-
公开(公告)号:US20170237716A1
公开(公告)日:2017-08-17
申请号:US15246027
申请日:2016-08-24
Inventor: Jong Hyun KIM , Ik Kyun KIM , Joo Young LEE , Sun Oh CHOI , Yang Seo CHOI
IPC: H04L29/06
CPC classification number: H04L63/0435 , H04L63/0272 , H04L63/045 , H04L63/061 , H04L63/0823 , H04L63/0869 , H04L63/1425 , H04L63/166
Abstract: The present invention relates to a system and method for interlocking intrusion information. An intrusion information interlocking system includes at least one interlocking client which is connected to a client system which collects session information of intrusion in different network domains to transmit the intrusion information collected by the client system to the control system and requests analysis information on the intrusion information in accordance with a request of the client system to provide the analysis information to the client system, and an interlocking server which is connected to a control system which analyzes intrusion information to transmit the intrusion information of different network domains provided from one or more interlocking clients to the control system, stores the intrusion analysis information from the control system, and shares the stored intrusion analysis information with the interlocking client in accordance with the request of the interlocking client.
-
2.发明申请公开(公告)号:US20170193225A1
公开(公告)日:2017-07-06
申请号:US15169259
申请日:2016-05-31
Inventor: Dae Sung MOON , Ik Kyun KIM , Yang Seo CHOI
CPC classification number: G06F21/55 , G06F21/552 , G06F2221/034 , G06N99/005
Abstract: A behavior-based malicious code detecting apparatus and method using multiple feature vectors is disclosed. A malicious code learning method may include collecting characteristic factor information when a training target process comprising a malicious code is executed, generating a feature vector for malicious code verification based on the collected characteristic factor information, learning the generated feature vector through a plurality of machine learning algorithms to generate a model of representing the malicious code and a model of representing a normal file, and storing the model of representing the malicious code and the model of representing the normal file generated through the learning.
-
公开(公告)号:US20160156643A1
公开(公告)日:2016-06-02
申请号:US14802688
申请日:2015-07-17
Inventor: Yang Seo CHOI
IPC: H04L29/06
CPC classification number: H04L63/1416 , H04L63/1425
Abstract: An apparatus and method for generating a process activity profile are provided. The apparatus includes a basic process profile generator configured to perform basic process profiling for generating a basic process profile recording an operation of a specific process in a system; and an extension process profile generator configured to generate an extension process profile by associating an additional basic process profile generated by executing an execution file downloaded or created while generating the basic process profile with a conventional basic process profile
Abstract translation: 提供了一种用于生成处理活动简档的装置和方法。 该设备包括基本过程简档生成器,其被配置为执行基本过程分析以生成记录系统中特定过程的操作的基本过程简档; 以及扩展处理简档生成器,其被配置为通过将通过执行下载或创建的执行文件生成的附加基本过程简档相关联地生成扩展处理简档,同时生成基本过程简档与常规基本过程简档
-
4.发明申请METHOD AND SYSTEM FOR NETWORK CONNECTION CHAIN TRACEBACK USING NETWORK FLOW DATA 有权使用网络流量数据的网络连接链路跟踪的方法和系统公开(公告)号:US20150256555A1
公开(公告)日:2015-09-10
申请号:US14635962
申请日:2015-03-02
Inventor: Yang Seo CHOI , Ik Kyun KIM , Min Ho HAN , Jung Tae KIM , Jong Hyun KIM
IPC: H04L29/06
CPC classification number: H04L63/1441 , H04L63/1416 , H04L63/1425
Abstract: Disclosed are provided a method and a system for network connection chain traceback by using network flow data in order to trace an attack source site for cyber hacking attacks that goes by way of various sites without addition of new equipment of a network or modification a standard protocol when the cyber hacking attack occurs in the Internet and an internal network.
Abstract translation: 提供了一种通过使用网络流数据来网络连接链追溯的方法和系统,以便跟踪通过各种站点进行的网络黑客攻击的攻击源站点,而不添加网络的新设备或修改标准协议 当网络黑客攻击发生在互联网和内部网络时。
-
-
-
Search Results
4
records
(took 0.015 seconds)
