Apparatus and method for controlling abnormal traffic
    1.
    发明申请
    Apparatus and method for controlling abnormal traffic 失效
    用于控制异常流量的装置和方法

    公开(公告)号:US20060120284A1

    公开(公告)日:2006-06-08

    申请号:US11292462

    申请日:2005-12-01

    摘要: An apparatus and method for controlling abnormal traffic are provided. The apparatus includes: a list management unit which stores a list of Internet Protocols (IPs) transmitting normal packets and, if an IP transmitting packets constituting current packet traffic currently input to a network is a registered IP listed in the IP list, announces that the current packet traffic is packet traffic generated by a registered IP; a channel allocation unit which determines whether packets input via the list management unit are normal or abnormal, allocates channels to the input packets in such a manner that a packet determined as being normal is given priority over a packet determined as being abnormal, adjusts a number of channels reserved for allocation to normal packets in response to a predetermined control command, transmits the input packets to a network node, and transmits IP information regarding the input packets that are determined as being normal, the predetermined control command being issued according to the level of services for normal packet traffic; a success rate determination unit which determines a service success rate for packets received from a registered IP listed in the IP list stored in the list management unit based on packet traffic information received from the list management unit and the IP information received from the channel allocation information; and a channel number adjustment unit which transmits the predetermined command to the channel allocation unit so that the channel allocation unit can adjust the number of channels reserved for allocation to normal packets based on the service success rate determined by the success rate determination unit. Accordingly, it is possible to guarantee the survivability of a network and the reliability of Internet services by appropriately controlling abnormal traffic input to the network.

    摘要翻译: 提供了一种用于控制异常流量的装置和方法。 该装置包括:列表管理单元,其存储发送普通分组的因特网协议(IP)列表,并且如果构成当前输入到网络的当前分组业务的IP传输分组是IP列表中列出的注册IP,则宣布 当前分组流量是由注册的IP生成的分组流量; 确定经由列表管理单元输入的分组是正常还是异常的信道分配单元,以对被确定为正常的分组优先于被确定为异常的分组的方式为输入分组分配信道,调整数 根据预定的控制命令保留用于分配给正常分组的信道,将输入分组发送到网络节点,并发送关于被确定为正常的输入分组的IP信息,根据该级别发出预定控制命令 正常分组业务的业务; 成功率确定单元,其基于从列表管理单元接收的分组业务信息和从信道分配信息接收的IP信息,确定从列表管理单元中存储的IP列表中列出的注册IP接收的分组的服务成功率 ; 以及信道号调整单元,其将所述预定命令发送到所述信道分配单元,使得所述信道分配单元可以基于由所述成功率确定单元确定的服务成功率来调整保留用于正常分组的信道数目。 因此,通过适当地控制对网络的异常流量输入,可以保证网络的生存性和互联网服务的可靠性。

    System and method for analyzing malicious code protocol and generating harmful traffic
    2.
    发明申请
    System and method for analyzing malicious code protocol and generating harmful traffic 审中-公开
    分析恶意代码协议并产生有害流量的系统和方法

    公开(公告)号:US20060130145A1

    公开(公告)日:2006-06-15

    申请号:US11152987

    申请日:2005-06-14

    申请人: Byeong Choi Dong Seo

    发明人: Byeong Choi Dong Seo

    IPC分类号: G06F12/14

    CPC分类号: H04L63/1408 H04L63/1433

    摘要: The provided method and system is a method and system for analyzing the malicious code protocol and generating harmful traffic. The harmful traffic generating method constructs packet protocol information for generating a first attack packet corresponding to the TCP/IP protocol for generating network traffic, and then sets network vulnerability scanning for generating a second attack packet for carrying out network vulnerability scanning. Subsequently, the method constructs attack information for generating a third attack packet in the form of denial of service, and generates harmful traffic using the packet protocol information, network vulnerability scanning and attack information. Accordingly, performance testing of the network security system against malicious code attacks such as the Internet worm can be performed.

