公开(公告)号：US20090265201A1

公开(公告)日：2009-10-22

申请号：US12426678

申请日：2009-04-20

申请人： Min Sik KIM ,  Jung Gil PARK ,  Soon Jwa HONG ,  Peter Hoh In ,  Taek LEE

发明人： Min Sik KIM ,  Jung Gil PARK ,  Soon Jwa HONG ,  Peter Hoh In ,  Taek LEE

IPC分类号： G06Q10/00

CPC分类号： G06Q40/06

摘要： Provided are a method and apparatus for determining a security solution. The method and apparatus generate a security solution analysis model for analyzing effects on investment of security solution combinations consisting of several security solution candidates on the basis of integer programming (IP), standardize various constraints that have significant effects on security solution determination on the basis of IP, and apply the standardized constraints to the security solution analysis model, thereby determining a security solution combination having the smallest residual risk while satisfying the constraints as an optimum security solution combination.According to the method and apparatus, an optimum security solution combination that can minimize a residual risk while satisfying various constraints is rapidly and accurately determined. Thus, it is possible to support effective determination in information security investment.

摘要翻译： 提供了一种用于确定安全解决方案的方法和装置。 该方法和设备生成一个安全解决方案分析模型，用于分析由基于整数规划（IP）的几个安全解决方案候选者组成的安全解决方案组合对投资的影响，标准化对基于安全解决方案确定有重大影响的各种约束 IP，并将标准化约束应用于安全解决方案分析模型，从而确定具有最小剩余风险的安全解决方案组合，同时满足约束作为最佳安全解决方案组合。 根据该方法和装置，可以快速，准确地确定在满足各种约束的情况下最小化剩余风险的最佳安全解决方案组合。 因此，有可能支持信息安全投资的有效决定。

公开(公告)号：US20090260085A1

公开(公告)日：2009-10-15

申请号：US12208708

申请日：2008-09-11

申请人： Min Sik KIM ,  Jong Moon LEE ,  Hyun Dong PARK ,  Soon Jwa HONG

发明人： Min Sik KIM ,  Jong Moon LEE ,  Hyun Dong PARK ,  Soon Jwa HONG

IPC分类号： G06F21/00

CPC分类号： H04L63/14 ,  G06F21/554 ,  G06F21/564

摘要： Provided are an apparatus, system and method for blocking malicious code. The apparatus includes a first malicious code detector for determining whether or not a received e-mail includes malicious code, on the basis of previously stored malicious code patterns, a second malicious code detector for performing second malicious code detection on a received e-mail determined by the first malicious code detector not to include malicious code, a pattern extractor for extracting a new malicious code pattern from malicious code detected by the second malicious code detector, and a transceiver for transferring the extracted new malicious code pattern to a pattern providing server. According to the apparatus, system and method, when one terminal detects a new malicious code pattern, a pattern providing server rapidly provides the new malicious code pattern to other terminals, and thus it is possible to rapidly and flexibly cope with the spread of malicious codes having new patterns

摘要翻译： 提供了用于阻止恶意代码的装置，系统和方法。 该装置包括第一恶意代码检测器，用于基于先前存储的恶意代码模式来确定接收到的电子邮件是否包括恶意代码;第二恶意代码检测器，用于对所接收的电子邮件进行第二恶意代码检测 由第一恶意代码检测器不包括恶意代码，用于从由第二恶意代码检测器检测到的恶意代码提取新的恶意代码模式的模式提取器，以及用于将所提取的新的恶意代码模式传送到模式提供服务器的收发器。 根据装置，系统和方法，当一个终端检测到新的恶意代码模式时，模式提供服务器迅速向其他终端提供新的恶意代码模式，因此可以快速灵活地应对恶意代码的扩展 有新的模式

公开(公告)号：US20090126026A1

公开(公告)日：2009-05-14

申请号：US12102381

申请日：2008-04-14

申请人： Min Sik KIM ,  Jung Gil PARK

发明人： Min Sik KIM ,  Jung Gil PARK

IPC分类号： G06F7/04

CPC分类号： G06F21/51 ,  G06F2221/2119

摘要： Provided is a method for enabling a user terminal to avoid exposure to a malicious code, by classifying web pages including a malicious code and blocking user access to the web pages including the malicious code when a user searches for a web page using a search engine. A method for managing malicious-code spreading sites using a search engine includes: analyzing a currently accessed web site to determine whether a malicious code is included in the web site; if the malicious code is included in the currently accessed web site, registering the web site as a malicious-code spreading site; and, if the web site registered as a malicious-code spreading site is included in a web-site search result from a search engine, blocking user access to the web site. Web pages including a malicious code are classified and user access to the web pages including the malicious code is blocked when a user searches for a web page using a search engine, thereby preventing a user terminal from being exposed to the malicious code.

