公开(公告)号：US09270550B2

公开(公告)日：2016-02-23

申请号：US13882724

申请日：2011-11-07

Applicant: Kyu-Min Choi

Inventor： Kyu-Min Choi

IPC: H04L12/26 ,  G06F11/00

CPC classification number: H04L43/08 ,  H04L43/022 ,  H04L43/026 ,  H04L43/028

Abstract: The present invention relates to a session-based traffic analysis system that may accurately analyze an amount of traffic for each transmission control protocol (TCP) connection using only one-way packets. The system may accurately analyze an amount of two-way traffic using only one-way connection information.

Abstract translation: 本发明涉及一种基于会话的业务分析系统，其可以使用单向分组来精确地分析每个传输控制协议（TCP）连接的业务量。 系统可以使用单向连接信息准确分析双向流量。

公开(公告)号：US20130286872A1

公开(公告)日：2013-10-31

申请号：US13882724

申请日：2011-11-07

Applicant: Kyu-Min Choi

Inventor： Kyu-Min Choi

IPC: H04L12/26

CPC classification number: H04L43/08 ,  H04L43/022 ,  H04L43/026 ,  H04L43/028

Abstract: The present invention relates to a session-based traffic analysis system that may accurately analyze an amount of traffic for each transmission control protocol (TCP) connection using only one-way packets. The system may accurately analyze an amount of two-way traffic using only one-way connection information.

Abstract translation: 本发明涉及一种基于会话的业务分析系统，其可以使用单向分组来精确地分析每个传输控制协议（TCP）连接的业务量。 系统可以使用单向连接信息准确分析双向流量。

公开(公告)号：US20130254394A1

公开(公告)日：2013-09-26

申请号：US13992631

申请日：2011-12-05

Applicant: Kyoung-Pil Kong ,  Yun-Seok Lee ,  Sun Min Jeon

Inventor： Kyoung-Pil Kong ,  Yun-Seok Lee ,  Sun Min Jeon

IPC: H04L12/26

CPC classification number: H04L43/10 ,  H04L12/1403 ,  H04L12/1435 ,  H04L43/028 ,  H04L63/0272 ,  H04L63/0281 ,  H04L63/0876 ,  H04L63/168 ,  H04L67/02 ,  H04L67/22 ,  H04L67/306 ,  H04M15/41 ,  H04M15/43 ,  H04M15/765 ,  H04M15/7652

Abstract: The present invention relates to a system and method for authenticating, monitoring, and managing all terminals connected to a wireless/wired network to use Internet. A shared terminal management system comprises a management server, a charging server, a central server, a central authentication G/W server, and a proxy server, and assigns a terminal identification value for every terminal that uses Internet, authenticates terminals by reading and analyzing the assigned terminal identification value, monitors and manages shared terminals used as being connected to one line to classify lines into a basic line and an additional line, and charges for the additional line. The shared terminal identification system for identifying and managing terminals connected to one Internet line comprises a subscriber line authentication unit, a packet collecting unit, a first packet analyzing unit, an element packet transmission unit, a data management unit and a terminal determining unit. The shared terminal processing method for managing the shared terminals comprises the following steps: detecting users of a sharing device; selecting target users for sharing devices; transmitting a notification; applying for an additional terminal service subscription; and ceasing the connection to the Internet.

Abstract translation: 本发明涉及一种用于认证，监控和管理连接到无线/有线网络以使用因特网的所有终端的系统和方法。 共享终端管理系统包括管理服务器，计费服务器，中央服务器，中央认证G / W服务器和代理服务器，并为每个使用因特网的终端分配终端标识值，通过阅读和分析认证终端 分配的终端识别值，监视和管理用于连接到一条线路的共享终端，以将线路划分为基本线路和附加线路，并为附加线路收费。 用于识别和管理连接到一个因特网线路的终端的共享终端识别系统包括用户线路认证单元，分组收集单元，第一分组分析单元，元素分组传输单元，数据管理单元和终端确定单元。 用于管理共享终端的共享终端处理方法包括以下步骤：检测共享设备的用户; 选择共享设备的目标用户; 传送通知; 申请附加终端服务订阅; 并停止连接到互联网。

