公开(公告)号：US07849187B2

公开(公告)日：2010-12-07

申请号：US11527850

申请日：2006-09-26

申请人： Beom Hwan Chang ,  Jung Chan Na ,  Geon Lyang Kim ,  Dong Young Kim ,  Jin Oh Kim ,  Hyun Joo Kim ,  Hyo Chan Bang ,  Soo Hyung Lee ,  Seon Gyoung Shon ,  Jong Soo Jang ,  Sung Won Sohn

发明人： Beom Hwan Chang ,  Jung Chan Na ,  Geon Lyang Kim ,  Dong Young Kim ,  Jin Oh Kim ,  Hyun Joo Kim ,  Hyo Chan Bang ,  Soo Hyung Lee ,  Seon Gyoung Shon ,  Jong Soo Jang ,  Sung Won Sohn

IPC分类号： G06F15/16

CPC分类号： H04L43/028 ,  H04L43/062 ,  H04L43/16 ,  H04L63/1408

摘要： A network status display device using a traffic pattern map is provided. The device includes: a traffic feature extractor extracting a port number of a port having the maximum occupancy of micro-flows and macro-flows for each network address section and host address section with reference to traffic information collected by an external traffic information collector, calculating and storing an occupancy rate of the port; a traffic status display unit making a network traffic pattern map expressed by destination-source network addresses and a host traffic pattern map expressed by destination-source host addresses and displaying the port information stored in the traffic feature extractor on the network traffic pattern map and the host traffic pattern map; and a traffic anomaly determination unit determining whether a network status is abnormal with reference to the network traffic pattern map and the host traffic pattern map and detecting and reporting a harmful or abnormal traffic which causes the abnormal network status. The device can determine whether the anomaly deteriorating the network performance exists and can easily and quickly detect the harmful or abnormal traffic which causes the anomaly by the use of the port information of the port having the maximum occupancy of the micro-flows and the macro-flows for each network address section and each host address section.

摘要翻译： 提供了使用业务模式图的网络状态显示设备。 该设备包括：流量特征提取器，参考由外部交通信息收集器收集的交通信息，提取每个网络地址部分和主机地址部分具有最大占用微流量和宏流量的端口的端口号，计算 并存储所述端口的占用率; 形成由目的地源网络地址表示的网络流量模式图的流量状态显示单元和由目的地 - 源主机地址表示的主机流量模式图，并且在网络流量模式图上显示存储在流量特征提取器中的端口信息，并且 主机流量模式图; 以及流量异常判定单元，基于网络流量模式图和主机流量模式图来判断网络状态是否异常，并检测并报告导致异常网络状态的有害或异常流量。 该设备可以确定异常是否存在网络性能恶化，并可以通过使用具有微流量最大占用端口的端口信息和宏观流量来轻松快速地检测导致异常的有害或异常流量， 每个网络地址部分和每个主机地址部分的流程。

公开(公告)号：US07787394B2

公开(公告)日：2010-08-31

申请号：US11599909

申请日：2006-11-15

申请人： Beom Hwan Chang ,  Jung Chan Na ,  Geon Lyang Kim ,  Dong Young Kim ,  Jin Oh Kim ,  Hyun Joo Kim ,  Hyo Chan Bang ,  Soo Hyung Lee ,  Seon Gyoung Sohn ,  Jong Soo Jang ,  Sung Won Sohn

发明人： Beom Hwan Chang ,  Jung Chan Na ,  Geon Lyang Kim ,  Dong Young Kim ,  Jin Oh Kim ,  Hyun Joo Kim ,  Hyo Chan Bang ,  Soo Hyung Lee ,  Seon Gyoung Sohn ,  Jong Soo Jang ,  Sung Won Sohn

IPC分类号： H04L12/66 ,  G01R31/08 ,  H04W36/00

CPC分类号： H04L43/045 ,  H04L43/0817 ,  H04L43/16

摘要： A network status display device using a traffic flow-radar is provided. The network status display device includes: a traffic feature extractor calculating flow occupancy rates for total flows, micro-flows and macro-flows with respect to each of a plurality of traffic features with reference to traffic information for each traffic feature such as a network address, a port, a transmitting/receiving host address or a protocol collected by an external traffic information collector, and storing the calculation result; a traffic status display unit displaying the flow occupancy rates for each traffic feature calculated and stored in the traffic feature extractor on a radar with dots for each traffic feature; and a traffic anomaly determination unit determining whether a network status is abnormal with reference to the radar for each traffic feature, detecting and reporting the type of the abnormal network status and harmful or abnormal traffic that generates the abnormal network status, when the abnormal status occurs.

