-
公开(公告)号:US20150350242A1
公开(公告)日:2015-12-03
申请号:US14729709
申请日:2015-06-03
Inventor: Seon Gyoung SOHN , Young Jun HEO
IPC: H04L29/06
CPC classification number: H04L63/1408
Abstract: An apparatus and method of displaying a network security situation is provided. The apparatus includes an extraction unit configured to classify a characteristic factor including IP addresses of a transmission node and a reception node from a traffic flow, a network visualization unit configured to generate a domain circle visualizing each of a transmission domain and a reception domain as a circle shape by mapping the IP addresses of the transmission node and the reception node to points on circumference as one to one, arrange the generated domain circle on an axis, and visualize each of a transmission network area and a reception network area as a sphere shape, a session construction unit configured to a session of the visualized transmission network area and reception network visually, and a display unit configured to display the session which is visually constructed.
Abstract translation: 提供了显示网络安全情况的装置和方法。 该装置包括:提取单元,被配置为从业务流中分类包括发送节点的IP地址和接收节点的特征因子;网络可视化单元,被配置为生成可视化发送域和接收域中的每一个的域圈,作为 通过将发送节点和接收节点的IP地址映射到圆周上的点一一对应的圆形,将生成的域圆布置在轴上,并将传输网络区域和接收网络区域中的每一个可视化为球形 可视化的可视化传输网络区域和接收网络的会话的会话构造单元,以及配置为显示视觉构建的会话的显示单元。
-
公开(公告)号:US20200296119A1
公开(公告)日:2020-09-17
申请号:US16813986
申请日:2020-03-10
Inventor: Jae Deok LIM , Kyeong Tae KIM , Jeong Nyeo KIM , Seon Gyoung SOHN , Yun Kyung LEE
IPC: H04L29/06
Abstract: Provided is an apparatus and method for security control that is capable of preventing a security threat from spreading on the basis of a security control policy established for each device (or a device group) in a network infrastructure environment, such as IoT. In a network infrastructure including a service server, a gateway, and a device, the apparatus and method for security control, in response to detecting a security threat, such as distributed denial of service (DDoS) attacks, malicious code propagation, or the like, perform a security control and a security control release on a device in which the security threat has occurred and/or a device group having an identical or similar property to the device to prevent the security threat from spreading and block the security threat in an early stage.
-
Patent Agency Ranking
3.发明申请公开(公告)号:US20150341380A1
公开(公告)日:2015-11-26
申请号:US14667137
申请日:2015-03-24
Inventor: Young Jun HEO , Seon Gyoung SOHN , Byoung Koo KIM , Dong Ho KANG , Jung Chan NA
CPC classification number: H04L63/1425 , H04L63/1458 , H04L69/22
Abstract: Provided are a system and method for detecting an abnormal behavior of a control system by analyzing flows of the control system. Flow information of the control network is collected, and flows are classified according to the collected flow information and a flow group is generated. An abnormal behavior of the control system is detected by analyzing flows of the generate flow group. That is, internal systems of the control network are grouped according to functions, and a situation of a system of a group performing the same function is managed to thus quickly detect an abnormal behavior of the control system.
Abstract translation: 提供了一种通过分析控制系统的流程来检测控制系统的异常行为的系统和方法。 收集控制网络的流量信息,根据收集的流量信息对流量进行分类,生成流量组。 通过分析生成流组的流量来检测控制系统的异常行为。 也就是说,控制网络的内部系统根据功能进行分组,并且管理执行相同功能的组的系统的情况,从而快速检测控制系统的异常行为。
-
公开(公告)号:US20240372890A1
公开(公告)日:2024-11-07
申请号:US18650568
申请日:2024-04-30
Inventor: Young Ho KIM , Seon Gyoung SOHN , Kyeong Tae KIM , Jeong Nyeo KIM , Yun Kyung LEE
Abstract: A method and an apparatus for predicting cyber threats using natural language processing are disclosed. According to an embodiment of a present disclosure, a method for predicting cyber threats includes calculating similarity using a first embedding vector for cyber threat identification information and a second embedding vector for asset information when security event information is received, wherein the security event information includes the cyber threat identification information. The method also includes measuring correlation between the cyber threat identification information and the asset information based on the similarity. The method also includes determining an asset vulnerable to cyber threats based on the correlation.
