-
1.发明申请METHOD OF MODELING BEHAVIOR PATTERN OF INSTRUCTION SET IN N-GRAM MANNER, COMPUTING DEVICE OPERATING WITH THE METHOD, AND PROGRAM STORED IN STORAGE MEDIUM TO EXECUTE THE METHOD IN COMPUTING DEVICE 有权建立N-GRAM MANNER指令集行为模式的方法,使用方法操作的计算设备和存储介质中存储的程序来执行计算设备中的方法公开(公告)号:US20160232345A1
公开(公告)日:2016-08-11
申请号:US15017504
申请日:2016-02-05
Inventor: Dae Sung MOON , Ik Kyun KIM , Han Sung LEE
CPC classification number: G06F21/566
Abstract: A computing device configured to execute an instruction set is provided. The computing device includes a system call hooker for hooking system calls that occur by the instruction set while the instruction set is executed, a category extractor for extracting a category to which each of the hooked system calls belongs with reference to category information associated with a correspondence relationship between a system call and a category, a sequence extractor for extracting one or more behavior sequences expressed in an N-gram manner from a full sequence of the hooked system calls with reference to the extracted category, and a model generator for generating a behavior pattern model of the system calls that occur when the instruction set is executed, based on a number of times that each of the extracted behavior sequences occurs.
Abstract translation: 提供了一种被配置为执行指令集的计算设备。 计算装置包括用于在指令集执行时由指令集进行的挂钩系统调用的系统呼叫连接器,用于提取每个挂钩系统呼叫所属类别的类别提取器参考与对应关系相关联的类别信息 系统调用与类别之间的关系,序列提取器,用于从涉及所提取的类别的挂接系统调用的完整序列中提取以N-格式表示的一个或多个行为序列,以及用于生成行为的模型生成器 基于每个提取的行为序列发生的次数,执行指令集时发生的系统调用的模式模型。
-
2.发明申请公开(公告)号:US20140178030A1
公开(公告)日:2014-06-26
申请号:US13921928
申请日:2013-06-19
Inventor: Dae Sung MOON , Han Sung LEE , Jin Woo CHOI , Ki Young MOON , Jang Hee YOO
IPC: H04N5/77
CPC classification number: H04N5/772
Abstract: Disclosed is a video recording apparatus for a vehicle, which includes a camera unit formed so as to change a capturing direction; a driver's viewing direction detecting unit configured to detect a driver's viewing direction; a control unit configured to control the camera unit so that the detected viewing direction corresponds to the capturing direction; and a storing unit configured to store a video obtained by the camera unit. Therefore, a video in a direction at which the driver views is obtained and stored without mounting a plurality of cameras so that it is possible to obtain a video for a situation of an accident of a vehicle of the driver or a vehicle of another driver occurring not only in the front of the driver's vehicle but also in the side of the driver's vehicle.
Abstract translation: 公开了一种用于车辆的视频记录装置,其包括形成为改变拍摄方向的相机单元; 驱动器的观察方向检测单元,被配置为检测驾驶员的观察方向; 控制单元,被配置为控制所述相机单元,使得所检测的观看方向对应于所述拍摄方向; 以及存储单元,被配置为存储由所述相机单元获得的视频。 因此,在没有安装多个照相机的情况下获取和存储驾驶员观看的方向的视频,使得可以获得用于驾驶员的车辆的事故或另一驾驶员的车辆的事故的视频 不仅在司机的前方,而且在司机的一侧。
-
Patent Agency Ranking
3.发明申请公开(公告)号:US20170193225A1
公开(公告)日:2017-07-06
申请号:US15169259
申请日:2016-05-31
Inventor: Dae Sung MOON , Ik Kyun KIM , Yang Seo CHOI
CPC classification number: G06F21/55 , G06F21/552 , G06F2221/034 , G06N99/005
Abstract: A behavior-based malicious code detecting apparatus and method using multiple feature vectors is disclosed. A malicious code learning method may include collecting characteristic factor information when a training target process comprising a malicious code is executed, generating a feature vector for malicious code verification based on the collected characteristic factor information, learning the generated feature vector through a plurality of machine learning algorithms to generate a model of representing the malicious code and a model of representing a normal file, and storing the model of representing the malicious code and the model of representing the normal file generated through the learning.
