-
公开(公告)号:US20210240827A1
公开(公告)日:2021-08-05
申请号:US17100541
申请日:2020-11-20
Inventor: Jung-Tae KIM , Ji-Hyeon SONG , Ik-Kyun KIM , Young-Su KIM , Jong-Hyun KIM , Jong-Geun PARK , Sang-Min LEE , Jong-Hoon LEE
Abstract: Disclosed herein are an apparatus and method for detecting a malicious script. The apparatus includes one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program is configured to extract token-type features, each of which corresponds to a lexical unit, and tree-node-type features of an abstract syntax tree from an input script, to train two learning models to respectively learn two pieces of learning data that are generated in consideration of features extracted respectively from the token-type features and the node-type features as having the highest frequency, and to detect whether the script is a malicious script based on the result of ensemble-based malicious script detection performed for the script, which is acquired using an ensemble detection model generated from the two learning models.
-
2.发明公开公开(公告)号:US20240104195A1
公开(公告)日:2024-03-28
申请号:US18335813
申请日:2023-06-15
Inventor: Sang-Min LEE , Ki-Jong KOO , Jung-Tae KIM , Ji-Hyeon SONG , Jong-Hyun KIM , Dae-Sung MOON
CPC classification number: G06F21/53 , G06F9/45558 , G06F21/564 , G06F2009/45562
Abstract: Disclosed herein are an apparatus and method for updating an Internet-based malware detection engine using virtual machine scaling. The method may include creating a scaling group and an update group set based on a first virtual machine image, creating a second virtual machine image for a running virtual machine in response to occurrence of a snapshot event in the virtual update group run based on the first virtual machine image, modifying the scale-out image of the scaling group to the second virtual machine image, updating the scaling group by triggering a scale-out event and a scale-in event in the scaling group in response to occurrence of an update event, and modifying the scale-in image of the scaling group to the second virtual machine image.
-
3.发明申请公开(公告)号:US20220138319A1
公开(公告)日:2022-05-05
申请号:US17461337
申请日:2021-08-30
Inventor: Jung-Tae KIM , Ji-Hyeon SONG , Jong-Hyun KIM , Sang-Min LEE , Ik-Kyun KIM , Dae-Sung MOON
Abstract: Disclosed herein are an apparatus for detecting unknown malware using a variable-length operation code (opcode) and a method using the apparatus. The method includes collecting opcode information from a detection target, generating a multi-pixel image having a variable length by performing feature engineering on the opcode information; and detecting unknown malware by inputting the multi-pixel image to a deep-learning model based on AI.
-
Patent Agency Ranking
4.发明申请APPARATUS AND METHOD FOR SHARING COLLABORATIVE STORYBOARD USING SOCIAL GROUP 审中-公开使用社会团体共享协作板的装置和方法公开(公告)号:US20140304338A1
公开(公告)日:2014-10-09
申请号:US14223776
申请日:2014-03-24
Inventor: Hoon-Ki LEE , Jong-Hoon LEE , Jung-Tae KIM , Jong-Youl PARK
IPC: H04L29/08
CPC classification number: H04L67/22 , G06Q10/101 , G06Q50/01
Abstract: Disclosed herein is an apparatus and method that process knowledge, experience information, or the like possessed by group members via a dynamically created social group, in the form of collaborative storyboards, thus enabling the collaborative storyboards to be shared among a plurality of social groups, as well as the corresponding members. The presented apparatus includes a social group management unit for managing information about a social group and a user joining the social group as a member, and an information management unit for accepting information finally determined with respect to information of content desired to be shared, which is posted by the user on a storyboard of the social group, in collaboration with other users, as a post of the storyboard of the social group, and distributing the post to the social group.
