公开(公告)号：US20120060218A1

公开(公告)日：2012-03-08

申请号：US12943388

申请日：2010-11-10

申请人： JEONG-WOOK KIM ,  Hwan-Kuk Kim ,  Kyoung-Hee Ko ,  Chang-Yong Lee ,  Hyun-Cheol Jeong

发明人： JEONG-WOOK KIM ,  Hwan-Kuk Kim ,  Kyoung-Hee Ko ,  Chang-Yong Lee ,  Hyun-Cheol Jeong

IPC分类号： G06F11/00

CPC分类号： H04L63/1425 ,  H04L47/20 ,  H04L47/2408 ,  H04L47/2416 ,  H04L47/2441 ,  H04L47/29 ,  H04L63/1458

摘要： Provided is a system for blocking session initiation protocol (SIP)-based abnormal traffic. The system includes: a policy database (DB) in which allowed traffic is stored according to transmission priority; an abnormal traffic response module which receives traffic from a first network and transmits only portions of the received traffic, which match the allowed traffic stored in the policy DB, to a second network in order of transmission priority; and an abnormal traffic detection module which analyzes the traffic received from the first network and provides an activation signal to the abnormal traffic response module when detecting that the received traffic is abnormal traffic, wherein the abnormal traffic response module transmits the portions of the received traffic, which match the allowed traffic stored in the policy DB, to the second network such that the sum of the portions transmitted to the second network does not exceed a maximum allowed traffic limit.

摘要翻译： 提供了一种用于阻止基于会话发起协议（SIP）的异常流量的系统。 该系统包括：策略数据库（DB），其中根据传输优先级存储允许的流量; 异常业务响应模块，其从第一网络接收业务，并且仅将与策略DB中存储的允许业务相匹配的所接收到的业务的部分按照传输优先级顺序发送到第二网络; 以及异常流量检测模块，其分析从第一网络接收到的流量，并且当检测到所接收到的流量是异常流量时，向异常流量响应模块提供激活信号，其中异常流量响应模块发送所接收的流量的部分， 其将存储在策略DB中的允许的流量与第二网络匹配，使得发送到第二网络的部分的总和不超过允许的最大流量限制。

公开(公告)号：US20110138462A1

公开(公告)日：2011-06-09

申请号：US12646174

申请日：2009-12-23

申请人： Jeong-Wook Kim ,  Hwan-Kuk Kim ,  Hyun-Cheol Jeong ,  Yoo-Jae Won ,  Seok-Ung Yoon ,  Jong-II Jeong ,  Kyoung-Hee Ko

发明人： Jeong-Wook Kim ,  Hwan-Kuk Kim ,  Hyun-Cheol Jeong ,  Yoo-Jae Won ,  Seok-Ung Yoon ,  Jong-II Jeong ,  Kyoung-Hee Ko

IPC分类号： G06F11/00

CPC分类号： H04L63/0236 ,  H04L63/1441 ,  H04L63/1458 ,  H04L65/1006 ,  H04L65/1069 ,  H04L65/1073

摘要： Provided is a system for detecting a voice over Internet protocol (VoIP) toll fraud attack. The system includes: a database (DB) storing registration information of normal users; a packet reception module receiving a call set-up packet from a network; and a VoIP signaling message forgery/falsification detection module receiving the call set-up packet from the packet reception module and comparing sender address information or header information of the call set-up packet with the registration information stored in the DB to detect whether the call set-up packet is a packet received from one of the normal users.

摘要翻译： 提供了一种用于检测因特网协议语音（VoIP）长途欺诈攻击的系统。 该系统包括：存储正常用户的登记信息的数据库（DB）; 分组接收模块，从网络接收呼叫建立分组; VoIP信令消息伪造/伪造检测模块从分组接收模块接收呼叫建立分组，并将呼叫建立分组的发送方地址信息或报头信息与DB中存储的登记信息进行比较，以检测呼叫 设置分组是从正常用户之一接收的分组。

公开(公告)号：US20110058481A1

公开(公告)日：2011-03-10

申请号：US12646290

申请日：2009-12-23

申请人： CHANG-YONG LEE ,  Hwan-Kuk Kim ,  Kyoung-Hee Ko ,  Hyun-Cheol Jeong

发明人： CHANG-YONG LEE ,  Hwan-Kuk Kim ,  Kyoung-Hee Ko ,  Hyun-Cheol Jeong

IPC分类号： H04L12/26

CPC分类号： H04L43/026 ,  H04L43/062

摘要： A statistical information generator for VoIP traffic analysis is provided, which comprises a packet collection module collecting packets from a network; and a statistical information generation module analyzing information of a call setup packet or a media packet among the packets collected by the packet collection module, and generating statistical information of the network; wherein if the packet collected by the packet collection module is the call setup packet, the statistical information generation module generates the statistical information of the network using at least one of transmitter identification information, receiver identification information, and call identification information among information of the call setup packet as a key value, while if the packet collected by the packet collection module is the media packet, the statistical information generation module generates the statistical information of the network using media session identification information among information of the media packet as a key value.

