-
1.发明授权Virtual server and method for identifying zombie, and sinkhole server and method for integratedly managing zombie information 有权用于识别僵尸的虚拟服务器和方法,以及用于综合管理僵尸信息的沉没服务器和方法公开(公告)号:US08706866B2
公开(公告)日:2014-04-22
申请号:US12985728
申请日:2011-01-06
申请人: Sang Kyun Noh , Young Tae Yun , Dong Soo Kim , Yo Sik Kim , Yoon Jung Chung , Won Ho Kim , Yu Jung Han , Cheol Won Lee
发明人: Sang Kyun Noh , Young Tae Yun , Dong Soo Kim , Yo Sik Kim , Yoon Jung Chung , Won Ho Kim , Yu Jung Han , Cheol Won Lee
IPC分类号: G06F21/20 , G06F15/173
CPC分类号: H04L63/1458 , G06F21/44 , H04L67/146
摘要: Provided are a virtual server and method for identifying a zombie, and a sinkhole server and method for integratedly managing zombie information. The virtual server includes an authentication processing module authenticating a host using a CAPTCHA test and providing a cookie to the authenticated host when a web server access request message received from the host does not include a cookie, a cookie value verification module for extracting a cookie value from the web server access request message and verifying the extracted cookie value when the web server access request message includes a cookie, a web page access inducement module for inducing the host to access a web server when the cookie value is verified, and a zombie identification module for blocking access of the host when the cookie value is not verified, and identifying the host as a zombie when the number of blocking operations exceeds a threshold value.
摘要翻译: 提供了用于识别僵尸的虚拟服务器和方法,以及用于综合管理僵尸信息的宿窝服务器和方法。 虚拟服务器包括认证处理模块,使用CAPTCHA测试认证主机,并且当从主机接收到的web服务器访问请求消息不包括cookie时,向认证主机提供cookie,用于提取cookie值的cookie值验证模块 当web服务器访问请求消息包括cookie时,从Web服务器访问请求消息和验证提取的cookie值,当cookie值被验证时用于诱导主机访问web服务器的网页访问诱导模块,以及僵尸识别 当cookie值未被验证时阻止主机访问的模块,以及当阻塞操作次数超过阈值时将主机识别为僵尸。
-
公开(公告)号:US20110271343A1
公开(公告)日:2011-11-03
申请号:US12985252
申请日:2011-01-05
申请人: Yo Sik Kim , Sang Kyun Noh , Yoon Jung Chung , Dong Soo Kim , Won Ho Kim , Yu Jung Han , Young Tae Yun , Ki Wook Sohn , Cheol Won Lee
发明人: Yo Sik Kim , Sang Kyun Noh , Yoon Jung Chung , Dong Soo Kim , Won Ho Kim , Yu Jung Han , Young Tae Yun , Ki Wook Sohn , Cheol Won Lee
IPC分类号: G06F21/00
CPC分类号: G06F21/566
摘要: Provided are an apparatus, system and method for detecting malicious code inserted into a normal process in disguise. The apparatus includes a malicious code detection module for extracting information on a thread generated by a process running on a computer system to identify code related to the thread, preliminarily determining whether or not the identified code is malicious and extracting the code preliminarily determined to be malicious; and a forcible malicious code termination module for finally determining the code as malicious code based on an analysis result of behavior of the extracted code executed in a virtual environment and forcibly terminating execution of the code.
摘要翻译: 提供了一种用于检测插入到伪装的正常进程中的恶意代码的装置,系统和方法。 该装置包括恶意代码检测模块,用于提取由计算机系统上运行的进程生成的线程的信息,以识别与该线程相关的代码,初步确定所识别的代码是否是恶意的,并提取初步确定为恶意的代码 ; 以及强制恶意代码终止模块,用于基于在虚拟环境中执行的提取的代码的行为的分析结果,最终将代码确定为恶意代码,并强制终止代码的执行。
-
3.发明申请VIRTUAL SERVER AND METHOD FOR IDENTIFYING ZOMBIE, AND SINKHOLE SERVER AND METHOD FOR INTEGRATEDLY MANAGING ZOMBIE INFORMATION 有权用于识别ZOMBIE的虚拟服务器和方法,以及用于集成管理ZOMBIE信息的SINKHOVER服务器和方法公开(公告)号:US20110270969A1
公开(公告)日:2011-11-03
申请号:US12985728
申请日:2011-01-06
申请人: Sang Kyun Noh , Young Tae Yun , Dong Soo Kim , Yo Sik Kim , Yoon Jung Chung , Won Ho Kim , Yu Jung Han , Cheol Won Lee
发明人: Sang Kyun Noh , Young Tae Yun , Dong Soo Kim , Yo Sik Kim , Yoon Jung Chung , Won Ho Kim , Yu Jung Han , Cheol Won Lee
IPC分类号: G06F21/20 , G06F15/173
CPC分类号: H04L63/1458 , G06F21/44 , H04L67/146
摘要: Provided are a virtual server and method for identifying a zombie, and a sinkhole server and method for integratedly managing zombie information. The virtual server includes an authentication processing module authenticating a host using a CAPTCHA test and providing a cookie to the authenticated host when a web server access request message received from the host does not include a cookie, a cookie value verification module for extracting a cookie value from the web server access request message and verifying the extracted cookie value when the web server access request message includes a cookie, a web page access inducement module for inducing the host to access a web server when the cookie value is verified, and a zombie identification module for blocking access of the host when the cookie value is not verified, and identifying the host as a zombie when the number of blocking operations exceeds a threshold value.
