-
11.发明申请公开(公告)号:US20170244714A1
公开(公告)日:2017-08-24
申请号:US15213556
申请日:2016-07-19
Inventor: Taeho NAM , Seung-hun HAN , Jung-hwan KANG , Wook SHIN , HyoungChun KIM , ByungJoon KIM , Sung-Jin KIM
CPC classification number: H04L63/101 , G06F17/30867 , G06F21/55 , H04L63/08 , H04L63/105 , H04L63/168
Abstract: A method for providing a browser using browser processes separated based on access privileges and an apparatus using the method. The method includes acquiring a first address corresponding to a first webpage; acquiring a first set of terminal access privileges based on the first address from a privilege control list and executing a first browser process corresponding to the first set of terminal access privileges; determining whether to allow rendering by comparing the first set of terminal access privileges with a second set of terminal access privileges corresponding to a second webpage when the first browser process attempts to render the second webpage; and if the rendering is not allowed, blocking the first browser process from rendering and rendering the second webpage by executing a second browser process corresponding to the second set of terminal access privileges.
-
12.发明申请公开(公告)号:US20150326611A1
公开(公告)日:2015-11-12
申请号:US14474242
申请日:2014-09-01
Inventor: ChulWoo LEE , ByungJoon KIM , Sung-Jin KIM , HyoungChun KIM
IPC: H04L29/06
CPC classification number: H04L63/0218 , H04L12/22 , H04L41/046 , H04L63/20
Abstract: The security control apparatus includes a network control unit for receiving a security protocol-based packet that includes a protocol control header and data and that is transmitted between a cloud-based virtual desktop interaction remote agent unit and a virtual machine of a cloud-based virtual desktop interaction device, and blocking network traffic between cloud-based virtual desktop interaction remote agent unit and the virtual machine, depending on received results of checking. A policy checking unit checks whether information extracted from the security protocol-based packet is compliant with control policies, and transmits results of checking to the network control unit. If the information is not compliant with the control policies, a security solution interaction unit transmits the extracted information to an external security solution, and transmits results of checking by a corresponding security solution to the network control unit.
Abstract translation: 安全控制装置包括网络控制单元,用于接收基于安全协议的分组,该分组包括协议控制头部和数据,并且在基于云的虚拟桌面交互远程代理单元与基于云的虚拟的虚拟机 桌面交互设备,以及根据接收到的检查结果阻止基于云的虚拟桌面交互远程代理单元与虚拟机之间的网络流量。 策略检查单元检查从基于安全协议的分组提取的信息是否符合控制策略,并将检查结果发送到网络控制单元。 如果信息不符合控制策略,则安全解决方案交互单元将提取的信息发送到外部安全解决方案,并将相应的安全解决方案的检查结果发送到网络控制单元。
-
13.发明申请APPARATUS AND METHOD FOR DETECTING HTTP BOTNET BASED ON DENSITIES OF WEB TRANSACTIONS 审中-公开基于WEB交易密码检测HTTP BOTNET的装置和方法公开(公告)号:US20140047543A1
公开(公告)日:2014-02-13
申请号:US13958552
申请日:2013-08-03
Inventor: Sung-Jin KIM , Jong-Moon LEE , Byung-Chul BAE , Hyung-Geun OH , Ki-Wook SOHN
IPC: H04L29/06
CPC classification number: H04L63/1441 , H04L2463/144
Abstract: An apparatus and method for detecting a Hyper Text Transfer Protocol (HTTP) botnet based on the densities of transactions. The apparatus includes a collection management unit, a web transaction classification unit, and a filtering unit. The collection management unit extracts metadata from HTTP request packets collected by a traffic collection sensor. The web transaction classification unit extracts web transactions by analyzing the metadata, and generates a gray list by arranging the extracted web transactions according to the frequency of access. The filtering unit detects an HTTP botnet by filtering the gray list based on a white list and a black list.
Abstract translation: 一种基于事务密度检测超文本传输协议(HTTP)僵尸网络的装置和方法。 该装置包括收集管理单元,网络交易分类单元和过滤单元。 收集管理单元从由流量采集传感器收集的HTTP请求数据包中提取元数据。 Web事务分类单元通过分析元数据来提取Web事务,并且通过根据访问频率排列提取的Web事务来生成灰色列表。 过滤单元通过基于白名单和黑名单过滤灰名单来检测HTTP僵尸网络。
-
公开(公告)号:US20210306304A1
公开(公告)日:2021-09-30
申请号:US16933427
申请日:2020-07-20
Inventor: Woomin HWANG , Chulwoo LEE , Sung-Jin KIM , Hyunyi YI , Byungjoon KIM
Abstract: A method and apparatus for distributing confidential execution software. The method includes loading a payload into memory in a confidential execution region, checking a vulnerability related to the payload, generating bridge code for calling a function that is not present in the payload, among functions used in the payload, generating confidential execution code for generating a confidential execution region in a target cloud node having privileges to execute the payload, encrypting the payload, and distributing the confidential execution code and the encrypted payload.
