoT device by checking whether the random number encrypted using the white-box cryptography method matches the random number encrypted using the PUF, which is received from the IoT device.

公开(公告)号：US09298175B2

公开(公告)日：2016-03-29

申请号：US13933822

申请日：2013-07-02

Applicant: Electronics and Telecommunications Research Institute

Inventor： Byoung-Koo Kim ,  Dong Ho Kang ,  Seon-Gyoung Sohn ,  Youngjun Heo ,  Jung-Chan Na ,  Ik Kyun Kim

IPC: H04L12/26 ,  G05B15/02 ,  H04L29/06 ,  H04L12/40

CPC classification number: G05B15/02 ,  H04L63/0263 ,  H04L63/1408 ,  H04L63/1425 ,  H04L63/1441 ,  H04L63/20 ,  H04L2012/40228

Abstract: A method for detecting an abnormal traffic on a control system protocol, includes: checking whether session information exists in a management table; adding a new entry to the management table; checking whether a transaction ID in a table entry is the same as that of the received MODBUS request message; and checking whether data and length thereof of the received MODBUS request message are the same as those in the table entry. Further, the method includes detecting an abnormal traffic; and updating the table entry with packet information of the MODBUS request message.

Abstract translation: 一种用于检测控制系统协议上的异常业务的方法，包括：检查会话信息是否存在于管理表中; 在管理表中添加新条目; 检查表条目中的事务ID是否与接收的MODBUS请求消息的事务ID相同; 并检查其接收到的MODBUS请求消息的数据和长度是否与表条目中的相同。 此外，该方法包括检测异常业务; 以及使用所述MODBUS请求消息的分组信息更新所述表条目。