公开(公告)号：US20160006740A1

公开(公告)日：2016-01-07

申请号：US14693782

申请日：2015-04-22

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Jeong-Han YUN ,  Heemin KIM ,  Kyoung-Ho KIM ,  Woonyon KIM ,  Jungtaek SEO ,  Eung Ki PARK

IPC: H04L29/06 ,  H04L29/12

CPC classification number: H04L63/101 ,  H04L61/6022 ,  H04L63/0236 ,  H04L63/162

Abstract: A method and system for extracting an access control list having a predetermined format from packets collected for a predetermined period of time, without requiring TCP flag information. By an information collection unit, network packets and network traffic logs are collected. By the information collection unit, a network traffic log including Media Access Control (MAC), Internet Protocol (IP), and port information is extracted from each network packet. By an information analysis unit, an access control list is generated based on the network traffic log.

Abstract translation: 一种用于从预定时间段内收集的分组提取具有预定格式的访问控制列表的方法和系统，而不需要TCP标志信息。 通过信息采集单元收集网络报文和网络流量日志。 通过信息收集单元，从每个网络包中提取包括媒体访问控制（MAC），因特网协议（IP）和端口信息的网络流量日志。 通过信息分析单元，基于网络流量日志生成访问控制列表。

公开(公告)号：US20150304839A1

公开(公告)日：2015-10-22

申请号：US14474250

申请日：2014-09-01

Applicant: Electronics and Telecommunications Research Institute

Inventor： Sungho JEON ,  Jeong-Han YUN ,  Woonyon KIM ,  Jungtaek SEO ,  Eung Ki PARK

IPC: H04W12/02 ,  G06Q50/26 ,  H04W4/16 ,  H04M1/68

CPC classification number: H04W12/02 ,  G06Q50/265 ,  H04K3/65 ,  H04K3/825 ,  H04K2203/16 ,  H04K2203/18 ,  H04L63/04 ,  H04L63/1475 ,  H04M1/68 ,  H04W4/16

Abstract: A technology for preventing leakage of personal information from traffics of terminals by transmitting and receiving fake communication data artificially generated so that an attacker does not identify normal communication between terminals is provided. A method for transmitting fake communication data includes: making a response request to whether or not a fake communication application is presented in an opponent terminal using an address book registered in a terminal; receiving a response corresponding to the response request and selecting targets to and from which the fake communication data are to be transmitted and received in a terminal list corresponding to the received response; controlling a communication amount depending on the selected targets; and transmitting the fake communication data to a corresponding receiving terminal depending on a control result.

Abstract translation: 提供一种用于通过发送和接收伪造的通信数据来防止个人信息从终端的流量泄漏的技术，从而使攻击者不识别终端之间的正常通信。 用于发送假通信数据的方法包括：使用登记在终端中的地址簿对对手终端中是否呈现假通信应用做出响应请求; 接收对应于所述响应请求的响应，并且在对应于接收到的响应的终端列表中选择要发送和接收假通信数据的目标; 根据所选择的目标控制通信量; 以及根据控制结果将假通信数据发送到对应的接收终端。

公开(公告)号：US20150109936A1

公开(公告)日：2015-04-23

申请号：US14289803

申请日：2014-05-29

Applicant: Electronics and Telecommunications Research Institute

Inventor： Heemin KIM ,  Jeong-Han YUN ,  Kyoung-Ho KIM ,  Woonyon KIM ,  Jungtaek SEO ,  Eungki PARK

IPC: H04L12/26 ,  H04L12/947

CPC classification number: H04L49/25 ,  H04L43/022 ,  H04L43/026 ,  H04L43/028 ,  H04L43/14 ,  H04L63/1408

Abstract: The present invention presents a network apparatus and a selective information monitoring method using the network apparatus, which allow a user to monitor only required information (the field information of packets) from all received packets. The network apparatus one or more physical interfaces connected to a monitoring target host and configured to receive network packets from the monitoring target host, and a switch fabric module including a configurable monitoring module configured to perform filtering so that selective information is extracted from the network packets collected through the one or more physical interfaces.