-
公开(公告)号:US20230161879A1
公开(公告)日:2023-05-25
申请号:US18056141
申请日:2022-11-16
Inventor: Ki Jong KOO , Jung Tae KIM , Jong Hyun KIM , Dae Sung MOON , Sang Min LEE , Ik Kyun KIM , Ji Hyeon SONG
IPC: G06F21/55
CPC classification number: G06F21/554 , G06F2221/034
Abstract: Disclosed herein a method and apparatus for detecting a malicious code based on an assembly language model. According to an embodiment of the present disclosure, there is provided a method for detecting a malicious code. The method comprising: generating an instruction code sequence by converting an input file, for which a malicious code is to be detected, into an assembly code; embedding the instruction code sequence by using a prelearned assembly language model for instruction code embedding and outputting an embedding result of the instruction code sequence; and detecting whether or not the input file is a malicious code, by using a prelearned malicious code classification model with the embedding result as an input.
-
公开(公告)号:US20200099704A1
公开(公告)日:2020-03-26
申请号:US16578511
申请日:2019-09-23
Inventor: Joo Young LEE , Ki Jong KOO , Ik Kyun KIM , Dae Sung MOON , Kyung Min PARK , Samuel WOO , Ho HWANG
Abstract: Disclosed are a method and apparatus for searching for an attack path. The apparatus generates an attack graph, generates an attack graph ontology, generates a semantic attack graph by imparting semantics to the attack graph on the basis of the attack graph ontology, and searches for the attack path on the basis of the semantic attack graph.
-
公开(公告)号:US20190065776A1
公开(公告)日:2019-02-28
申请号:US16113530
申请日:2018-08-27
Inventor: Nam-Su JHO , Taek-Young YOUN , Dae Sung MOON , Ik Kyun KIM , Seung Hun JIN
IPC: G06F21/62
Abstract: In the present invention, by providing an apparatus for securing data comprising a memory for storing information for data processing, a processor configured to partition original data into a plurality of partial data and generate a plurality of divided data by randomly determining positions of each of the plurality of partial data within the original data, and a communication interface configured to transmit each of the plurality of divided data to each of a plurality of servers, respectively, if an attacker obtains a portion of the divided data, it prevents the entire original data from being restored, and the legitimate user can restore the original data accurately even if some divided data is corrupted, and provides an efficient data polymorphic dividing technique that can minimize the amount of calculation required to secure data.
-
7.发明申请SYSTEM AND METHOD FOR DETECTING INTRUSION INTELLIGENTLY BASED ON AUTOMATIC DETECTION OF NEW ATTACK TYPE AND UPDATE OF ATTACK TYPE MODEL 审中-公开基于自动检测新的攻击类型和攻击类型模型更新的智能检测智能入侵系统及方法公开(公告)号:US20160226894A1
公开(公告)日:2016-08-04
申请号:US14996505
申请日:2016-01-15
Inventor: Han Sung LEE , Ig Kyun KIM , Dae Sung MOON , Min Ho HAN
CPC classification number: H04L63/1416 , G06F21/552 , G06N20/00 , H04L63/1425
Abstract: Disclosed are a method and system, capable of performing adaptive intrusion detection proactively coping with a new type of attack unknown to the system and capable of training an intrusion type classification model by using a small volume of training data, the system including a data collector configured to collect host and network log information, an input data preprocessor configured to convert data acquired through the data collector into a feature vector, which is an input type of intelligence intrusion detection, and an intelligence intrusion detection analyzer configured to perform an intrusion detection and a model update by using the extracted feature vector, and an intrusion detection learning model configured to detect an intrusion and learn classification of the type of attack based on training data.
Abstract translation: 公开了一种方法和系统,其能够主动地执行自适应入侵检测,以处理系统未知的新型攻击,并且能够通过使用小量的训练数据来训练入侵型分类模型,所述系统包括配置的数据收集器 收集主机和网络日志信息;输入数据预处理器,被配置为将通过数据收集器获取的数据转换成作为智能入侵检测的输入类型的特征向量;以及智能入侵检测分析器,被配置为执行入侵检测和 通过使用提取的特征向量进行模型更新,以及入侵检测学习模型,其被配置为基于训练数据来检测入侵类型和学习类型的分类。
-
-
-
-
-
-
Search Results
7
records
(took 0.016 seconds)