公开(公告)号：US09270567B2

公开(公告)日：2016-02-23

申请号：US13992631

申请日：2011-12-05

Applicant: Kyoung-Pil Kong ,  Yun-Seok Lee ,  Sun Min Jeon

Inventor： Kyoung-Pil Kong ,  Yun-Seok Lee ,  Sun Min Jeon

IPC: G06F15/173 ,  H04L12/26 ,  H04L29/08 ,  H04M15/00 ,  H04L12/14 ,  H04L29/06

CPC classification number: H04L43/10 ,  H04L12/1403 ,  H04L12/1435 ,  H04L43/028 ,  H04L63/0272 ,  H04L63/0281 ,  H04L63/0876 ,  H04L63/168 ,  H04L67/02 ,  H04L67/22 ,  H04L67/306 ,  H04M15/41 ,  H04M15/43 ,  H04M15/765 ,  H04M15/7652

Abstract: The present invention relates to a system and method for authenticating, monitoring, and managing all terminals connected to a wireless/wired network to use Internet. A shared terminal management system comprises a management server, a charging server, a central server, a central authentication G/W server, and a proxy server, and assigns a terminal identification value for every terminal that uses Internet, authenticates terminals by reading and analyzing the assigned terminal identification value, monitors and manages shared terminals used as being connected to one line to classify lines into a basic line and an additional line, and charges for the additional line. The shared terminal identification system for identifying and managing terminals connected to one Internet line comprises a subscriber line authentication unit, a packet collecting unit, a first packet analyzing unit, an element packet transmission unit, a data management unit and a terminal determining unit.

Abstract translation: 本发明涉及一种用于认证，监控和管理连接到无线/有线网络以使用因特网的所有终端的系统和方法。 共享终端管理系统包括管理服务器，计费服务器，中央服务器，中央认证G / W服务器和代理服务器，并为每个使用因特网的终端分配终端标识值，通过阅读和分析认证终端 分配的终端识别值，监视和管理用于连接到一条线路的共享终端，以将线路划分为基本线路和附加线路，并为附加线路收费。 用于识别和管理连接到一个因特网线路的终端的共享终端识别系统包括用户线路认证单元，分组收集单元，第一分组分析单元，元素分组传输单元，数据管理单元和终端确定单元。

公开(公告)号：US08578488B2

公开(公告)日：2013-11-05

申请号：US13121809

申请日：2008-11-18

Applicant: Hyoung-Bae Park ,  Yun-Seok Lee ,  Kyu-Min Choi ,  Kyoung-Pil Kong ,  Pil-Sang You ,  Sung-Goo Kim

Inventor： Hyoung-Bae Park ,  Yun-Seok Lee ,  Kyu-Min Choi ,  Kyoung-Pil Kong ,  Pil-Sang You ,  Sung-Goo Kim

IPC: G06F11/00 ,  G06F12/14 ,  G06F12/16 ,  G08B23/00

CPC classification number: H04L63/1466 ,  H04L29/12028 ,  H04L61/103

Abstract: The present invention is related to a method for neutralizing a malicious ARP spoofing attack generated in a local network and in particular, the present invention provides a method for neutralizing an ARP spoofing attack comprising a step for detecting an ARP spoofing attack based on an ARP request packet generated for an ARP spoofing attack; a step for generating a plurality of counterfeit MAC addresses and dynamically changing MAC addresses of network devices or servers which are to be protected whenever an ARP spoofing attack is generated; and a step for neutralizing an ARP spoofing attack by using a counterfeit MAC address which is capable of neutralizing an ARP spoofing attack adequately.