Abstract translation: 本发明提出一种使用该网络装置的网络装置和选择性信息监视方法，其允许用户仅从所有接收到的分组监视所需信息（分组的字段信息）。 所述网络装置与监控对象主机连接并被配置为从所述监视目标主机接收网络分组的一个或多个物理接口，以及包括配置为执行过滤的可配置监视模块的交换结构模块，从而从所述网络分组中提取出选择性信息 通过一个或多个物理接口收集。

公开(公告)号：US20150343967A1

公开(公告)日：2015-12-03

申请号：US14475631

申请日：2014-09-03

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Sungho JEON ,  Jeong-Han YUN ,  Woonyon KIM ,  Jungtaek SEO ,  Eung Ki PARK

IPC: B60R16/023 ,  H04L29/06

CPC classification number: B60R16/023 ,  B60R25/00 ,  B60R25/30 ,  H04L9/3228 ,  H04L12/6418 ,  H04L63/04 ,  H04L63/067 ,  H04L63/0838 ,  H04L63/1475 ,  H04L63/1491 ,  H04L67/12 ,  H04L2012/40215 ,  H04L2012/40273 ,  H04L2209/84 ,  H04W4/046 ,  H04W4/48 ,  H04W12/02 ,  H04W12/12

Abstract: An apparatus and method for preventing the leakage of vehicle information in a normal communication environment by inserting fake communication data into vehicle communication traffic on a vehicle network. In the method for preventing leakage of vehicle information, a vehicle information leakage prevention apparatus connected to an in-vehicle module analyzes a vehicle communication protocol between the module and another module. It is determined whether encryption has been applied to the vehicle communication protocol, based on results of analysis of the vehicle communication protocol. A method of generating fake communication data is selected depending on whether encryption has been applied to the vehicle communication protocol. A fake communication data is generated depending on the selected method, and the generated fake communication data is transferred to a vehicle information leakage prevention apparatus connected to the other module.

Abstract translation: 一种用于通过将假通信数据插入车辆网络上的车辆通信业务来防止在正常通信环境中泄漏车辆信息的装置和方法。 在防止车辆信息泄漏的方法中，连接到车载模块的车辆信息泄漏防止装置分析模块与另一模块之间的车辆通信协议。 基于车辆通信协议的分析结果，确定是否将加密应用于车辆通信协议。 根据是否将加密应用于车辆通信协议来选择产生假通信数据的方法。 根据所选择的方法产生假通信数据，并且将生成的假通信数据传送到连接到另一个模块的车辆信息泄漏防止装置。

公开(公告)号：US20140366142A1

公开(公告)日：2014-12-11

申请号：US14264174

申请日：2014-04-29

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Yuseok JEON ,  Incheol SHIN ,  Jaeduck CHOI ,  Gunhee LEE ,  Sinkyu KIM ,  Jungtaek SEO

IPC: H04L29/06 ,  H04W12/10

CPC classification number: H04L63/1433 ,  H04W12/10 ,  H04W12/12 ,  H04W84/18

Abstract: The present invention relates to an apparatus and method for analyzing vulnerability of a Zigbee network. For this, the apparatus for analyzing vulnerability of a Zigbee network present invention includes an allocation supporting unit for analyzing an environment of a Zigbee network and allocating a plurality of analyzers to multiple channels of the Zigbee network. A public vulnerability inspection unit inspects the Zigbee network for predefined public vulnerability via the plurality of analyzers. A new vulnerability analysis unit analyzes new vulnerability of the Zigbee network via the plurality of analyzers.

