-
公开(公告)号:US10447715B2
公开(公告)日:2019-10-15
申请号:US15251134
申请日:2016-08-30
Inventor: Jung Tae Kim , Koo Hong Kang , Ik Kyun Kim
IPC: H04L29/06
Abstract: Disclosed is an apparatus of detecting a distributed reflection denial of service attack, including: a monitoring unit obtaining flow information including an IP and a port number of a source, an IP and a port number of a destination of data, and the number and the sizes of packets; a memory unit storing a flow table in which the flow information of the data, the packet number and the packet size are input; and a control unit detecting the DRDoS attack by using at least one of the number and the size of packets of the first entry and the flow information of the first entry.
-
2.发明授权公开(公告)号:US10007789B2
公开(公告)日:2018-06-26
申请号:US15240319
申请日:2016-08-18
Inventor: Hyun Joo Kim , Jong Hyun Kim , Ik Kyun Kim
CPC classification number: G06F21/566 , G06N5/003 , G06N5/022 , G06N20/00
Abstract: The present invention relates to an apparatus and a method for detecting a malware code by generating and analyzing behavior pattern. A malware code detecting apparatus includes a behavior pattern generating unit which defines a characteristic parameter which distinguishes and specifies behaviors of a malware code and normally executable programs, converts an API calling event corresponding to the defined characteristic parameter and generates a behavior pattern in accordance with a similarity for behaviors of converted API call sequences to store the behavior pattern in a behavior pattern DB; and a malware code detecting unit which converts the API calling event corresponding to the defined characteristic parameter when the target process is executed into the API call sequence and determines whether the behavior pattern is a malware code in accordance with a similarity for behaviors of the converted API call sequence and the sequence stored in the behavior pattern DB.
-
公开(公告)号:US10902144B2
公开(公告)日:2021-01-26
申请号:US16113530
申请日:2018-08-27
Inventor: Nam-Su Jho , Taek-Young Youn , Dae Sung Moon , Ik Kyun Kim , Seung Hun Jin
Abstract: In the present invention, by providing an apparatus for securing data comprising a memory for storing information for data processing, a processor configured to partition original data into a plurality of partial data and generate a plurality of divided data by randomly determining positions of each of the plurality of partial data within the original data, and a communication interface configured to transmit each of the plurality of divided data to each of a plurality of servers, respectively, if an attacker obtains a portion of the divided data, it prevents the entire original data from being restored, and the legitimate user can restore the original data accurately even if some divided data is corrupted, and provides an efficient data polymorphic dividing technique that can minimize the amount of calculation required to secure data.
-
公开(公告)号:US12185099B2
公开(公告)日:2024-12-31
申请号:US17967957
申请日:2022-10-18
Inventor: Yong Sung Jeon , Ha Young Seong , Sang Woo Lee , You Sung Kang , Ik Kyun Kim , Mi Kyung Oh , Sang Jae Lee
Abstract: Provided is a module and method for transmitting information using a wireless hidden signal, which is capable of transmitting important information data requiring extreme security using a wireless hidden signal, and allowing the important information to be detected and distinguished by only promised transmitting/receiving parties so that the possibility of the wireless hidden signal being discovered can be minimized and security can be enhanced. The module for transferring information using a wireless hidden signal includes: a hidden formatting unit configured to generate a transmission data frame structure based on data that needs to be wirelessly transmitted; a hidden encoding unit configured to encode the generated transmission data frame structure to generate and output a hidden encoded bit stream; and a hidden modulation unit configured to convert the output hidden encoded bit stream into a wireless signal in a wireless transmission format.
-
公开(公告)号:US11599488B2
公开(公告)日:2023-03-07
申请号:US17104409
申请日:2020-11-25
Inventor: Dong Wook Kang , Dae Won Kim , Jin Yong Lee , Boo Sun Jeon , Bo Heung Chung , Hong Il Ju , Joong Yong Choi , Ik Kyun Kim , Byeong Cheol Choi
Abstract: An electronic device includes a peripheral device, a processor, an interrupt controller configured to manage interrupts generated by the peripheral device and the processor on the basis of a register, and a virtualizer, wherein the virtualizer may be configured to virtualize a portion of the processor and a portion of the at least one peripheral device to generate a first partition, generate first interrupt information corresponding to an interrupt usable in the first partition, generate first processor information corresponding to a portion of the processor usable in the first partition, check whether a configuration of the register is related to at least one of the first interrupt information and the first processor information when the register is configured by the first partition, and allow the configuration of the register when the configuration of the register is related to the at least one information.