摘要翻译： 提供了使用交通流量雷达的网络状态显示装置。 网络状态显示装置包括：业务特征提取器，参考每个业务特征（例如网络地址）的业务信息来计算关于多个业务特征中的每一个的总流量，微流量和宏流量的流量占用率 ，端口，发送/接收主机地址或由外部交通信息收集器收集的协议，并存储计算结果; 交通状态显示单元，其显示针对每个交通特征点的雷达上计算并存储在交通特征提取器中的每个交通特征的流量占用率; 以及交通异常判定单元，针对每个流量特征，参照雷达确定网络状态是否异常，检测和报告异常网络状态的类型以及产生异常网络状态的有害或异常流量，当发生异常状态时 。

公开(公告)号：US07539147B2

公开(公告)日：2009-05-26

申请号：US11077638

申请日：2005-03-11

申请人： Beom Hwan Chang ,  Soo Hyung Lee ,  Jin Oh Kim ,  Jung Chan Na ,  Jong Soo Jang ,  Sung Won Sohn

发明人： Beom Hwan Chang ,  Soo Hyung Lee ,  Jin Oh Kim ,  Jung Chan Na ,  Jong Soo Jang ,  Sung Won Sohn

IPC分类号： G01R31/08

CPC分类号： H04L41/22 ,  H04L41/06 ,  H04L43/0817

摘要： Provided is an apparatus for detecting and visualizing anomalies in network traffic which includes a traffic information storing portion storing information on network traffic, a traffic state display portion presenting a status of the network traffic generated for a predetermined threshold time based on the information on network traffic on an orthogonal coordinates system in a form of a graph connecting at least one point data as a coordinate value, and a traffic anomalies determination portion determining an existence of anomalies in the network traffic based on a shape of the graph.

摘要翻译： 提供了一种用于检测和可视化网络流量异常的装置，其包括存储关于网络流量的信息的交通信息存储部分，基于关于网络流量的信息呈现针对预定阈值时间生成的网络流量的状态的交通状态显示部分 以连接至少一个点数据作为坐标值的图形的正交坐标系，以及基于图形的形状来确定网络业务中的异常的存在的业务异常确定部分。

公开(公告)号：US20050177776A1

公开(公告)日：2005-08-11

申请号：US11004850

申请日：2004-12-07

申请人： Jin-Oh Kim ,  Byung-Gu Choe ,  Yong-Seok Park

发明人： Jin-Oh Kim ,  Byung-Gu Choe ,  Yong-Seok Park

IPC分类号： G06F9/46 ,  G06F11/00

CPC分类号： G06F11/3017 ,  G06F11/0715 ,  G06F11/302 ,  G06F11/3055

摘要： The apparatus and method for monitoring the software module state of the embedded multitasking operating system in a system using the embedded multitasking operating system according to the invention sequentially records the state information of the software modules in the state recording range of the hardware logic, sequentially reads the state information of the software modules from the state recording range, and displays the state information so that the user can easily recognize the same. As a result, the state information of the software modules can be monitored and inspected independent from the operation of the software modules of the operating system, and thus the state of the software modules or the operating system can be inspected in any exceptional software-associated situations.

摘要翻译： 在使用根据本发明的嵌入式多任务操作系统的系统中监视嵌入式多任务操作系统的软件模块状态的装置和方法将软件模块的状态信息顺序地记录在硬件逻辑的状态记录范围内，顺序地读取 来自状态记录范围的软件模块的状态信息，并且显示状态信息，使得用户能够容易地识别它们。 因此，可以独立于操作系统的软件模块的操作来监视和检查软件模块的状态信息，因此可以在任何特殊的软件相关联的情况下检查软件模块或操作系统的状态 情况

公开(公告)号：US20050108377A1

公开(公告)日：2005-05-19

申请号：US10749502

申请日：2003-12-31

申请人： Soo-Hyung Lee ,  Beom-Hwan Chang ,  Jin-Oh Kim ,  Jung-Chan Na ,  Sung-Won Sohn ,  Chee-Hang Park

发明人： Soo-Hyung Lee ,  Beom-Hwan Chang ,  Jin-Oh Kim ,  Jung-Chan Na ,  Sung-Won Sohn ,  Chee-Hang Park