Abstract translation: 本发明涉及一种用于分析ZigBee网络的脆弱性的装置和方法。 为此，用于分析ZigBee网络的脆弱性的装置本发明包括：分配支持单元，用于分析ZigBee网络的环境并将多个分析器分配给Zigbee网络的多个信道。 公众漏洞检查单元通过多个分析器检查Zigbee网络预定义的公共漏洞。 一个新的漏洞分析单元通过多个分析器分析ZigBee网络的新漏洞。

公开(公告)号：US20160014105A1

公开(公告)日：2016-01-14

申请号：US14695100

申请日：2015-04-24

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Kyoung-Ho KIM ,  Jeong-Han YUN ,  Heemin KIM ,  Manhyun CHUNG ,  Woonyon KIM ,  Jungtaek SEO ,  Eung Ki PARK

IPC: H04L29/06 ,  H04L29/08 ,  H04B3/56

CPC classification number: H04L63/08 ,  H04B3/56 ,  H04L63/10 ,  H04L63/1441 ,  H04L67/12 ,  H04W4/046 ,  H04W12/06 ,  H04W12/12

Abstract: An out-of-vehicle device interface apparatus includes a request message reception unit, a response message request unit, and a response message transmission unit. The request message reception unit receives a request message from an out-of-vehicle device, generates electrical signals in electric lines, and transfers the request message. The response message request unit requests response messages for the request message from one or more devices constituting an in-vehicle network based on one or more of the electric lines in which electrical signals have been generated. The response message transmission unit receives the response messages from the one or more devices, and transfers the response messages to the out-of-vehicle device via unidirectional communication.

Abstract translation: 一种车外设备接口设备，包括请求消息接收单元，响应消息请求单元和响应消息传输单元。 请求消息接收单元从车外设备接收请求消息，生成电线中的电信号并传送请求消息。 响应消息请求单元基于已经生成电信号的一条或多条电线从构成车载网络的一个或多个设备请求针对请求消息的响应消息。 响应消息发送单元从一个或多个设备接收响应消息，并通过单向通信将响应消息传送到车外设备。

公开(公告)号：US20150365346A1

公开(公告)日：2015-12-17

申请号：US14561826

申请日：2014-12-05

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Kyoung-Ho KIM ,  Jeong-Han YUN ,  Heemin KIM ,  Woonyon KIM ,  Jungtaek SEO ,  Eung Ki PARK

IPC: H04L12/915 ,  H04L12/825 ,  H04L12/801

CPC classification number: H04L47/10 ,  H04L12/56

Abstract: An apparatus and a method for multilateral one-way communication are provided. The apparatus includes a one-way input module unit, detachably mounted to a plurality of slots formed in a rail, for receiving data from an external transmission host and for transmitting the received data to an internal network through one-way communication; a one-way output module unit, mounted detachably to the plurality of slots formed in the rail, for transferring data of interest to an internal network through one-way communication, and transmitting data of interest to an external reception host, and a two-way module unit, mounted detachably to the plurality of slots formed in the rail, for performing data communication between the transmission host and the reception host in a bidirectional mode.

Abstract translation: 提供了一种用于多边单向通信的装置和方法。 该装置包括单向输入模块单元，可拆卸地安装到形成在轨道中的多个槽，用于从外部传输主机接收数据，并通过单向通信将接收到的数据发送到内部网络; 单向输出模块单元，其可拆卸地安装到形成在轨道中的多个槽，用于通过单向通信将感兴趣的数据传送到内部网络，并将感兴趣的数据发送到外部接收主机; 单向模块单元，可拆卸地安装到形成在轨道中的多个槽，用于以双向模式执行发送主机和接收主机之间的数据通信。

公开(公告)号：US20150304289A1

公开(公告)日：2015-10-22

申请号：US14258086

申请日：2014-04-22

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Youngjun CHO ,  SeongKu KANG ,  Jaeduck CHOI ,  Mincheol JEON ,  Sinkyu KIM ,  Jungtaek SEO

IPC: H04L29/06 ,  G06F21/64

CPC classification number: H04L63/0471 ,  G06F21/645 ,  H04L63/061 ,  H04L63/123 ,  H04L63/126

Abstract: In a digital evidence collection method, an evidence collection device sends an evidence collection request message requesting permission of evidence collection to a notarization server through a notarization agent. The notarization server sends a collection permission message permitting evidence collection to the evidence collection device through the notarization agent. The evidence collection device requests evidence data from an evidence collection target system through the notarization agent. The evidence collection target system transmits the evidence data to the notarization agent. The notarization agent encrypts the evidence data and transfers encrypted evidence data to the evidence collection device.