Abstract translation: 本发明涉及一种中和本地网络中产生的恶意ARP欺骗攻击的方法，特别是本发明提供一种中和ARP欺骗攻击的方法，包括：基于ARP请求检测ARP欺骗攻击的步骤 为ARP欺骗攻击而生成的报文; 一旦生成ARP欺骗攻击就产生多个伪造MAC地址和动态地改变要被保护的网络设备或服务器的MAC地址的步骤; 以及通过使用能够充分中和ARP欺骗攻击的伪造MAC地址来中和ARP欺骗攻击的步骤。

公开(公告)号：US09270702B2

公开(公告)日：2016-02-23

申请号：US13883161

申请日：2011-11-02

Applicant: Hyoung-Bae Park ,  Jeong-Ah Kim ,  Kyu-Min Choi ,  Yun-Seok Lee ,  Sung-Goo Kim

Inventor： Hyoung-Bae Park ,  Jeong-Ah Kim ,  Kyu-Min Choi ,  Yun-Seok Lee ,  Sung-Goo Kim

IPC: H04L29/00 ,  H04L29/06 ,  H04W12/08 ,  H04W84/04

CPC classification number: H04L63/20 ,  H04L63/102 ,  H04W12/08 ,  H04W84/045

Abstract: The present invention relates to a method of implementing a security system for preemptively preventing a decrease in work efficiency due to leaked confidential secrets or the browsing of non work-related sites through a mobile terminal. A security manager implements an environment for allowing, blocking, or recording Internet usage in an independent mobile communication network in an area requiring security, uses a security system server to preregister information on mobile terminals of users who are expected to use the Internet, makes agreements on how personal information will be handled when outside visitors visit the network, registers information on mobile terminals of outside visitors with the security system server, and oversees the installation of a security app whenever necessary.

Abstract translation: 本发明涉及一种实现安全系统的方法，用于通过移动终端预防性地防止由于泄漏的机密秘密或非工作相关站点的浏览而降低工作效率。 安全管理员在需要安全性的区域中实现在独立移动通信网络中允许，阻止或记录互联网使用的环境，使用安全系统服务器预先注册预期使用互联网的用户的移动终端上的信息， 关于外部访问者访​​问网络时如何处理个人信息，请在安全系统服务器上注册外部访问者的移动终端的信息，并在必要时监督安全应用程序的安装。

公开(公告)号：US08661133B2

公开(公告)日：2014-02-25

申请号：US13121733

申请日：2008-10-28

Applicant: Hyoung-Bae Park ,  Yun-Seok Lee ,  Kyu-Min Choi ,  Kyoung-Pil Kong ,  Pil-Sang You ,  Sung-Goo Kim

Inventor： Hyoung-Bae Park ,  Yun-Seok Lee ,  Kyu-Min Choi ,  Kyoung-Pil Kong ,  Pil-Sang You ,  Sung-Goo Kim

IPC: G06F13/20 ,  G06F13/14 ,  G06F21/20 ,  H04L12/12

CPC classification number: H04L63/0227 ,  H04L29/12367 ,  H04L61/2514

Abstract: The present invention provides according to an embodiment a method including analyzing traffic; judging whether NAT (Network Address Translation) use of a client configuring and using a private network as well as a being provided an authorized IP address (an Internet IP address) is allowed or not, for analyzing and detecting a number of sharing terminals; creating a database using data; and formulating a policy by using information in the database, so that when users of the private network connect to the Internet at the same time, permission or blocking of Internet use can be executed selectively.

Abstract translation: 本发明根据实施例提供了一种分析业务的方法; 判断NAT（网络地址转换）是否使用配置和使用专用网络的客户端以及被提供的授权IP地址（互联网IP地址），用于分析和检测多个共享终端; 使用数据创建数据库; 并且通过使用数据库中的信息来制定策略，使得当专用网络的用户同时连接到因特网时，可以选择性地执行对互联网使用的许可或阻止。

公开(公告)号：US20130283341A1

公开(公告)日：2013-10-24

申请号：US13883161

申请日：2011-11-02

Applicant: Hyoung-Bae Park ,  Jeong-Ah Kim ,  Kyu-Min Choi ,  Yun-Seok Lee ,  Sung-Goo Kim

Inventor： Hyoung-Bae Park ,  Jeong-Ah Kim ,  Kyu-Min Choi ,  Yun-Seok Lee ,  Sung-Goo Kim

IPC: H04L29/06

CPC classification number: H04L63/20 ,  H04L63/102 ,  H04W12/08 ,  H04W84/045

Abstract: The present invention relates to a method of implementing a security system for preemptively preventing a decrease in work efficiency due to leaked confidential secrets or the browsing of non work-related sites through a mobile terminal. A security manager implements an environment for allowing, blocking, or recording Internet usage in an independent mobile communication network in an area requiring security, uses a security system server to preregister information on mobile terminals of users who are expected to use the Internet, makes agreements on how personal information will be handled when outside visitors visit the network, registers information on mobile terminals of outside visitors with the security system server, and oversees the installation of a security app whenever necessary.