-
5.发明公开公开(公告)号:US20230292129A1
公开(公告)日:2023-09-14
申请号:US18118202
申请日:2023-03-07
Inventor: Kyeong Tae KIM , Young Ho KIM , Jeong Nyeo KIM , Seon Gyoung SOHN , Yun Kyung LEE , Jae Deok LIM
IPC: H04W12/108 , H04L9/32 , H04L9/30
CPC classification number: H04W12/108 , H04L9/3213 , H04L9/3073 , H04L9/3247
Abstract: Provided are an apparatus and method for performing remote attestation by taking into account mobility. The method includes obtaining, by each node constituting a network, a remote attestation result value by performing self-remote attestation, obtaining, by each of the nodes, remote attestation result values from the other nodes by broadcasting the obtained remote attestation result value to at least one neighboring node, and monitoring, by each of the nodes, remote attestation of each of the nodes on the basis of the obtained remote attestation result values of the nodes.
-
公开(公告)号:US20200273586A1
公开(公告)日:2020-08-27
申请号:US16798730
申请日:2020-02-24
Inventor: Yun Kyung LEE , Kyeong Tae KIM , Jeong Nyeo KIM , Seon Gyoung SOHN , Jae Deok LIM
IPC: G16Y30/10 , G16Y40/50 , H04L9/08 , H04N21/2347
Abstract: A method for security of an Internet of things (IoT) device includes transmitting, by a server, a key value determined based on a reliability level of a user device and a key identification (ID) of the key value to the user device, encrypting, by the user device, a command representing a service requested by a user by using the key value and transmitting the encrypted command and the key ID to the IoT device, and extracting, by the IoT device, the key value corresponding to the key ID received from the user device from pre-stored key list information, decrypting the encrypted command by using the extracted key value, executing the decrypted command to generate information requested by the user, encrypting the generated information by using the extracted key value, and transmitting the encrypted information to the user device.
-
7.发明申请ABNORMAL TRAFFIC DETECTION APPARATUS AND METHOD BASED ON MODBUS COMMUNICATION PATTERN LEARNING 有权基于MODBUS通信模式学习的异常交通检测装置和方法公开(公告)号:US20150381642A1
公开(公告)日:2015-12-31
申请号:US14699449
申请日:2015-04-29
Inventor: Byoung Koo KIM , Dong Ho KANG , Jung Chan NA , Seon Gyoung SOHN , Young Jun HEO
IPC: H04L29/06
CPC classification number: H04L63/1425 , H04L12/40 , H04L41/142 , H04L43/026 , H04L67/12 , H04L69/16 , H04L69/329 , H04L2012/40228
Abstract: An abnormal traffic detection apparatus and method based on Modbus communication pattern learning is provided. The abnormal traffic detection apparatus based on the Modbus communication pattern learning previously detects and responds to abnormal traffic on a Modbus/TCP protocol. According to the present invention, a communication service between control systems can be stably provided by previously detecting the abnormal traffic capable of interfering with a stable operation of the control system. Particularly, since the effective abnormal traffic on the Modbus/TCP protocol can be previously detected, security of the control system can be increased by rapid detection and response with respect to security threats on the Intranet of the control system, and availability can be secured.
Abstract translation: 提供了基于Modbus通信模式学习的异常流量检测装置和方法。 基于Modbus通信模式学习的异常流量检测装置可以检测并响应Modbus / TCP协议上的异常流量。 根据本发明,通过预先检测能够干扰控制系统的稳定运行的异常通信,可以稳定地提供控制系统之间的通信服务。 特别是,由于可以先检测到Modbus / TCP协议上的有效异常流量,因此可以通过对控制系统的内联网上的安全威胁的快速检测和响应来提高控制系统的安全性,并且可以确保可用性。
-
-
-
-
-
-
Search Results
7
records
(took 0.017 seconds)