Abstract translation: 在数字证据收集方法中，证据收集装置通过公证代理向认证服务器发送请求证据收集许可的证据收集请求消息。 公证服务器通过公证代理向证据收集装置发送允许证据收集的收集许可消息。 证据收集装置通过公证代理人从证据收集目标系统请求证据数据。 证据收集目标系统将证据数据传送给公证人。 公证机构加密证据数据，并将加密证据数据传送给证据收集装置。

公开(公告)号：US20150089646A1

公开(公告)日：2015-03-26

申请号：US14444794

申请日：2014-07-28

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Sungho JEON ,  Jeong-Han YUN ,  Woonyon KIM ,  Jungtaek SEO ,  Choon Soo KIM

IPC: H04L29/06

CPC classification number: H04L63/1491 ,  H04L63/1475

Abstract: An apparatus for protecting traffic trend in a network of a control system using artificial communication is provided. In accordance with an embodiment, the apparatus includes a communication terminal device installed in a network and configured to create and filter artificial communication. A communication server device determines whether to create artificial communication at a current time in the communication terminal device, requests a transmitting side-communication terminal device to create artificial communication, and requests a receiving side-communication terminal device to filter the artificial communication.

Abstract translation: 提供一种用于保护使用人工通信的控制系统的网络中的交通趋势的装置。 根据实施例，该设备包括安装在网络中并被配置为创建和过滤人工通信的通信终端设备。 通信服务器装置判定在通信终端装置中是否在当前时刻进行人造通信，请求发送侧通信终端装置进行人造通信，并请求接收侧通信终端装置对人造通信进行过滤。

公开(公告)号：US20160078240A1

公开(公告)日：2016-03-17

申请号：US14889988

申请日：2013-11-27

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： SeongKu KANG ,  Mincheol JEON ,  Youngjun CHO ,  Jaeduck CHOI ,  Sinkyu KIM ,  Jungtaek SEO

IPC: G06F21/62

CPC classification number: G06F21/6209 ,  G06F21/445 ,  G06F21/552 ,  G06F21/577 ,  G06F21/64 ,  G06F21/78

Abstract: An apparatus and method for collecting digital evidence from a target system to be analyzed at a remote location and then providing security in a remote digital forensic environment based on the collected digital evidence. The method of providing security includes making, by a security providing apparatus, an evidence collection request for collection of evidence of an evidence collection-target apparatus from an evidence collection agent in a remote digital forensic environment, collecting evidence data corresponding to the evidence collection request from the evidence collection agent, verifying the evidence data based on a signature value of the evidence data collected from the evidence collection agent, generating evidence analysis data based on the verified evidence data, verifying the evidence analysis data based on a signature value of the evidence analysis data, and providing security for the evidence collection-target apparatus based on results of the verification of the evidence analysis data.

Abstract translation: 一种用于从远程位置分析的目标系统收集数字证据的装置和方法，然后基于收集的数字证据在远程数字法医环境中提供安全性。 提供安全的方法包括由安全提供设备从远程数字法医环境中的证据收集代理人提供收集证据收集目标设备的证据的证据收集请求，收集与证据收集请求对应的证据数据 从证据采集代理人，根据从证据收集代理收集的证据数据的签名值验证证据数据，根据证实的证据数据生成证据分析数据，根据证据的签名值验证证据分析数据 分析数据，并根据证据分析数据验证结果为证据收集目标设备提供安全性。