    摘要翻译: 提供的方法和系统是分析恶意代码协议并产生有害流量的方法和系统。 有害流量生成方法构建分组协议信息,生成与TCP / IP协议相对应的第一攻击分组,生成网络流量,然后设置网络漏洞扫描,生成第二个攻击报文,进行网络漏洞扫描。 随后,该方法构造了以拒绝服务形式生成第三个攻击报文的攻击信息,并使用报文协议信息,网络漏洞扫描和攻击信息生成有害流量。 因此,可以执行网络安全系统对恶意代码攻击(如Internet蠕虫)的性能测试。

    Apparatus and method for adaptively preventing attacks
    3.
    发明申请
    Apparatus and method for adaptively preventing attacks 审中-公开
    自适应防止攻击的装置和方法

    公开(公告)号:US20060206935A1

    公开(公告)日:2006-09-14

    申请号:US11187758

    申请日:2005-07-22

    IPC分类号: G06F12/14

    CPC分类号: H04L63/1416 G06F21/55

    摘要: An apparatus and method for adaptively preventing attacks which can reduce false positives and negatives for abnormal traffic and can adaptively deal with unknown attacks are provided. The apparatus includes: a behavior analysis unit which estimates an attack detection critical value by analyzing the behavior of network traffic; a traffic determination unit which determines what type of traffic the network traffic is using the estimated attack detection critical value; an attack determination unit which determines whether the network traffic is abnormal by analyzing the network traffic according to a set of determination rules; and an adaptive attack prevention unit which handles the network traffic based on the determination results provided by the attack determination unit. Accordingly, it is possible to reduce false positives and negatives for abnormal traffic or unknown attacks input to a network.

    摘要翻译: 提供一种自适应防止攻击的装置和方法,可以减少异常流量的误报和否定,并可以自适应地应对未知攻击。 该装置包括:行为分析单元,其通过分析网络流量的行为来估计攻击检测临界值; 确定网络流量正在使用所估计的攻击检测临界值的业务类型的流量确定单元; 攻击确定单元,其通过根据一组确定规则分析网络流量来确定网络流量是否异常; 以及基于由所述攻击确定单元提供的确定结果处理所述网络流量的自适应攻击防范单元。 因此,可以减少输入到网络的异常流量或未知攻击的误报和否定。

    User/service authentication methods and apparatuses using split user authentication keys
    4.
    发明申请
    User/service authentication methods and apparatuses using split user authentication keys 审中-公开
    使用分组用户验证密钥的用户/服务认证方法和设备

    公开(公告)号:US20070101126A1

    公开(公告)日:2007-05-03

    申请号:US11520172

    申请日:2006-09-13

    IPC分类号: H04L9/00

    摘要: User/service authentication methods and apparatuses using split user authentication keys are provided. A user authentication key is generated using user's personal information including an identification number and bio information, the generated user authentication key is split into a plurality of keys, and a request for authentication of a user that uses a first user authentication key provided to the user from among the plurality of split user authentication keys is authenticated using the other user authentication keys. After the authentication is successful, a service authentication is performed according to a result obtained by recombining the split user authentication keys, so that when some of distributed service authentication keys are lost or stolen, since original user authentication information cannot be restored, user information is prevented from being exposed, damage caused by a lost or stolen authentication key owing to double authentication is reduced, security protection is reinforced using a security channel formed through the service authentication, and communication exchanges such as electronic commerce over Internet are safer.

    摘要翻译: 提供了使用分割用户验证密钥的用户/服务认证方法和装置。 使用用户的个人信息(包括识别号码和生物信息)生成用户认证密钥,所生成的用户认证密钥被分割成多个密钥,以及使用提供给用户的第一用户认证密钥的用户的认证请求 从多个分离用户认证密钥中使用其他用户认证密钥进行认证。 认证成功后,根据分离的用户认证密钥进行重组而获得的结果进行业务认证,从而当一些分散业务认证密钥丢失或被盗时,由于原始用户认证信息无法恢复,用户信息为 防止暴露,由于双重身份验证而导致的丢失或被盗验证密钥造成的损害减少,使用通过服务认证形成的安全通道来加强安全保护,并且诸如因特网上的电子商务的通信交换更安全。