摘要翻译: 提供了用于识别僵尸的虚拟服务器和方法,以及用于综合管理僵尸信息的宿窝服务器和方法。 虚拟服务器包括认证处理模块,使用CAPTCHA测试认证主机,并且当从主机接收到的web服务器访问请求消息不包括cookie时,向认证主机提供cookie,用于提取cookie值的cookie值验证模块 当web服务器访问请求消息包括cookie时,从Web服务器访问请求消息和验证提取的cookie值,当cookie值被验证时用于诱导主机访问web服务器的网页访问诱导模块,以及僵尸识别 当cookie值未被验证时阻止主机访问的模块,以及当阻塞操作次数超过阈值时将主机识别为僵尸。
-
公开(公告)号:US08955124B2
公开(公告)日:2015-02-10
申请号:US12985252
申请日:2011-01-05
申请人: Yo Sik Kim , Sang Kyun Noh , Yoon Jung Chung , Dong Soo Kim , Won Ho Kim , Yu Jung Han , Young Tae Yun , Ki Wook Sohn , Cheol Won Lee
发明人: Yo Sik Kim , Sang Kyun Noh , Yoon Jung Chung , Dong Soo Kim , Won Ho Kim , Yu Jung Han , Young Tae Yun , Ki Wook Sohn , Cheol Won Lee
CPC分类号: G06F21/566
摘要: Provided are an apparatus, system and method for detecting malicious code inserted into a normal process in disguise. The apparatus includes a malicious code detection module for extracting information on a thread generated by a process running on a computer system to identify code related to the thread, preliminarily determining whether or not the identified code is malicious and extracting the code preliminarily determined to be malicious; and a forcible malicious code termination module for finally determining the code as malicious code based on an analysis result of behavior of the extracted code executed in a virtual environment and forcibly terminating execution of the code.
摘要翻译: 提供了一种用于检测插入到伪装的正常进程中的恶意代码的装置,系统和方法。 该装置包括恶意代码检测模块,用于提取由计算机系统上运行的进程生成的线程的信息,以识别与该线程相关的代码,初步确定所识别的代码是否是恶意的,并提取初步确定为恶意的代码 ; 以及强制恶意代码终止模块,用于基于在虚拟环境中执行的提取的代码的行为的分析结果,最终将代码确定为恶意代码,并强制终止代码的执行。
-
5.发明授权Defense method and device against intelligent bots using masqueraded virtual machine information 有权使用伪装虚拟机信息的智能机器人的防御方法和设备公开(公告)号:US08813226B2
公开(公告)日:2014-08-19
申请号:US12879691
申请日:2010-09-10
申请人: Yoon Jung Chung , Yo Sik Kim , Won Ho Kim , Dong Soo Kim , Sang Kyun Noh , Young Tae Yun , Cheol Won Lee
发明人: Yoon Jung Chung , Yo Sik Kim , Won Ho Kim , Dong Soo Kim , Sang Kyun Noh , Young Tae Yun , Cheol Won Lee
CPC分类号: G06F9/455 , G06F21/55 , G06F21/554 , G06F21/56 , G06F21/566 , G06F2212/151 , H04L29/06877 , H04L29/06891 , H04L29/06911 , H04L29/06918 , H04L63/14 , H04L63/1416 , H04L63/1441 , H04L2463/144
摘要: A defense method and device against intelligent bots using masqueraded virtual machine information are provided. The method includes performing global hooking on a virtual machine detection request transmitted by a process, determining, on the basis of pre-stored malicious process information, whether or not the process transmitting the virtual machine detection request corresponds to a malicious process, and when the process is found to correspond to the malicious process as a result of the determination, determining that the process is generated by the intelligent bot, and returning the masqueraded virtual machine information to the process.