Abstract translation: 本发明涉及一种实现安全系统的方法，用于通过移动终端预防性地防止由于泄漏的机密秘密或非工作相关站点的浏览而降低工作效率。 安全管理员在需要安全性的区域中实现在独立移动通信网络中允许，阻止或记录互联网使用的环境，使用安全系统服务器预先注册预期使用互联网的用户的移动终端上的信息， 关于外部访问者访​​问网络时如何处理个人信息，请在安全系统服务器上注册外部访问者的移动终端的信息，并在必要时监督安全应用程序的安装。

公开(公告)号：US08230007B2

公开(公告)日：2012-07-24

申请号：US12681748

申请日：2008-10-08

Applicant: Yun-Seok Lee ,  Jeong-Ah Kim ,  Kyu-Min Choi ,  Se-Eun Cheon ,  Kyoung-Pil Kong

Inventor： Yun-Seok Lee ,  Jeong-Ah Kim ,  Kyu-Min Choi ,  Se-Eun Cheon ,  Kyoung-Pil Kong

IPC: G06F15/173

CPC classification number: H04L41/12 ,  H04L41/0893 ,  H04L63/14 ,  H04L67/22

Abstract: The present invention is related to a technology for grasping the number of a plurality of terminals of a client using a Cookie in a private network in which plural terminals are shared by redirecting a session which is to be connected to a Web by analyzing a TCP/IP packet, detecting the accurate number of a plurality of terminals of a client using an Internet, and making the accurate number as a DB, and selectively permitting or blocking a connection to Internet according to TCP/IP by using the Cookie pool information of a DB type and JOB when the users configuring and using a private network connect to the Internet at the same time.

Abstract translation: 本发明涉及一种用于通过分析TCP / IP协议来重定向要连接到Web的会话的私有网络中的使用Cookie的客户端的多个终端的数量的技术， IP数据包，使用因特网检测客户端的多个终端的准确数量，并将准确的号码作为数据库，并根据TCP / IP选择性地允许或阻止与因特网的连接，通过使用 当配置和使用专用网络的用户同时连接到Internet时，DB类型和JOB。

公开(公告)号：US20110179486A1

公开(公告)日：2011-07-21

申请号：US13121809

申请日：2008-11-18

Applicant: Hyoung-Bae Park ,  Yun-Seok Lee ,  Kyu-Min Choi ,  Kyoung-Pil Kong ,  Pil-Sang You ,  Sung-Goo Kim

Inventor： Hyoung-Bae Park ,  Yun-Seok Lee ,  Kyu-Min Choi ,  Kyoung-Pil Kong ,  Pil-Sang You ,  Sung-Goo Kim

IPC: G06F21/20

CPC classification number: H04L63/1466 ,  H04L29/12028 ,  H04L61/103

Abstract: The present invention is related to a method for neutralizing a malicious ARP spoofing attack generated in a local network and in particular, the present invention provides a method for neutralizing an ARP spoofing attack comprising a step for detecting an ARP spoofing attack based on an ARP request packet generated for an ARP spoofing attack; a step for generating a plurality of counterfeit MAC addresses and dynamically changing MAC addresses of network devices or servers which are to be protected whenever an ARP spoofing attack is generated; and a step for neutralizing an ARP spoofing attack by using a counterfeit MAC address which is capable of neutralizing an ARP spoofing attack adequately.

Abstract translation: 本发明涉及一种中和本地网络中产生的恶意ARP欺骗攻击的方法，特别是本发明提供一种中和ARP欺骗攻击的方法，包括：基于ARP请求检测ARP欺骗攻击的步骤 为ARP欺骗攻击而生成的报文; 一旦生成ARP欺骗攻击就产生多个伪造MAC地址和动态地改变要被保护的网络设备或服务器的MAC地址的步骤; 以及通过使用能够充分中和ARP欺骗攻击的伪造MAC地址来中和ARP欺骗攻击的步骤。