IPC分类号： H04L12/26 ,  G06F15/173 ,  H04L29/06

CPC分类号： H04L63/1408

摘要： Disclosed is a method of detecting abnormal traffic at the network level using a statistical analysis and a computer-readable recording medium for recording a program that implements the method. The method includes the steps of: a) gathering local traffic data from each network device and integrating a plurality of the local traffic data to generate traffic data in a network level; b) extracting a characteristic traffic data based on the traffic data in the network level; c) comparing the characteristic traffic data with a characteristic traffic data profile resulting from statistical computations, and determining whether there is abnormal traffic in the network; and d) updating the characteristic traffic data profile using the characteristic traffic data if there is no abnormal traffic in the network, analyzing seriousness of the abnormal traffic and monitoring the abnormal traffic if there is abnormal traffic in the network.

摘要翻译： 公开了一种使用统计分析来检测网络级的异常业务的方法，以及用于记录实现该方法的程序的计算机可读记录介质。 该方法包括以下步骤：a）从每个网络设备收集本地业务数据，并集成多个本地业务数据以在网络层面生成业务数据; b）基于网络级的业务数据提取特征话务数据; c）将所述特征话务数据与由统计计算得到的特征话务数据简档进行比较，以及确定所述网络中是否存在异常业务; 以及d）如果网络中没有异常流量，则使用特征流量数据更新特征流量数据简档，分析网络异常流量时异常流量的严重性，监控异常流量。

公开(公告)号：US07596810B2

公开(公告)日：2009-09-29

申请号：US11081682

申请日：2005-03-17

申请人： Jin Oh Kim ,  Seon Gyoung Sohn ,  Hyochan Bang ,  Soo Hyung Lee ,  Dongyoung Kim ,  Beom Hwan Chang ,  Geon Lyang Kim ,  Hyun Joo Kim ,  Jung Chan Na ,  Jong Soo Jang ,  Sung Won Sohn

发明人： Jin Oh Kim ,  Seon Gyoung Sohn ,  Hyochan Bang ,  Soo Hyung Lee ,  Dongyoung Kim ,  Beom Hwan Chang ,  Geon Lyang Kim ,  Hyun Joo Kim ,  Jung Chan Na ,  Jong Soo Jang ,  Sung Won Sohn

IPC分类号： G08B23/00 ,  G06F15/173

CPC分类号： H04L63/1416 ,  G06F21/552 ,  G06F21/85 ,  H04L63/1441

摘要： Provided is an apparatus for detecting a network attack situation. The apparatus includes an alarm receiver receiving a plurality of alarms raised in a network to which the alarm receiver is connected, converting the alarms into predetermined alarm data, and outputting the alarm data; an alarm processor analyzing an attack situation in the network based on attributes of the alarm data and a number of times that the alarm data is generated; a memory storing basic data needed to analyze the state of the network and providing the basic data to the alarm processor; and an interface transmitting the result of the analysis by the alarm processor to an external device, receiving a predetermined critical value from the external device, which is a basis for determining the occurrence of the attack situation, and outputting the critical value to the alarm processor such that the alarm processor can store the critical value in the memory. Equal numbers of hash engines and detection engines for processing the alarms in the network to the number of data groups classified as network attack situations are formed in a line. Therefore, a network attack situation can be detected in real time based on a great number of alarms indicating intrusion detection.

摘要翻译： 提供了一种用于检测网络攻击情况的装置。 该装置包括接收在连接有报警接收器的网络中升起的多个报警的报警接收机，将报警转换成预定报警数据，并输出报警数据; 报警处理器根据报警数据的属性和产生报警数据的次数分析网络中的攻击情况; 存储器，用于存储分析网络状态并将基本数据提供给报警处理器所需的基本数据; 以及将所述报警处理器的分析结果发送到外部设备的接口，从外部设备接收预定的临界值，所述临时值是用于确定所述攻击情况的发生的基础，并且将所述临界值输出到所述报警处理器 使得报警处理器可以将临界值存储在存储器中。 在网络中形成等同数量的散列引擎和检测引擎，用于将网络中的警报处理为分类为网络攻击情况的数据组的数量。 因此，可以基于大量表示入侵检测的告警来实时检测网络攻击情况。