    Apparatus and method of protecting user's privacy information and intellectual property against denial of information attack
    5.
    发明申请
    Apparatus and method of protecting user's privacy information and intellectual property against denial of information attack 审中-公开
    保护用户隐私信息和知识产权免受信息攻击的设备和方法

    公开(公告)号:US20070136139A1

    公开(公告)日:2007-06-14

    申请号:US11634446

    申请日:2006-12-05

    IPC分类号: G06Q20/00

    摘要: Provided are an apparatus and method of protecting a user's privacy information and corporate intellectual property against a denial-of-information (DoI) attack, and more particularly, a privacy & intellectual property protection framework (PIPPF) and a network-based privacy & intellectual property protection system (NPIPPS). The PIPPF includes the NPIPPS and an integrated identity access and management (IAM)/network access control (NAC) solution. The NPIPPS monitors inbound and outbound contents at the network level and prevents the leakage of important information. In addition, the integrated IAM/NAC solution prevents abnormal user activity within a network and unauthorized use of information.

    摘要翻译: 提供了一种保护用户的隐私信息和企业知识产权免遭拒绝信息攻击的装置和方法,特别是隐私和知识产权保护框架(PIPPF)以及基于网络的隐私与知识产权 财产保护制度(NPIPPS)。 PIPPF包括NPIPPS和集成身份访问和管理(IAM)/网络访问控制(NAC)解决方案。 NPIPPS监控网络级别的入站和出站内容,防止重要信息泄露。 此外,集成的IAM / NAC解决方案可防止用户在网络中的异常活动,以及未经授权的使用信息。

    System for providing media service using sensor network and metadata
    6.
    发明申请
    System for providing media service using sensor network and metadata 审中-公开
    使用传感器网络和元数据提供媒体服务的系统

    公开(公告)号:US20060224619A1

    公开(公告)日:2006-10-05

    申请号:US11182950

    申请日:2005-07-18

    IPC分类号: G06F17/00

    摘要: Disclosed herein is a system for providing media service using a sensor network and metadata. The sensor network includes a plurality of sensor network nodes connected to a media server and one or more media devices, respectively. The media server includes a media information storage unit, a sensor interface unit, a metadata storage unit, a content selection unit and a content transmission unit. The media device includes a content reception unit, a sensor interface unit and a metadata storage unit. The sensor network nodes each include a network interface unit, a device interface unit and a metadata storage unit. In detail, the metadata are input to the corresponding sensor network node, media content desired by a user is intelligently retrieved based on the metadata, and the media content desired by the user is provided to the media device desired by the user, including a mobile media device in the user's possession, at a time desired by the user.

    摘要翻译: 本文公开了一种使用传感器网络和元数据提供媒体服务的系统。 传感器网络包括分别连接到媒体服务器和一个或多个媒体设备的多个传感器网络节点。 媒体服务器包括媒体信息存储单元,传感器接口单元,元数据存储单元,内容选择单元和内容传输单元。 媒体设备包括内容接收单元,传感器接口单元和元数据存储单元。 传感器网络节点各自包括网络接口单元,设备接口单元和元数据存储单元。 详细地,将元数据输入到相应的传感器网络节点,基于元数据智能地检索用户期望的媒体内容,并且将用户期望的媒体内容提供给用户期望的媒体设备,包括移动 用户拥有的媒体设备,在用户期望的时间。

    Mapping apparatus and method of controlling the same
    7.
    发明申请
    Mapping apparatus and method of controlling the same 审中-公开
    映射装置及其控制方法

    公开(公告)号:US20050040349A1

    公开(公告)日:2005-02-24

    申请号:US10827357

    申请日:2004-04-20

    CPC分类号: G11B17/225

    摘要: A mapping apparatus, and a method of controlling the same, including a cassette having a plurality of slots into which planar objects are inserted, and at least one reflector which reflects light beams irradiated into the plurality of slots; and a sensor unit having a light emitting unit and a light receiving unit, the sensor unit determining whether the planar objects have been inserted into the respective slots by determining whether a light beam, irradiated from the light emitting unit, is reflected from the reflector and then received by the light receiving unit.

