-
公开(公告)号:US20210240827A1
公开(公告)日:2021-08-05
申请号:US17100541
申请日:2020-11-20
Inventor: Jung-Tae KIM , Ji-Hyeon SONG , Ik-Kyun KIM , Young-Su KIM , Jong-Hyun KIM , Jong-Geun PARK , Sang-Min LEE , Jong-Hoon LEE
Abstract: Disclosed herein are an apparatus and method for detecting a malicious script. The apparatus includes one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program is configured to extract token-type features, each of which corresponds to a lexical unit, and tree-node-type features of an abstract syntax tree from an input script, to train two learning models to respectively learn two pieces of learning data that are generated in consideration of features extracted respectively from the token-type features and the node-type features as having the highest frequency, and to detect whether the script is a malicious script based on the result of ensemble-based malicious script detection performed for the script, which is acquired using an ensemble detection model generated from the two learning models.
-
公开(公告)号:US20150222648A1
公开(公告)日:2015-08-06
申请号:US14596188
申请日:2015-01-13
Inventor: Jong-Hyun KIM , Ik-Kyun KIM
CPC classification number: H04L63/1416 , G06F21/552 , G06F21/561 , H04L2463/142
Abstract: The present invention provides an attack feature DNA generator comprising: an information processing unit collecting event information from a network environment; a factor extracting unit extracting normal factors and attack feature factors from the event information; a DNA generating unit analyzing correlation of the attack feature factor to the normal factor and generating an attack feature DNA which shows the correlation analysis result in a DNA structure; and a storing unit in which the event information and the attack feature DNA are stored. The present invention allows intuitively recognizing an ongoing attack type by comparing collected cyber-attack feature factors with cyber-attack feature DNAs.
Abstract translation: 本发明提供一种攻击特征DNA发生器,包括:信息处理单元,从网络环境收集事件信息; 因素提取单元从事件信息提取正常因子和攻击特征因子; 分析攻击特征因子与正常因子的相关性并生成显示DNA结构相关分析结果的攻击特征DNA的DNA生成单元; 以及其中存储有事件信息和攻击特征DNA的存储单元。 通过将收集的网络攻击特征因子与网络攻击特征DNA进行比较,本发明允许直观地识别正在进行的攻击类型。
-
3.发明申请公开(公告)号:US20170237680A1
公开(公告)日:2017-08-17
申请号:US15331436
申请日:2016-10-21
Inventor: Yang-Seo CHOI , Jong-Hyun KIM , Joo-Young LEE , Sun-Oh CHOI , Ik-Kyun KIM , Dae-Sung MOON
IPC: H04L12/911 , H04L12/24
CPC classification number: H04L67/06 , H04L43/026 , H04L47/2483 , H04L49/9057
Abstract: Disclosed are an apparatus and method for reconstructing a transmitted file with high performance in real time, which select analysis target packets for reconstruction by first checking using hardware whether data file-related information is present in packets transmitted via large-capacity traffic over a broadband network, and which reconstruct a file in real time only from the selected analysis target packets. The file reconstruction apparatus for reconstructing a data file from packets on a network includes a packet monitoring unit for extracting packets on the network, a collected packet selection unit for determining whether, for the extracted packets, each packet is a reconstruction target based on flow information, and selecting a reconstruction target packet, and a file reconstruction unit for performing file reconstruction by extracting data from the reconstruction target packet and by storing the extracted data as data of a reconstructed file in a relevant flow.
-
Patent Agency Ranking
公开(公告)号:US20170235640A1
公开(公告)日:2017-08-17
申请号:US15360957
申请日:2016-11-23
Inventor: Joo-Young LEE , Ik-Kyun KIM , Jong-Hyun KIM , Sun-Oh CHOI , Yang-Seo CHOI
CPC classification number: G06F11/1448 , G06F16/134 , G06F2201/82 , H04L67/10
Abstract: Disclosed herein are a network traffic recording apparatus and method. The network traffic recording apparatus includes a data partitioning unit for generating a single data block from original data corresponding to a certain unit and partitioning the single data block into preset units, a data integrity verification information generation unit for generating data integrity verification information for each data block, and a data redundancy elimination encoding unit for performing redundancy elimination on data, which is a target of redundancy elimination, for each data block.
-
公开(公告)号:US20250078107A1
公开(公告)日:2025-03-06
申请号:US18408765
申请日:2024-01-10
Inventor: Cheol-Hee PARK , Jong-Hyun KIM , Kyung-Min PARK , Ji-Hyeon SONG
IPC: G06Q30/0207
Abstract: Disclosed herein are a reward apparatus and method for blockchain-based blockchain-based Reconfigurable Intelligent Surface (RIS) infrastructure sharing. The reward apparatus for blockchain-based RIS infrastructure sharing may provide a service to a service user terminal through an RIS node, verify a contribution of the RIS node to provision of the service quantified by the RIS node using a first blockchain network, and provide a reward to the RIS node depending on the contribution.
-
6.发明公开公开(公告)号:US20240104195A1
公开(公告)日:2024-03-28
申请号:US18335813
申请日:2023-06-15
Inventor: Sang-Min LEE , Ki-Jong KOO , Jung-Tae KIM , Ji-Hyeon SONG , Jong-Hyun KIM , Dae-Sung MOON
CPC classification number: G06F21/53 , G06F9/45558 , G06F21/564 , G06F2009/45562
Abstract: Disclosed herein are an apparatus and method for updating an Internet-based malware detection engine using virtual machine scaling. The method may include creating a scaling group and an update group set based on a first virtual machine image, creating a second virtual machine image for a running virtual machine in response to occurrence of a snapshot event in the virtual update group run based on the first virtual machine image, modifying the scale-out image of the scaling group to the second virtual machine image, updating the scaling group by triggering a scale-out event and a scale-in event in the scaling group in response to occurrence of an update event, and modifying the scale-in image of the scaling group to the second virtual machine image.
-
7.发明申请公开(公告)号:US20220138319A1
公开(公告)日:2022-05-05
申请号:US17461337
申请日:2021-08-30
Inventor: Jung-Tae KIM , Ji-Hyeon SONG , Jong-Hyun KIM , Sang-Min LEE , Ik-Kyun KIM , Dae-Sung MOON
Abstract: Disclosed herein are an apparatus for detecting unknown malware using a variable-length operation code (opcode) and a method using the apparatus. The method includes collecting opcode information from a detection target, generating a multi-pixel image having a variable length by performing feature engineering on the opcode information; and detecting unknown malware by inputting the multi-pixel image to a deep-learning model based on AI.
-
公开(公告)号:US20180210930A1
公开(公告)日:2018-07-26
申请号:US15860828
申请日:2018-01-03
Inventor: Hyun-Joo KIM , Jong-Hyun KIM , Ik-Kyun KIM
CPC classification number: G06F16/248 , G06F8/34 , G06F9/445 , G06F16/2474 , G06F21/6218 , G06K9/00335 , G06K9/62 , G06T2200/04 , G06T2200/08
Abstract: An apparatus and method for visualizing data. The apparatus for visualizing data includes a behavior information collection unit for executing an application from which information is to be collected and collecting behavior information from a process of the executed application, a behavior feature extraction unit for extracting behavior features in an order in which the behavior information is called, a behavior sequence generation unit for generating a behavior sequence by arranging the behavior features in chronological order, and a behavior sequence visualization unit for visualizing the behavior sequence as a 3D sequence object.
-
-
-
-
-
-
-
Search Results
8
records
(took 0.017 seconds)
