-
1.发明申请METHOD AND SYSTEM FOR NETWORK CONNECTION CHAIN TRACEBACK USING NETWORK FLOW DATA 有权使用网络流量数据的网络连接链路跟踪的方法和系统公开(公告)号:US20150256555A1
公开(公告)日:2015-09-10
申请号:US14635962
申请日:2015-03-02
Inventor: Yang Seo CHOI , Ik Kyun KIM , Min Ho HAN , Jung Tae KIM , Jong Hyun KIM
IPC: H04L29/06
CPC classification number: H04L63/1441 , H04L63/1416 , H04L63/1425
Abstract: Disclosed are provided a method and a system for network connection chain traceback by using network flow data in order to trace an attack source site for cyber hacking attacks that goes by way of various sites without addition of new equipment of a network or modification a standard protocol when the cyber hacking attack occurs in the Internet and an internal network.
Abstract translation: 提供了一种通过使用网络流数据来网络连接链追溯的方法和系统,以便跟踪通过各种站点进行的网络黑客攻击的攻击源站点,而不添加网络的新设备或修改标准协议 当网络黑客攻击发生在互联网和内部网络时。
-
公开(公告)号:US20190327164A1
公开(公告)日:2019-10-24
申请号:US16206662
申请日:2018-11-30
Inventor: Jung Tae KIM , Youngsoo KIM , Jonghyun KIM , Hyun Joo KIM , Jong Geun PARK , Sang-Min LEE , Jong-Hoon LEE , Sunoh CHOI
IPC: H04L12/26
Abstract: A method, an apparatus, and a system for analyzing traffic through obtaining flow data of a flow from a switch or a router of a network, calculating an average byte per packet rate (BPR) and a TCP flag ratio (TCPFR) for all flows included in a session including the flow using the flow data, and comparing the average BPR and the TCPFR with an average BPR and a TCPFR of previously-known traffic and determining whether the traffic including the flow is normal traffic or abnormal traffic based on the comparison result are provided.
-
公开(公告)号:US20140129636A1
公开(公告)日:2014-05-08
申请号:US14024792
申请日:2013-09-12
Inventor: Jong-Hoon LEE , Hoon Ki LEE , Jung Tae KIM , Jongyoul PARK
IPC: H04L29/06
Abstract: A visualizing apparatus of social network elements collects social network relationship information, community information, and content information of a user, generates relationship data between the user, the contents, and the community using the collected information, and visualizes an association relationship between the user, the contents, and the community using the relationship data between the user, the contents, and the community.
Abstract translation: 社交网络元素的可视化装置收集用户的社交网络关系信息,社区信息和内容信息,使用收集到的信息生成用户,内容和社区之间的关系数据,并且可视化用户, 内容和社区使用用户,内容和社区之间的关系数据。
-
Patent Agency Ranking
公开(公告)号:US20230161879A1
公开(公告)日:2023-05-25
申请号:US18056141
申请日:2022-11-16
Inventor: Ki Jong KOO , Jung Tae KIM , Jong Hyun KIM , Dae Sung MOON , Sang Min LEE , Ik Kyun KIM , Ji Hyeon SONG
IPC: G06F21/55
CPC classification number: G06F21/554 , G06F2221/034
Abstract: Disclosed herein a method and apparatus for detecting a malicious code based on an assembly language model. According to an embodiment of the present disclosure, there is provided a method for detecting a malicious code. The method comprising: generating an instruction code sequence by converting an input file, for which a malicious code is to be detected, into an assembly code; embedding the instruction code sequence by using a prelearned assembly language model for instruction code embedding and outputting an embedding result of the instruction code sequence; and detecting whether or not the input file is a malicious code, by using a prelearned malicious code classification model with the embedding result as an input.
-
公开(公告)号:US20190394215A1
公开(公告)日:2019-12-26
申请号:US16202869
申请日:2018-11-28
Inventor: Jong-Hoon LEE , Youngsoo KIM , Ik Kyun KIM , Jung Tae KIM , Jonghyun KIM , Hyun Joo KIM , Jong Geun PARK , Sang-Min LEE , Sunoh CHOI
Abstract: A method and a computation apparatus detecting cyber threats using a neural network through steps of: generating a learning model by performing machine learning on training data based on baseline data, converting a security event collected in real time into input data for the neural network, and determining, as an output corresponding to the input data based on the learning model, whether the security event is normal or threat are provided.
-
6.发明申请公开(公告)号:US20170257386A1
公开(公告)日:2017-09-07
申请号:US15251134
申请日:2016-08-30
Inventor: Jung Tae KIM , Koo Hong KANG , Ik Kyun KIM
IPC: H04L29/06
CPC classification number: H04L63/1425 , H04L63/1458
Abstract: Disclosed is an apparatus of detecting a distributed reflection denial of service attack, including: a monitoring unit obtaining flow information including an IP and a port number of a source, an IP and a port number of a destination of data, and the number and the sizes of packets; a memory unit storing a flow table in which the flow information of the data, the packet number and the packet size are input; and a control unit detecting the DRDoS attack by using at least one of the number and the size of packets of the first entry and the flow information of the first entry.
-
7.发明申请公开(公告)号:US20170134413A1
公开(公告)日:2017-05-11
申请号:US15345354
申请日:2016-11-07
Inventor: Jung Tae KIM , Koo Hong KANG , Ik Kyun KIM
CPC classification number: H04L63/1425 , H04L43/026 , H04L43/04 , H04L43/10 , H04L2463/146
Abstract: The method for tracking a cyber hacking is provided. The method of connection fingerprint generation and stepping-stone traceback based on NetFlow includes receiving a traceback request including IP packet attribute information of a victim and an attacker which corresponds to a target connection that is the last connection on a connection chain, generating a fingerprint for an associated connection based on the IP packet attribute information and requesting a NetFlow collector for relevant information, detecting a stepping-stone connection to the target connection which is generated at the time of generation of the fingerprint and instructing to check whether sorted candidate connections are present on the same connection chain as the target connection, and determining an order of the candidate connections based on an attacker host when the candidate connections are determined to be present on the same connection chain as the target connection.
-
8.发明申请SYSTEM AND METHOD FOR REAL-TIME MALWARE DETECTION BASED ON WEB BROWSER PLUGIN 有权基于WEB浏览器插件的实时恶意软件检测系统及方法公开(公告)号:US20150188936A1
公开(公告)日:2015-07-02
申请号:US14249811
申请日:2014-04-10
Inventor: Jung Tae KIM , Min Ho HAN , Jong Hoon LEE , Ik Kyun KIM , Hyun Sook CHO
IPC: H04L29/06
CPC classification number: H04L63/1416 , H04L67/2842
Abstract: According to a method and system for real-time malware detection based on web browser plugin, the method and system may connect a web server of a web site through a web browser module, execute a security module through a browser plugin of the web site, update a database for a browser cache of the web site from the web server by the security module, cache a web content of the web site from the web server, match cache data of the web content with the database, and warn about the web content if data matched with the cache data of the web content does not exist in the database.
Abstract translation: 根据基于web浏览器插件的实时恶意软件检测方法和系统,该方法和系统可以通过Web浏览器模块连接网站的Web服务器,通过网站的浏览器插件执行安全模块, 通过安全模块从Web服务器更新网站的浏览器缓存的数据库,从Web服务器缓存网站的网页内容,将网页内容的缓存数据与数据库匹配,并提醒Web内容 如果数据库中不存在与Web内容的缓存数据匹配的数据。
-
-
-
-
-
-
-
Search Results
8
records
(took 0.025 seconds)
