-
公开(公告)号:US20170103202A1
公开(公告)日:2017-04-13
申请号:US15274126
申请日:2016-09-23
Inventor: Sung-Jin KIM , Woomin HWANG , ByungJoon KIM , ChulWoo LEE , HyoungChun KIM
CPC classification number: G06F21/566 , G06F9/45558 , G06F21/564 , G06F2009/45587
Abstract: An apparatus and method for monitoring a virtual machine based on a hypervisor. The method for monitoring a virtual machine based on a hypervisor includes monitoring an attempt to access an executable file located in a virtual machine, when the attempt to access the executable file is detected, extracting a system call transfer factor, input through a task that attempted to make access, acquiring, based on the system call transfer factor, an execution path corresponding to the executable file and a reference path corresponding to a reference file that is executed together with the executable file, and checking based on the execution path and the reference path whether any of the executable file and the reference file is malicious, and collecting a file in which malicious code is present when the malicious code is present in any of the executable file and the reference file.
-
2.发明申请公开(公告)号:US20150326611A1
公开(公告)日:2015-11-12
申请号:US14474242
申请日:2014-09-01
Inventor: ChulWoo LEE , ByungJoon KIM , Sung-Jin KIM , HyoungChun KIM
IPC: H04L29/06
CPC classification number: H04L63/0218 , H04L12/22 , H04L41/046 , H04L63/20
Abstract: The security control apparatus includes a network control unit for receiving a security protocol-based packet that includes a protocol control header and data and that is transmitted between a cloud-based virtual desktop interaction remote agent unit and a virtual machine of a cloud-based virtual desktop interaction device, and blocking network traffic between cloud-based virtual desktop interaction remote agent unit and the virtual machine, depending on received results of checking. A policy checking unit checks whether information extracted from the security protocol-based packet is compliant with control policies, and transmits results of checking to the network control unit. If the information is not compliant with the control policies, a security solution interaction unit transmits the extracted information to an external security solution, and transmits results of checking by a corresponding security solution to the network control unit.
Abstract translation: 安全控制装置包括网络控制单元,用于接收基于安全协议的分组,该分组包括协议控制头部和数据,并且在基于云的虚拟桌面交互远程代理单元与基于云的虚拟的虚拟机 桌面交互设备,以及根据接收到的检查结果阻止基于云的虚拟桌面交互远程代理单元与虚拟机之间的网络流量。 策略检查单元检查从基于安全协议的分组提取的信息是否符合控制策略,并将检查结果发送到网络控制单元。 如果信息不符合控制策略,则安全解决方案交互单元将提取的信息发送到外部安全解决方案,并将相应的安全解决方案的检查结果发送到网络控制单元。
-
3.发明申请INSPECTION AND RECOVERY METHOD AND APPARATUS FOR HANDLING VIRTUAL MACHINE VULNERABILITY 有权检查和恢复方法和设备处理虚拟机的易受攻击性公开(公告)号:US20160092679A1
公开(公告)日:2016-03-31
申请号:US14791729
申请日:2015-07-06
Inventor: Sung-Jin KIM , ByungJoon KIM , ChulWoo LEE , HyoungChun KIM
CPC classification number: G06F21/552 , G06F21/53
Abstract: An inspection and recovery method and apparatus for handling virtual machine vulnerability, which inspect the security status of a virtual machine in a hypervisor domain, and recover a main system file or limit the use of a virtual machine suspected of being damaged due to hacking depending on the results of inspection, thus providing a secure virtual machine use environment for cloud computing. In the presented method, collection target information and inspection criteria including vulnerability inspection criteria, recovery criteria, and hacking damage criteria are updated. Then, the collection target information is collected from the virtual disk and virtual memory of each virtual machine. Vulnerability is inspected in conformity with the inspection criteria, based on the collected information. A damaged main system file depending on inspection results is recovered based on recovery criteria.
Abstract translation: 一种用于处理虚拟机漏洞的检查和恢复方法和装置,用于检查虚拟机管理程序域中的虚拟机的安全状态,并恢复主系统文件或限制由于黑客而遭到破坏的虚拟机的使用,这取决于 检查结果,从而为云计算提供安全的虚拟机使用环境。 在提出的方法中,更新了收集目标信息和检查标准,包括漏洞检查标准,恢复标准和黑客损害标准。 然后,从每个虚拟机的虚拟盘和虚拟存储器收集收集目标信息。 根据收集到的信息,检查符合检验标准的漏洞。 根据检查结果,损坏的主系统文件将根据恢复标准进行恢复。
-
4.发明申请APPARATUS, METHOD AND SYSTEM FOR CONTEXT-AWARE SECURITY CONTROL IN CLOUD ENVIRONMENT 有权天气环境中的突发安全控制的装置,方法和系统公开(公告)号:US20150237027A1
公开(公告)日:2015-08-20
申请号:US14466971
申请日:2014-08-23
Inventor: Sung-Jin KIM , ChulWoo LEE , ByungJoon KIM , HyoungChun KIM
IPC: H04L29/06
CPC classification number: H04L63/08 , H04L63/205
Abstract: An apparatus, method and system for context-aware security control in a cloud environment are provided. The apparatus includes an authentication header inspection unit and a packet data processing unit. The authentication header inspection unit generates an authentication header based on the received context information and key of a user, compares the generated authentication header with the authentication header of packet data received from a remote user terminal, and outputs the results of the comparison. The packet data processing unit performs one of the transmission, modulation and discarding of packet data from the cloud server of a cloud service network based on the results of the comparison by the authentication header inspection unit.
Abstract translation: 提供了一种用于云环境中的上下文感知安全控制的装置,方法和系统。 该装置包括认证报头检查单元和分组数据处理单元。 认证报头检查部基于接收的用户的上下文信息和密钥生成认证报头,将生成的认证报头与从远程用户终端接收到的分组数据的认证报头进行比较,并输出比较结果。 分组数据处理单元基于认证报头检查单元的比较结果,从云服务网络的云服务器执行分组数据的传输,调制和丢弃之一。
-
-
-
Search Results
4
records
(took 0.02 seconds)