公开(公告)号：US11992568B2

公开(公告)日：2024-05-28

申请号：US16978528

申请日：2020-05-13

申请人： Jin Oh Kim

发明人： Jin Oh Kim

IPC分类号： A61L2/14 ,  A61L2/10 ,  A61L2/24 ,  B64F1/36

CPC分类号： A61L2/14 ,  A61L2/10 ,  A61L2/24 ,  B64F1/368 ,  A61L2202/23

摘要： Disclosed are a sterilization apparatus for sterilizing an object using plasma and ultraviolet light and a sterilization system for an airport including the same. The sterilization apparatus includes a first sterilizer configured to radiate plasma rays toward a sterilization space, a second sterilizer configured to radiate ultraviolet light toward the sterilization space, a sensing unit configured to sense whether an object is placed in the sterilization space, and a controller configured to control an operation of the second sterilizer based on information sensed by the sensing unit.

公开(公告)号：US20090094699A1

公开(公告)日：2009-04-09

申请号：US12275906

申请日：2008-11-21

申请人： Jin Oh KIM ,  Seon Gyoung Sohn ,  Hyochan Bang ,  Soo Hyung Lee ,  Dongyoung Kim ,  Beom Hwan Chang ,  Geon Lyang Kim ,  Hyun Joo Kim ,  Jung Chan Na ,  Jong Soo Jang ,  Sung Won Sohn

发明人： Jin Oh KIM ,  Seon Gyoung Sohn ,  Hyochan Bang ,  Soo Hyung Lee ,  Dongyoung Kim ,  Beom Hwan Chang ,  Geon Lyang Kim ,  Hyun Joo Kim ,  Jung Chan Na ,  Jong Soo Jang ,  Sung Won Sohn

IPC分类号： G06F15/18 ,  G08B23/00

CPC分类号： H04L63/1416 ,  G06F21/552 ,  G06F21/85 ,  H04L63/1441

摘要： Provided is an apparatus for detecting a network attack situation. The apparatus includes an alarm receiver receiving a plurality of alarms raised in a network to which the alarm receiver is connected, converting the alarms into predetermined alarm data, and outputting the alarm data; an alarm processor analyzing an attack situation in the network based on attributes of the alarm data and a number of times that the alarm data is generated; a memory storing basic data needed to analyze the state of the network and providing the basic data to the alarm processor; and an interface transmitting the result of the analysis by the alarm processor to an external device, receiving a predetermined critical value from the external device, which is a basis for determining the occurrence of the attack situation, and outputting the critical value to the alarm processor such that the alarm processor can store the critical value in the memory. Equal numbers of hash engines and detection engines for processing the alarms in the network to the number of data groups classified as network attack situations are formed in a line. Therefore, a network attack situation can be detected in real time based on a great number of alarms indicating intrusion detection.

摘要翻译： 提供了一种用于检测网络攻击情况的装置。 该装置包括接收在连接有报警接收器的网络中升起的多个报警的报警接收机，将报警转换成预定报警数据，并输出报警数据; 报警处理器根据报警数据的属性和产生报警数据的次数分析网络中的攻击情况; 存储器，用于存储分析网络状态并将基本数据提供给报警处理器所需的基本数据; 以及将所述报警处理器的分析结果发送到外部设备的接口，从外部设备接收预定的临界值，所述临时值是用于确定所述攻击情况的发生的基础，并且将所述临界值输出到所述报警处理器 使得报警处理器可以将临界值存储在存储器中。 在网络中形成等同数量的散列引擎和检测引擎，用于将网络中的警报处理为分类为网络攻击情况的数据组的数量。 因此，可以基于大量表示入侵检测的告警来实时检测网络攻击情况。

公开(公告)号：US20230100199A1

公开(公告)日：2023-03-30

申请号：US16978528

申请日：2020-05-13

申请人： Jin Oh Kim

发明人： Jin Oh Kim

IPC分类号： A61L2/14 ,  A61L2/10 ,  A61L2/24 ,  B64F1/36

摘要： Disclosed are a sterilization apparatus for sterilizing an object using plasma and ultraviolet light and a sterilization system for an airport including the same. The sterilization apparatus includes a first sterilizer configured to radiate plasma rays toward a sterilization space, a second sterilizer configured to radiate ultraviolet light toward the sterilization space, a sensing unit configured to sense whether an object is placed in the sterilization space, and a controller configured to control an operation of the second sterilizer based on information sensed by the sensing unit.