摘要翻译: 提供了使用伪装的虚拟机信息的针对智能机器人的防御方法和设备。 该方法包括对由进程发送的虚拟机检测请求执行全局挂接,根据预先存储的恶意进程信息确定发送虚拟机检测请求的进程是否对应于恶意进程,以及何时 发现过程与恶意进程对应,作为确定的结果,确定该进程是由智能机器人生成的,并将伪装的虚拟机信息返回到该进程。
-
6.发明授权Terminal discriminating apparatus and terminal discriminating method using the same 有权终端识别装置及使用其的终端鉴别方法公开(公告)号:US08729921B2
公开(公告)日:2014-05-20
申请号:US12878808
申请日:2010-09-09
申请人: Seung Jei Yang , Myeong Ryeol Choi , Seung Yong Lee , Nam Deok Cho , Tae Joo Chang , Cheol Won Lee
发明人: Seung Jei Yang , Myeong Ryeol Choi , Seung Yong Lee , Nam Deok Cho , Tae Joo Chang , Cheol Won Lee
IPC分类号: G01R31/28
CPC分类号: G01R31/2805 , G01R31/2808 , G01R31/2815 , G01R31/318572
摘要: A terminal discriminating apparatus and a terminal discriminating method using the same are provided. The terminal discriminating apparatus includes: a measurement unit for measuring a pull-up voltage and a pull-down voltage of each of candidate terminals to be discriminated; a discriminating unit for comparing the pull-up voltages, pull-down voltages, and the differences between the pull-up voltages and pull-down voltages for the candidate terminals to discriminate the types of the candidate terminals; and an output unit for outputting results of the discrimination of the candidate terminals transferred from the discriminating unit. The types of the candidate terminals can be discriminated by comparing the pull-up voltage, the pull-down voltage, and the differences between the pull-up voltages and the pull-down voltages for the candidate terminals.
摘要翻译: 提供了一种使用其的终端识别装置和终端鉴别方法。 终端识别装置包括:测量单元,用于测量待鉴别的候选终端的上拉电压和下拉电压; 鉴别单元,用于比较上拉电压,下拉电压以及候选终端的上拉电压和下拉电压之间的差异,以区分候选终端的类型; 以及输出单元,用于输出从识别单元传送的候选终端的辨别结果。 可以通过比较上拉电压,下拉电压以及候选终端的上拉电压和下拉电压之间的差异来鉴别候选终端的类型。
-
公开(公告)号:US20080292431A1
公开(公告)日:2008-11-27
申请号:US12129010
申请日:2008-05-29
申请人: Gwang Ho Hur , Jun Young Choi , Sang Baek Lee , Cheol Won Lee
发明人: Gwang Ho Hur , Jun Young Choi , Sang Baek Lee , Cheol Won Lee
IPC分类号: B65G1/00
CPC分类号: H01L21/68707 , H01L21/67742 , Y10S414/139 , Y10S414/141
摘要: The present invention relates to a transfer chamber for a flat display device manufacturing apparatus, and more particularly, to a transfer chamber for a flat display device manufacturing apparatus, having a combination of functions of transfer and load-lock chambers, in which a robot is provided aside from a center of the transfer chamber, a buffer is provided to be driven without interference of the robot, and a aligner is provided to adjust a position of a substrate mounted on the buffer. In order to achieve the aforementioned objects, there is provided a transfer chamber for a flat display device manufacturing apparatus, wherein a robot is provided aside from a center of the transfer chamber. In addition, in order to drive the robot, a sealing member is provided to seal a hole formed at a predetermined portion of the transfer chamber, and an aligner for adjusting the substrate in the transfer chamber and a buffer where the substrate is mounted on are provided.