Abstract translation: 本文公开了一种通过动态创建的社会群体以组合故事板的形式处理组成员拥有的知识,经验信息等的装置和方法,从而使得协作故事板能够在多个社会群体之间共享, 以及相应的成员。 所呈现的装置包括用于管理关于社团的信息和作为成员加入社团的用户的社团组管理单元,以及信息管理单元,用于接受关于期望共享的内容的信息最终确定的信息, 由用户发布在社团的故事板上,与其他用户合作,作为社会团体故事板的帖子,并将帖子分发给社交群体。
-
公开(公告)号:US20180234436A1
公开(公告)日:2018-08-16
申请号:US15807425
申请日:2017-11-08
Inventor: Jung-Tae KIM , Ik-Kyun KIM , Koo-Hong KANG
IPC: H04L29/06 , H04L12/751 , H04L12/733 , H04L12/721
Abstract: Disclosed herein are a stepping-stone detection apparatus and method. The stepping-stone detection apparatus includes a target connection information reception unit for receiving information about a target connection from an intrusion detection system (IDS), a fingerprint generation unit for generating a target connection fingerprint based on the information about the target connection, and generating one or more candidate connection fingerprints using information about one or more candidate connections corresponding to one or more flow information collectors, and a stepping-stone detection unit for detecting a stepping stone by comparing the target connection fingerprint, in which a maximum allowable delay time is reflected, with the candidate connection fingerprints.
-
公开(公告)号:US20180217860A1
公开(公告)日:2018-08-02
申请号:US15861792
申请日:2018-01-04
Inventor: Jung-Tae KIM , Ik-Kyun KIM
CPC classification number: G06F9/45558 , G06F2009/45591 , G06F2009/45595 , H04L67/10 , H04L67/1029 , H04L67/14 , H04L67/141
Abstract: Disclosed herein are an integrated network data collection apparatus and method. The integrated network data collection apparatus includes a packet collection unit for collecting packets corresponding to one or more virtual machines included in a cloud server, a flow-processing unit for generating flow information based on the collected packets, a session-processing unit for generating session information based on the generated flow information, and a storage unit for storing network data including at least one of the generated flow information and the generated session information.
-
公开(公告)号:US20180131717A1
公开(公告)日:2018-05-10
申请号:US15803062
申请日:2017-11-03
Inventor: Jung-Tae KIM , Ik-Kyun KIM
Abstract: Disclosed herein are an apparatus and method for detecting a Distributed Reflection Denial of Service (DRDoS) attack. The DRDoS attack detection apparatus includes a network flow data reception unit for receiving network flow data from network equipment, a session type determination unit for determining a session type of the received network flow data, a host type determination unit for determining a type of host corresponding to the network flow data based on the session type, an attack method determination unit for determining an attack method corresponding to the network flow data, a protocol identification unit for identifying a protocol of the network flow data, and an attack detection unit for detecting a DRDoS attack based on the session type, the host type, the attack method, and the protocol.
-
公开(公告)号:US20150150133A1
公开(公告)日:2015-05-28
申请号:US14518623
申请日:2014-10-20
Inventor: Min-Ho HAN , Jung-Tae KIM , Ik-Kyun KIM , Hyun-Sook CHO
IPC: H04L29/06
CPC classification number: H04L63/1416 , H04L63/1466 , H04L63/164
Abstract: An apparatus and a method for an attack source traceback capable of tracing back an attacker, that is, an attack source present behind a command and control (C&C) server in a cyber target attack having non-connectivity over a transmission control protocol (TCP) connection are disclosed. The apparatus for the attack source traceback includes: a server information extracting unit detecting an attack for a system, which is generated via a server to thereby extract information on the server; a traceback agent installing unit installing a traceback agent in the server based on the information on the server; and a traceback unit finding an attack source for the system by analyzing network information of the server obtained by the traceback agent.
Abstract translation: 一种用于跟踪攻击者的攻击源追溯的装置和方法,即在具有通过传输控制协议(TCP)上的非连接性的网络目标攻击中的命令和控制(C&C)服务器后面的攻击源, 连接被公开。 用于攻击源追溯的装置包括:服务器信息提取单元,其检测经由服务器生成的系统的攻击,从而在服务器上提取信息; 追溯代理安装单元,基于服务器上的信息在服务器中安装回溯代理; 追溯单元通过分析由追溯代理获得的服务器的网络信息来查找系统的攻击源。
-
-
-
-
-
-
-
Search Results
8
records
(took 0.017 seconds)