    摘要翻译: 一种映射装置及其控制方法,包括具有插入平面物体的多个狭缝的盒,以及反射照射到多个槽中的光束的至少一个反射器; 以及具有发光单元和光接收单元的传感器单元,所述传感器单元通过确定从所述发光单元照射的光束是否从所述反射器反射而确定所述平面物体是否已插入到各个狭槽中,以及 然后由光接收单元接收。

    Method for manufacturing transflective liquid crystal display
    8.
    发明申请
    Method for manufacturing transflective liquid crystal display 审中-公开
    半透射液晶显示器的制造方法

    公开(公告)号:US20070002222A1

    公开(公告)日:2007-01-04

    申请号:US11293503

    申请日:2005-12-05

    IPC分类号: G02F1/1335

    摘要: A method for manufacturing a transflective LCD includes forming a gate line and a gate pad extending from the gate line on a substrate, forming an gate insulation layer over an entire surface of the substrate, forming a data line and a data pad extending from the data line, the data line crossing the gate line to define a unit pixel, forming a thin film transistor at the crossing of the gate line and the data line, forming a passivation layer over an entire surface of the substrate including the thin film transistor, patterning the passivation layer to form a plurality of contact holes each exposing a corresponding drain electrode, the gate pad, and the data pad of the thin film transistor, forming a transmissive electrode at a transmissive portion in the unit pixel region on the passivation layer, forming a reflective electrode at a reflective portion in the unit pixel region on the passivation layer, and forming an oxidation prevention layer including a transparent conductive film and a metal layer, wherein the oxidation prevention layer contacts the gate pad and the data pad through the contact hole.

    摘要翻译: 半透射型LCD的制造方法包括在基板上形成从栅极线延伸的栅极线和栅极焊盘,在基板的整个表面上形成栅极绝缘层,形成数据线和从数据延伸的数据焊盘 线,数据线穿过栅极线以限定单位像素,在栅极线和数据线的交叉处形成薄膜晶体管,在包括薄膜晶体管的衬底的整个表面上形成钝化层,图案化 钝化层以形成多个接触孔,每个接触孔暴露相应的漏电极,栅极焊盘和薄膜晶体管的数据焊盘,在钝化层上的单位像素区域的透射部分处形成透射电极,形成 在钝化层上的单位像素区域的反射部分处的反射电极,以及形成包括透明导电膜a的氧化防止层 d金属层,其中所述防氧化层通过所述接触孔接触所述栅极焊盘和所述数据焊盘。

    Panel conveying apparatus for a press line
    9.
    发明申请
    Panel conveying apparatus for a press line 有权
    压线机用面板输送装置

    公开(公告)号:US20050126253A1

    公开(公告)日:2005-06-16

    申请号:US10839853

    申请日:2004-05-06

    申请人: Byeong Choi

    发明人: Byeong Choi

    CPC分类号: B21D43/057 B21D43/05

    摘要: A panel conveying apparatus for a press line comprises a shuttle feeder and at least one panel position regulating device. The shuttle feeder is configured to be movable between presses. The panel position regulating device is mounted on the shuttle feeder and includes a panel guide unit, a rotating screw axis unit, and a link unit. The panel guide unit is configured to guide the panel. The rotating screw axis unit comprises a rotating screw axis and an actuator rotating the rotating screw axis. The link unit connects the panel guide unit and the rotating screw axis unit such that a vertical position of the panel guide unit is regulated in response to a rotation of the rotating screw axis.

    摘要翻译: 一种用于冲压生产线的板材输送装置包括梭式进料器和至少一个面板位置调节装置。 梭式进料器构造成可在印刷机之间移动。 面板位置调节装置安装在往复进给器上,包括面板引导单元,旋转螺杆轴单元和连接单元。 面板引导单元构造成引导面板。 旋转螺杆轴单元包括旋转螺杆轴和旋转旋转螺杆轴的致动器。 连杆单元连接面板引导单元和旋转螺杆轴单元,使得面板引导单元的垂直位置响应于旋转螺杆轴的旋转而被调节。