公开(公告)号：US20150089655A1

公开(公告)日：2015-03-26

申请号：US14492177

申请日：2014-09-22

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Young Han CHOI ,  Haksoo KIM ,  Deokjin KIM ,  JungMin KANG ,  HyungGeun OH ,  Kiwook SOHN

IPC: H04L29/06 ,  G06F21/56

CPC classification number: H04L63/145 ,  G06F21/566 ,  H04L63/1425

Abstract: A system and method for detecting malware based on a virtual host are provided. The system for detecting malware based on a virtual host includes a terminal network behavior analysis server and a virtual host. The terminal network behavior analysis server extracts network behavior information by monitoring the network behavior of an actual host, and outputs the extracted the network behavior information. The virtual host detects malware corresponding to abnormal behavior in the actual host, by receiving the network behavior information and then performing corresponding behavior.

Abstract translation: 提供了一种基于虚拟主机来检测恶意软件的系统和方法。 用于基于虚拟主机检测恶意软件的系统包括终端网络行为分析服务器和虚拟主机。 终端网络行为分析服务器通过监控实际主机的网络行为来提取网络行为信息，并输出提取的网络行为信息。 虚拟主机通过接收网络行为信息，然后执行相应的行为来检测与实际主机异常行为相对应的恶意软件。

公开(公告)号：US20140109105A1

公开(公告)日：2014-04-17

申请号：US14053655

申请日：2013-10-15

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Junghee LEE ,  Sungryoul LEE ,  Deokjin KIM ,  Young Han CHOI ,  Byungchul BAE ,  HyungGeun OH ,  Kiwook SOHN ,  KyoungSoo PARK ,  Yung YI ,  Jihyung LEE ,  Sangwoo MOON

IPC: G06F9/50

CPC classification number: G06F9/505 ,  G06F9/5027 ,  G06F21/554 ,  G06F21/85 ,  H04L63/1416

Abstract: An intrusion detection apparatus and method using a load balancer responsive to traffic conditions between a central processing unit (CPU) and a graphics processing unit (GPU) are provided. The intrusion detection apparatus includes a packet acquisition unit, a character string check task allocation unit, a CPU character string check unit, and a GPU character string check unit. The packet acquisition unit receives packets, and stores the packets in a single task queue. The character string check task allocation unit determines the number of packets in the packet acquisition unit, and allocates character string check tasks to the CPU or the GPU. The CPU character string check unit compares the character strings of the packets with a character string defined in at least one detection rule inside the CPU. The GPU character string check unit compares the character strings of the packets with the character string inside the GPU.

Abstract translation: 提供了一种响应于中央处理单元（CPU）和图形处理单元（GPU）之间的交通状况的负载平衡器的入侵检测装置和方法。 入侵检测装置包括分组获取单元，字符串检查任务分配单元，CPU字符串检查单元和GPU字符串检查单元。 分组获取单元接收分组，并将分组存储在单个任务队列中。 字符串检查任务分配单元确定分组获取单元中的分组数量，并将字符串检查任务分配给CPU或GPU。 CPU字符串检查单元将分组的字符串与在CPU内的至少一个检测规则中定义的字符串进行比较。 GPU字符串检查单元将数据包的字符串与GPU内的字符串进行比较。