-
Patent Agency Ranking
6.发明授权公开(公告)号:US10089460B2
公开(公告)日:2018-10-02
申请号:US15169259
申请日:2016-05-31
Inventor: Dae Sung Moon , Ik Kyun Kim , Yang Seo Choi
Abstract: A behavior-based malicious code detecting apparatus and method using multiple feature vectors is disclosed. A malicious code learning method may include collecting characteristic factor information when a training target process comprising a malicious code is executed, generating a feature vector for malicious code verification based on the collected characteristic factor information, learning the generated feature vector through a plurality of machine learning algorithms to generate a model of representing the malicious code and a model of representing a normal file, and storing the model of representing the malicious code and the model of representing the normal file generated through the learning.
-
公开(公告)号:US10007788B2
公开(公告)日:2018-06-26
申请号:US15017504
申请日:2016-02-05
Inventor: Dae Sung Moon , Ik Kyun Kim , Han Sung Lee
IPC: G06F21/56
CPC classification number: G06F21/566
Abstract: A computing device configured to execute an instruction set is provided. The computing device includes a system call hooker for hooking system calls that occur by the instruction set while the instruction set is executed, a category extractor for extracting a category to which each of the hooked system calls belongs with reference to category information associated with a correspondence relationship between a system call and a category, a sequence extractor for extracting one or more behavior sequences expressed in an N-gram manner from a full sequence of the hooked system calls with reference to the extracted category, and a model generator for generating a behavior pattern model of the system calls that occur when the instruction set is executed, based on a number of times that each of the extracted behavior sequences occurs.
-
8.发明授权Method and system for network connection chain traceback using network flow data 有权使用网络流数据的网络连接链追溯的方法和系统公开(公告)号:US09537887B2
公开(公告)日:2017-01-03
申请号:US14635962
申请日:2015-03-02
Inventor: Yang Seo Choi , Ik Kyun Kim , Min Ho Han , Jung Tae Kim , Jong Hyun Kim
CPC classification number: H04L63/1441 , H04L63/1416 , H04L63/1425
Abstract: Disclosed are provided a method and a system for network connection chain traceback by using network flow data in order to trace an attack source site for cyber hacking attacks that goes by way of various sites without addition of new equipment of a network or modification a standard protocol when the cyber hacking attack occurs in the Internet and an internal network.
Abstract translation: 提供了一种通过使用网络流数据来网络连接链追溯的方法和系统,以便跟踪通过各种站点进行的网络黑客攻击的攻击源站点,而不添加网络的新设备或修改标准协议 当网络黑客攻击发生在互联网和内部网络时。
-
公开(公告)号:US09130983B2
公开(公告)日:2015-09-08
申请号:US13927794
申请日:2013-06-26
Inventor: Youngjun Heo , Seon-Gyoung Sohn , Dong Ho Kang , Byoung-Koo Kim , Jung-Chan Na , Ik Kyun Kim
CPC classification number: H04L63/1416
Abstract: An apparatus for detecting an abnormality sign in a control system, the control system comprising control equipments, network equipments, security equipments or server equipments, the apparatus includes an information collection module configured to collect system information, network information, security event information or transaction information in interworking with a control equipments, network equipments, security equipments or server equipments. The apparatus includes storage module that stores the information collected by the information collection module. The apparatus includes an abnormality detection module configured to analyze a correlation between the collected information and a prescribed security policy to detect whether there is an abnormality sign in the control system.
Abstract translation: 一种用于检测控制系统中的异常信号的装置,所述控制系统包括控制设备,网络设备,安全设备或服务器设备,所述设备包括:信息收集模块,用于收集系统信息,网络信息,安全事件信息或交易信息 与控制设备,网络设备,安全设备或服务器设备相互配合。 该装置包括存储由信息收集模块收集的信息的存储模块。 该装置包括:异常检测模块,被配置为分析所收集的信息与规定的安全策略之间的相关性,以检测控制系统中是否存在异常信号。
-
公开(公告)号:US11997128B2
公开(公告)日:2024-05-28
申请号:US17394989
申请日:2021-08-05
Inventor: Ki Jong Koo , Dae Sung Moon , Jooyoung Lee , Ik Kyun Kim , Kyungmin Park , Ho Hwang
CPC classification number: H04L63/1433 , G06F9/455 , G06N3/08 , G06N5/046
Abstract: Collecting the topology and asset information of the virtual generated computer network, converting the topology and asset information into a training data set for training the neural network model, training the neural network model based on the training data set, and training A method and apparatus for predicting an attack vulnerability of a computer network through the step of inferring an attack vulnerability of a target computer network using a neural network model are provided.
-
-
-
-
-
-
-
-
-
Search Results
14
records
(took 0.018 seconds)
