公开(公告)号：US20150365378A1

公开(公告)日：2015-12-17

申请号：US14726496

申请日：2015-05-30

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Dongwook KIM ,  Byunggil MIN ,  Yeop JANG ,  Woonyon KIM ,  Jungtaek SEO

IPC: H04L29/06 ,  H04L12/823 ,  H04L29/08 ,  H04L29/12

CPC classification number: H04L63/0245 ,  H04L47/193 ,  H04L47/323 ,  H04L61/6022 ,  H04L61/6063 ,  H04L63/0209 ,  H04L63/0281 ,  H04L63/101 ,  H04L63/105 ,  H04L63/1408 ,  H04L67/14 ,  H04L69/163

Abstract: A one-way data transmission and reception system and method, which mitigate the problem of a buffer overflow that may occur on a reception system while also mitigating the problem of data loss caused by a link error that may occur in the unidirectional line of a physical one-way data transmission system. The one-way data transmission system includes a first interface unit connected to a first network. A second interface unit is unidirectionally connected to a reception system connected to a second network. An interface integration module unit transmits a delayed Transmission Control Protocol (TCP) Acknowledgement (ACK) frame to a TCP session established with a device of the first network unit through the first interface unit, and transmits one or more identical data frames to the reception system through the second interface unit.

Abstract translation: 一种单向数据发送和接收系统和方法，其减轻可能在接收系统上发生的缓冲器溢出的问题，同时还减轻了可能在物理的单向线路中发生的链路错误引起的数据丢失的问题 单向数据传输系统。 单向数据传输系统包括连接到第一网络的第一接口单元。 第二接口单元被单向连接到连接到第二网络的接收系统。 接口集成模块单元通过第一接口单元向与第一网络单元的设备建立的TCP会话发送延迟的传输控制协议（TCP）确认（ACK）帧，并且向接收系统发送一个或多个相同的数据帧 通过第二接口单元。

公开(公告)号：US20150350889A1

公开(公告)日：2015-12-03

申请号：US14475725

申请日：2014-09-03

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Sungho JEON ,  Jeong-Han YUN ,  Woonyon KIM ,  Jungtaek SEO ,  Eung Ki PARK

IPC: H04W12/02

CPC classification number: H04W12/02 ,  H04L63/04 ,  H04L63/1491 ,  H04W12/1208

Abstract: A method for transmitting and receiving fake communication data and a base station performing the same are provided. The base station transmits the fake communication data based on a step of selecting targets to and from which the fake communication data are to be transmitted and received among terminals positioned in a set region, a step of controlling a communication amount depending on the selected targets, and a step of transferring the fake communication data to a corresponding terminal depending on a control result or receives the fake communication data through a step of receiving data from a terminal including a fake communication application, a step of confirming whether an identification value meaning fake communication is present in the data, and a step of filtering a traffic with the terminal in the case in which the identification value is present in the data.

Abstract translation: 提供了一种用于发送和接收假通信数据的方法以及执行该通信数据的基站。 基站基于在位于设定区域的终端中选择要发送和接收假通信数据的目标的步骤来发送假通信数据，根据所选择的目标来控制通信量的步骤， 以及根据控制结果将假通信数据传送到对应终端的步骤，或者通过从包括假通信应用的终端接收数据的步骤接收假通信数据的步骤，确认是否有意图假通信的识别值 存在于数据中，并且在数据中存在识别值的情况下，与终端进行流量过滤的步骤。

公开(公告)号：US20150261810A1

公开(公告)日：2015-09-17

申请号：US14561783

申请日：2014-12-05

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Kyoung-Ho KIM ,  Jeong-Han YUN ,  Heemin KIM ,  Woonyon KIM ,  Jungtaek SEO ,  Eung Ki PARK

IPC: G06F17/30 ,  G06F21/62

CPC classification number: G06F21/6218 ,  H04L63/10 ,  H04L63/12

Abstract: A data transfer apparatus and method, which fundamentally prevent the possibility of intrusion from an external network into an internal network that provides files, thus enabling data to be reliability transferred in a situation in which information cannot be exchanged. The data transfer apparatus includes an internal network connection unit for receiving data from a host of an internal network. An internal network control unit for performing control such that the data is unidirectionally transmitted. A write control unit checks integrity of the data received from the internal network control unit and detects status of the storage unit. An external network connection unit receives a request from a host of an external network. A read/write control unit searches for, reads, and deletes data stored in the storage unit at a request of the external network host.

Abstract translation: 一种从根本上防止从外部网络入侵提供文件的内部网络的可能性的数据传送装置和方法，从而使得在不能交换信息的情况下使数据可靠地传送。 数据传送装置包括用于从内部网络的主机接收数据的内部网络连接单元。 一个内部网络控制单元，用于执行控制使得数据被单向发送。 写入控制单元检查从内部网络控制单元接收到的数据的完整性并检测存储单元的状态。 外部网络连接单元从外部网络的主机接收请求。 读/写控制单元根据外部网络主机的请求搜索，读取和删除存储在存储单元中的数据。

公开(公告)号：US20150067764A1

公开(公告)日：2015-03-05

申请号：US14330141

申请日：2014-07-14

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Heemin KIM ,  Jeong-Han YUN ,  Kyoung-Ho KIM ,  Woonyon KIM ,  Jungtaek SEO ,  Chun soo KIM

IPC: H04L29/06

CPC classification number: H04L63/0227 ,  H04L63/101

Abstract: A whitelist-based network switch defines a whitelist and a handling rule based on an access control list, security policies, etc., and monitors and blocks network traffic based on the whitelist and the handling rule. The whitelist-based network switch includes a whitelist monitoring unit for storing a whitelist including permitted communication rules, monitoring one or more packets input through a plurality of switch interfaces based on the whitelist, and permitting communication of each packet conforming to the whitelist, and a whitelist management unit for updating the whitelist and transmitting an updated whitelist to the whitelist monitoring unit.

Abstract translation: 基于白名单的网络交换机基于访问控制列表，安全策略等定义白名单和处理规则，并且基于白名单和处理规则来监视和阻止网络流量。 基于白名单的网络交换机包括白名单监视单元，用于存储包括允许的通信规则的白名单，基于白名单监视通过多个交换机接口输入的一个或多个分组，并且允许符合白名单的每个分组的通信，以及 白名单管理单元，用于更新白名单并将更新的白名单发送到白名单监视单元。