摘要翻译: 本发明涉及一种用于平板显示装置制造装置的传送室,更具体地说,涉及一种平面显示装置制造装置的传送室,其具有传送和装载锁定室的功能的组合,其中机器人是 除了传送室的中心之外,提供缓冲器以在机器人的干扰的情况下被驱动,并且提供对准器以调整安装在缓冲器上的基板的位置。 为了实现上述目的,提供了一种用于平板显示装置制造装置的传送室,其中机器人设置在传送室的中心的旁边。 此外,为了驱动机器人,设置密封构件以密封形成在传送室的预定部分处的孔,并且用于调节传送室中的基板的对准器和安装有基板的缓冲器 提供。
-
公开(公告)号:US09164845B2
公开(公告)日:2015-10-20
申请号:US12626783
申请日:2009-11-27
申请人: Hyun Uk Hwang , Ki Bom Kim , Tae Joo Chang , Cheol Won Lee
发明人: Hyun Uk Hwang , Ki Bom Kim , Tae Joo Chang , Cheol Won Lee
CPC分类号: G06F11/1435
摘要: Provided is a technology which searches an unallocated area to quickly extract information on a deleted partition when checking a disk and an evidence image in digital forensic, and adds a recovered partition to a forensic tool as a new partition. For this, the technology has direct access to the sector of a disk or an evidence image which is obtained, limits information search on an unallocated area only to an area satisfying the minimum size in which a partition may be created, changes an LBA-based sector access scheme into a CHS-based sector access scheme, and reads only the sector of a location having the possibility that a boot record exists to search information of a deleted partition, recovering a partition at high speed.
摘要翻译: 提供了一种搜索未分配区域以在数字取证中检查磁盘和证据图像时快速提取关于删除的分区的信息的技术,并且将恢复的分区作为新的分区添加到取证工具。 为此,该技术可以直接访问所获得的磁盘或证据图像的扇区,仅在未分配区域上的信息搜索仅限于可以创建分区的满足最小大小的区域,改变基于LBA的 扇区访问方案转换为基于CHS的扇区访问方案,并且仅读取具有引导记录存在的可能性以搜索被删除的分区的信息的位置的扇区,以高速恢复分区。
-
公开(公告)号:US09032516B2
公开(公告)日:2015-05-12
申请号:US12944100
申请日:2010-11-11
申请人: Tae Ghyoon Kim , Young Han Choi , Seok Jin Choi , Cheol Won Lee
发明人: Tae Ghyoon Kim , Young Han Choi , Seok Jin Choi , Cheol Won Lee
CPC分类号: G06F21/563 , G06F21/566
摘要: Provided are a system and method for detecting a malicious script. The system includes a script decomposition module for decomposing a web page into scripts, a static analysis module for statically analyzing the decomposed scripts in the form of a document file, a dynamic analysis module for dynamically executing and analyzing the decomposed scripts, and a comparison module for comparing an analysis result of the static analysis module and an analysis result of the dynamic analysis module to determine whether the decomposed scripts are malicious scripts. The system and method can recognize a hidden dangerous hypertext markup language (HTML) tag irrespective of an obfuscation technique for hiding a malicious script in a web page and thus can cope with an unknown obfuscation technique.
摘要翻译: 提供了用于检测恶意脚本的系统和方法。 该系统包括用于将网页分解成脚本的脚本分解模块,用于以文档文件的形式静态分析分解的脚本的静态分析模块,用于动态地执行和分析分解的脚本的动态分析模块,以及比较模块 用于比较静态分析模块的分析结果和动态分析模块的分析结果,以确定分解的脚本是否是恶意脚本。 系统和方法可以识别隐藏的危险超文本标记语言(HTML)标签,而不管用于在网页中隐藏恶意脚本的混淆技术,并且因此可以应对未知的混淆技术。
-
公开(公告)号:US07665946B2
公开(公告)日:2010-02-23
申请号:US10978967
申请日:2004-11-01
申请人: Gwang Ho Hur , Jun Young Choi , Sang Baek Lee , Cheol Won Lee
发明人: Gwang Ho Hur , Jun Young Choi , Sang Baek Lee , Cheol Won Lee
IPC分类号: H01L21/677
CPC分类号: H01L21/68707 , H01L21/67742 , Y10S414/139 , Y10S414/141
摘要: A transfer chamber for a flat display device manufacturing apparatus is provided. The transfer chamber may combine functions of a transfer chamber and a load-lock chamber. A robot may be provided aside from a center of the transfer chamber, and a buffer may be provided so as to avoid interference with the robot. An aligner may adjust a position of a substrate mounted on the buffer.
摘要翻译: 提供了一种用于平板显示装置制造装置的传送室。 传送室可以组合传送室和装载锁定室的功能。 可以从传送室的中心设置机器人,并且可以设置缓冲器以避免与机器人的干涉。 对准器可以调节安装在缓冲器上的衬底的位置。
-
-
-
-
-
-
-
-
-
搜索结果
14 条记录 (耗时 0.036 秒)