摘要翻译： 提供了一种用于VoIP流量分析的统计信息发生器，其包括从网络收集分组的分组收集模块; 以及统计信息生成模块，分析由所述分组收集模块收集的分组中的呼叫建立分组或媒体分组的信息，并生成所述网络的统计信息; 其中，如果由分组收集模块收集的分组是呼叫建立分组，则统计信息生成模块使用呼叫信息中的发射机识别信息，接收者识别信息和呼叫识别信息中的至少一个来生成网络的统计信息 设置分组为密钥值，而如果分组收集模块收集的分组是媒体分组，则统计信息生成模块使用媒体分组的信息之间的媒体会话识别信息作为关键值生成网络的统计信息。

公开(公告)号：US08259723B2

公开(公告)日：2012-09-04

申请号：US12646290

申请日：2009-12-23

申请人： Chang-Yong Lee ,  Hwan-Kuk Kim ,  Kyoung-Hee Ko ,  Hyun-Cheol Jeong

发明人： Chang-Yong Lee ,  Hwan-Kuk Kim ,  Kyoung-Hee Ko ,  Hyun-Cheol Jeong

IPC分类号： H04L12/28

CPC分类号： H04L43/026 ,  H04L43/062

摘要： A statistical information generator for VoIP traffic analysis is provided, which comprises a packet collection module collecting packets from a network; and a statistical information generation module analyzing information of a call setup packet or a media packet among the packets collected by the packet collection module, and generating statistical information of the network; wherein if the packet collected by the packet collection module is the call setup packet, the statistical information generation module generates the statistical information of the network using at least one of transmitter identification information, receiver identification information, and call identification information among information of the call setup packet as a key value, while if the packet collected by the packet collection module is the media packet, the statistical information generation module generates the statistical information of the network using media session identification information among information of the media packet as a key value.

摘要翻译： 提供了一种用于VoIP流量分析的统计信息发生器，其包括从网络收集分组的分组收集模块; 以及统计信息生成模块，分析由所述分组收集模块收集的分组中的呼叫建立分组或媒体分组的信息，并生成所述网络的统计信息; 其中，如果由分组收集模块收集的分组是呼叫建立分组，则统计信息生成模块使用呼叫信息中的发射机识别信息，接收者识别信息和呼叫识别信息中的至少一个来生成网络的统计信息 设置分组为密钥值，而如果分组收集模块收集的分组是媒体分组，则统计信息生成模块使用媒体分组的信息之间的媒体会话识别信息作为关键值生成网络的统计信息。

公开(公告)号：US20130174239A1

公开(公告)日：2013-07-04

申请号：US13361550

申请日：2012-01-30

申请人： Hwan-Kuk Kim ,  Chang-Yong Lee ,  Jeong-Wook Kim ,  Il-Ahn Cheong ,  Hyun-Cheol Jeong

发明人： Hwan-Kuk Kim ,  Chang-Yong Lee ,  Jeong-Wook Kim ,  Il-Ahn Cheong ,  Hyun-Cheol Jeong

IPC分类号： H04L9/32 ,  G06F21/00

CPC分类号： H04L63/205 ,  G06F21/31 ,  G06F2221/2105 ,  H04W12/00503 ,  H04W12/00504 ,  H04W12/06

摘要： Provided are a reinforced authentication system and method using context information at the time of access to a mobile cloud service. The system comprises a mobile terminal transmitting a context information message, which comprises context information, and authentication information and a context information-based authentication server receiving the context information message and the authentication information, determining an authentication mechanism based on the context information message, and authenticating a user of the mobile terminal.

摘要翻译： 提供了在访问移动云服务时使用上下文信息的加强认证系统和方法。 该系统包括：发送包含上下文信息的上下文信息消息和认证信息的移动终端以及接收上下文信息消息和认证信息的上下文信息认证服务器，基于上下文信息消息确定认证机制;以及 认证移动终端的用户。

公开(公告)号：US20100154057A1

公开(公告)日：2010-06-17

申请号：US12353722

申请日：2009-01-14

申请人： Kyoung Hee KO ,  Hwan-Kuk Kim ,  JeongWook Kim ,  Chang-Yong Lee ,  HyunCheol Jeong

发明人： Kyoung Hee KO ,  Hwan-Kuk Kim ,  JeongWook Kim ,  Chang-Yong Lee ,  HyunCheol Jeong

IPC分类号： G06F11/00 ,  G06F9/00

CPC分类号： H04L63/1416 ,  G06F2221/2101 ,  H04L63/1458 ,  H04L65/1006 ,  H04L65/1076 ,  H04L2463/141

摘要： The present invention relates to a Session Initiation Protocol (SIP) intrusion detection and response architecture for protecting SIP-based services, and more specifically, to an SIP intrusion detection and response architecture for protecting SIP-based services, in which SIP-based attacks of a new type can be coped with by detecting the SIP-based attacks and SIP traffic anomalies and managing an SIP-aware security device without degrading quality of multimedia, and signal and media channels can be examined through an SIP-aware intrusion prevention system (IPS) for the purpose of preventing an attacker from hindering a call through manipulation of an SIP message and session-hijacking among legitimate users and attempting a toll fraud by detouring authentication.

摘要翻译： 本发明涉及用于保护基于SIP的服务的会话发起协议（SIP）入侵检测和响应架构，更具体地，涉及用于保护基于SIP的服务的SIP入侵检测和响应架构，其中基于SIP的攻击 可以通过检测基于SIP的攻击和SIP流量异常并管理SIP感知安全设备而不降低多媒体的质量来应对新的类型，并且可以通过SIP感知入侵防御系统（IPS）来检查信号和媒体信道 ），以防止攻击者通过操纵SIP消息和合法用户之间的会话劫持来阻止呼叫，并通过迂回认证尝试长途欺诈。