-
Patent Agency Ranking
公开(公告)号:US20190044946A1
公开(公告)日:2019-02-07
申请号:US15938003
申请日:2018-03-28
Inventor: Woomin HWANG , Hyunyi YI , Sung-Jin KIM , Seong-Joong KIM , Chulwoo LEE , Byung-Joon KIM , Hyoung-Chun KIM
Abstract: An apparatus for monitoring file access in a virtual machine in a cloud-computing system based on a virtualized environment includes a hypervisor for implementing at least one virtual machine and managing the virtual machine by monitoring a task in which a the virtual machine accesses a file loaded from storage to memory, the storage storing data including environment information of the virtual machine.
-
16.发明申请公开(公告)号:US20190012194A1
公开(公告)日:2019-01-10
申请号:US15975932
申请日:2018-05-10
Inventor: Hyunyi YI , Sung-Jin KIM , Woomin HWANG , Seong-Joong KIM , Chulwoo LEE , Byung-Joon KIM , Hyoung-Chun KIM
Abstract: An apparatus and method for storing an audit trail in response to execution of a virtual-machine process. The method for storing an audit trail, performed by the apparatus for storing an audit trail in response to execution of a virtual-machine process, includes detecting execution of a process inside a virtual machine, determining whether the executed process is a monitoring target process and determining a type of the process, activating one or more monitoring events for monitoring at least one of an upload, a download and a drop by the process based on a result of the determination, and storing information about occurrence of the activated monitoring event as an audit trail.
-
公开(公告)号:US20180246710A1
公开(公告)日:2018-08-30
申请号:US15656206
申请日:2017-07-21
Inventor: Sung-Jin KIM , Woomin HWANG , Byung-Joon KIM , Hyun-Yi YI , Chul-Woo LEE , Hyoung-Chun KIM
CPC classification number: G06F8/65 , G06F9/4406 , G06F9/45558 , G06F2009/45591
Abstract: A software update apparatus and method in a virtualized environment. The software update method performed by a software update apparatus in a virtualized environment includes monitoring an operation that is invoked when software is updated in a guest operating system area, creating a software profile by analyzing results of the monitoring, mounting a virtual disk image for a target virtual machine in a target directory in a virtual machine monitor area, and incorporating update information of at least one of a file and a registry that are specified in the software profile into the target directory in which the virtual disk image is mounted.
-
公开(公告)号:US20170103202A1
公开(公告)日:2017-04-13
申请号:US15274126
申请日:2016-09-23
Inventor: Sung-Jin KIM , Woomin HWANG , ByungJoon KIM , ChulWoo LEE , HyoungChun KIM
CPC classification number: G06F21/566 , G06F9/45558 , G06F21/564 , G06F2009/45587
Abstract: An apparatus and method for monitoring a virtual machine based on a hypervisor. The method for monitoring a virtual machine based on a hypervisor includes monitoring an attempt to access an executable file located in a virtual machine, when the attempt to access the executable file is detected, extracting a system call transfer factor, input through a task that attempted to make access, acquiring, based on the system call transfer factor, an execution path corresponding to the executable file and a reference path corresponding to a reference file that is executed together with the executable file, and checking based on the execution path and the reference path whether any of the executable file and the reference file is malicious, and collecting a file in which malicious code is present when the malicious code is present in any of the executable file and the reference file.
-
19.发明申请公开(公告)号:US20160065595A1
公开(公告)日:2016-03-03
申请号:US14791929
申请日:2015-07-06
Inventor: Sung-Jin KIM , ByungJoon KIM , HyoungChun KIM
CPC classification number: H04L63/1416 , H04L29/06877 , H04L29/06884 , H04L63/101
Abstract: An apparatus and method for performing a real-time network antivirus function, which can perform, at high speed, real-time antivirus scanning on a transmission file in a network to be protected and blocking of a malicious file. The apparatus includes a packet processing unit for parsing input packets and outputting a transmission data stream, a packet-based checksum calculation unit for calculating a checksum of the transmission data stream for each packet, and outputting a signature included in the transmission data stream when a last packet of the transmission data stream is input, a virus scanning unit for performing virus scanning based on the signature, a detection and blocking unit for blocking each input packet or transmitting it to a destination, based on result of the virus scanning unit, and a caching unit for updating a blacklist, based on result of the detection and blocking unit.
Abstract translation: 一种用于执行实时网络防病毒功能的装置和方法,其可以高速地执行要保护的网络中的传输文件的实时防病毒扫描和阻止恶意文件。 该装置包括用于解析输入分组并输出传输数据流的分组处理单元,用于计算每个分组的传输数据流的校验和的基于分组的校验和计算单元,以及当发送数据流中包含的签名时 输入传输数据流的最后一个分组,用于基于该签名执行病毒扫描的病毒扫描单元,用于阻止每个输入分组或将其发送到目的地的检测和阻断单元,基于病毒扫描单元的结果,以及 基于检测和阻塞单元的结果来更新黑名单的高速缓存单元。
-
-
-
-
-
-
-
-
Search Results
19
records
(took 0.02 seconds)
