公开(公告)号：US07937765B2

公开(公告)日：2011-05-03

申请号：US11936909

申请日：2007-11-08

申请人： Kang San Kim ,  Hyoung Chun Kim ,  Soon Jwa Hong ,  Eung Ki Park ,  Choon Sik Park

发明人： Kang San Kim ,  Hyoung Chun Kim ,  Soon Jwa Hong ,  Eung Ki Park ,  Choon Sik Park

IPC分类号： G06F11/00

CPC分类号： G06F21/577 ,  G06F21/55 ,  G06F21/57 ,  G06F2221/2101

摘要： Provided are a system and method for checking the security of a personal computer (PC). The system and method automatically check security to protect a PC from computer hacking, viruses, worms, Trojan horses, etc., and inform or cure a vulnerable point. The system and method automatically check and modify all the security check items so that a user who may not have professional computer knowledge can readily cope with a cyber attack, and describe the vulnerable point and the result of the cure to the user with ease. Therefore, the system and method can maintain a PC in its up-to-date state to prevent damage from a cyber attack, and minimize damage from a cyber threat against the main system and service.

摘要翻译： 提供了一种用于检查个人计算机（PC）的安全性的系统和方法。 系统和方法自动检查安全性，保护PC免受计算机黑客攻击，病毒，蠕虫，特洛伊木马等，并通知或治愈脆弱点。 系统和方法自动检查和修改所有安全检查项目，以便可能没有专业的计算机知识的用户可以轻松应对网络攻击，并轻松地描述易受攻击的点和治疗结果。 因此，系统和方法可以使PC处于最新状态，以防止网络攻击造成的损害，并将对主系统和服务的网络威胁的损害降至最低。

公开(公告)号：US20080115220A1

公开(公告)日：2008-05-15

申请号：US11936909

申请日：2007-11-08

申请人： Kang San Kim ,  Hyoung Chun Kim ,  Soon Jwa Hong ,  Eung Ki Park ,  Choon Sik Park

发明人： Kang San Kim ,  Hyoung Chun Kim ,  Soon Jwa Hong ,  Eung Ki Park ,  Choon Sik Park

IPC分类号： G06F12/14

CPC分类号： G06F21/577 ,  G06F21/55 ,  G06F21/57 ,  G06F2221/2101

摘要： Provided are a system and method for checking the security of a personal computer (PC). The system and method automatically check security to protect a PC from computer hacking, viruses, worms, Trojan horses, etc., and inform or cure a vulnerable point. The system and method automatically check and modify all the security check items so that a user who may not have professional computer knowledge can readily cope with a cyber attack, and describe the vulnerable point and the result of the cure to the user with ease. Therefore, the system and method can maintain a PC in its up-to-date state to prevent damage from a cyber attack, and minimize damage from a cyber threat against the main system and service.

摘要翻译： 提供了一种用于检查个人计算机（PC）的安全性的系统和方法。 系统和方法自动检查安全性，保护PC免受计算机黑客攻击，病毒，蠕虫，特洛伊木马等，并通知或治愈脆弱点。 系统和方法自动检查和修改所有安全检查项目，以便可能没有专业的计算机知识的用户可以轻松应对网络攻击，并轻松地描述易受攻击的点和治疗结果。 因此，系统和方法可以使PC处于最新状态，以防止网络攻击造成的损害，并将对主系统和服务的网络威胁的损害降至最低。

公开(公告)号：US08539449B2

公开(公告)日：2013-09-17

申请号：US12102148

申请日：2008-04-14

申请人： Eun Young Kim ,  Young Tae Yun ,  Eung Ki Park

发明人： Eun Young Kim ,  Young Tae Yun ,  Eung Ki Park

IPC分类号： G06F9/44 ,  G06F11/00

CPC分类号： G06F21/577

摘要： Provided is a device and method for inspecting software for vulnerabilities which fuzzes the software by function. The device for inspecting software for vulnerabilities includes a target function selecting module for selecting a function of the software for vulnerabilities to be inspected, a comparison file generating module for generating a first file including the selected function and a second file not including the selected function, a binary pattern comparing module for detecting a changed or added binary pattern by comparing binary values of the first file and the second file, a test case generating module for generating at least one test case based on the detected binary pattern, and a vulnerability verifying module for inspecting vulnerabilities based on the at least one test case and generating a vulnerability inspection result. Accordingly, by intensively fuzzing a part of the software which is changed or added according to the function of the software, software vulnerabilities can be found by each function and fuzzing efficiency can be improved.

摘要翻译： 提供了一种用于检查软件的功能的软件的软件的软件的设备和方法。 用于检查软件的漏洞的装置包括：目标功能选择模块，用于选择要检查的漏洞的软件的功能;比较文件生成模块，用于生成包括所选功能的第一文件和不包括所选功能的第二文件; 用于通过比较第一文件和第二文件的二进制值来检测改变或添加的二进制模式的二进制模式比较模块，用于基于检测到的二进制模式生成至少一个测试用例的测试用例生成模块，以及漏洞验证模块 用于根据至少一个测试用例检查漏洞并生成漏洞检查结果。 因此，通过根据软件的功能对软件的一部分进行强化模糊化，可以通过各功能找到软件漏洞，从而提高模糊效率。

公开(公告)号：US08424090B2

公开(公告)日：2013-04-16

申请号：US12410636

申请日：2009-03-25

申请人： Jung Min Kang ,  Young Han Choi ,  Do Hoon Lee ,  Eung Ki Park

发明人： Jung Min Kang ,  Young Han Choi ,  Do Hoon Lee ,  Eung Ki Park

IPC分类号： G06F11/00

CPC分类号： G06F21/53 ,  G06F21/563 ,  H04L63/1466

摘要： An apparatus and method for detecting an obfuscated malicious web page are provided to find a malicious web page by deobfuscating an obfuscated malicious code. The apparatus includes an obfuscated code detector that detects whether an obfuscated code is included in a source code of a web page, a deobfuscation function inserter that reconfigures the source code by inserting a function for deobfuscating the obfuscated code into the source code, a deobfuscator that is called by the function inserted into the reconfigured source code and deobfuscates the obfuscated code, and a malicious code detector that detects a malicious code using the deobfuscated code.

摘要翻译： 提供用于检测混淆的恶意网页的装置和方法，以通过对模糊的恶意代码进行混淆来查找恶意网页。 该装置包括：检测网页的源代码中是否包含混淆的代码的混淆代码检测器;通过插入用于将模糊化代码混淆到源代码中的功能来重新配置源代码的去模糊功能插入器;解扰器， 被插入到重新配置的源代码中的功能调用，并且对混淆的代码进行混淆，以及使用去模糊化代码来检测恶意代码的恶意代码检测器。