摘要翻译： 提供了一种用于使用户终端避免暴露于恶意代码的方法，当用户使用搜索引擎搜索网页时，通过对包括恶意代码的网页进行分类，并阻止用户访问包括恶意代码的网页的用户访问。 使用搜索引擎管理恶意代码传播站点的方法包括：分析当前访问的网站以确定恶意代码是否包括在网站中; 如果恶意代码被包含在当前访问的网站中，则将该网站注册为恶意代码传播站点; 并且如果注册为恶意代码传播站点的网站被包括在来自搜索引擎的网站搜索结果中，则阻止用户访问该网站。 包含恶意代码的网页被分类，并且当用户使用搜索引擎搜索网页时阻止对包括恶意代码的网页的用户访问，从而防止用户终端暴露于恶意代码。

公开(公告)号：US20090055931A1

公开(公告)日：2009-02-26

申请号：US12056339

申请日：2008-03-27

申请人： Min Sik KIM ,  Jong Moon LEE ,  Jung Gil PARK

发明人： Min Sik KIM ,  Jong Moon LEE ,  Jung Gil PARK

IPC分类号： G06F21/00

CPC分类号： G06F21/554 ,  G06F21/577

摘要： Provided are a web server vulnerability detecting device and method which detect vulnerability of a plurality of high-performance web servers in real-time using a plurality of search engines simultaneously and automatically provide the updated detailed information on detected vulnerability. The device includes: a web server examination module for requesting a plurality of different search engines to examine a file with a likelihood of vulnerability, in response to an input search word, and receiving from the search engines URLs of web servers on which the file with a likelihood of vulnerability is located; an optimal information collection module for optimizing the URLs of the web servers received from the search engines to obtain optimal information; a web server vulnerability detecting module for detecting vulnerability of a web server corresponding to the optimal information; and a vulnerability information collection module for collecting and providing the latest detailed information on the detected vulnerability.According to the device and method, damage caused by web server intrusions can be reduced, the vulnerability of web servers can be more precisely detected using a plurality of different search engines, and the updated latest detailed information can be provided.

摘要翻译： 提供了一种网络服务器漏洞检测装置和方法，其同时检测多个高性能网络服务器的实时使用多个搜索引擎的漏洞，并自动提供关于检测到的漏洞的更新的详细信息。 该设备包括：Web服务器检查模块，用于响应于输入的搜索词，请求多个不同的搜索引擎检查具有脆弱性的文件，并且从搜索引擎中接收具有 存在脆弱性的可能性; 最优信息收集模块，用于优化从搜索引擎接收到的网络服务器的URL以获得最佳信息; 用于检测对应于最佳信息的web服务器的脆弱性的Web服务器漏洞检测模块; 以及一个漏洞信息收集模块，用于收集和提供有关检测到的漏洞的最新详细信息。 根据该装置和方法，可以减少Web服务器入侵造成的损害，可以使用多个不同的搜索引擎更准确地检测网络服务器的脆弱性，并且可以提供更新的最新详细信息。

公开(公告)号：US20090100522A1

公开(公告)日：2009-04-16

申请号：US12057457

申请日：2008-03-28

申请人： Min Sik KIM ,  Jung Gil PARK

发明人： Min Sik KIM ,  Jung Gil PARK

IPC分类号： G06F21/00

CPC分类号： H04L63/1433

摘要： Provided is a web firewall for automatically checking for vulnerabilities, including: an administrating server scheduling part for ordering the examination of an administrating web server according to a predetermined examination schedule; a vulnerability search database calling part for calling a vulnerability search database previously stored according to the order of the administrating server scheduling part; a vulnerability searching part for searching for potential vulnerabilities of the administrating web server corresponding to data included in the called vulnerability search database; a vulnerability information deducing part for optimizing the results searched in the vulnerability searching part to deduce vulnerability information; a vulnerability checking part for checking the vulnerabilities of the administrating web server based on the results deduced from the vulnerability information deducing part; and a detailed vulnerability information reporting part for reporting detailed information on the checked vulnerabilities.

摘要翻译： 提供了一种用于自动检查漏洞的网络防火墙，包括：管理服务器调度部分，用于根据预定的检查时间表对管理的web服务器进行排序; 漏洞搜索数据库调用部件，用于根据管理服务器调度部的顺序调用先前存储的漏洞检索数据库; 漏洞搜索部分，用于搜索与所述被叫漏洞搜索数据库中包括的数据相对应的管理web服务器的潜在漏洞; 脆弱性信息推导部分，用于优化在漏洞搜索部分搜索的结果，以推断漏洞信息; 基于从漏洞信息推导部分推断的结果，检查管理的Web服务器的漏洞的漏洞检查部分; 以及详细的漏洞信息报告部分，用于报告检查的漏洞的详细信息。

公开(公告)号：US20220232914A1

公开(公告)日：2022-07-28

申请号：US17615486

申请日：2020-05-15

申请人： Min Sik KIM

发明人： Min Sik KIM

IPC分类号： A41D27/18 ,  A41B3/00

摘要： The present invention relates to a garment. More specifically, a garment having a shape-transformable collar according to an embodiment of the present invention may comprise a body part and a collar, wherein the collar includes an upper collar and a collar band, and the upper collar and the collar band are formed to have different shapes, so as to enable transformation into various collar shapes through mutually corresponding coupling between a linear portion and a curved portion thereof. In particular, the curved portions of the upper collar and the collar band are formed to have different curvatures. However, the upper collar and the collar band are coupled to correspond to each other, so that the shape of the collar is stably maintained even when the collar is erected or laid down, whereby the present invention can have a fine appearance and also provide an excellent cold weather protection effect.