-
公开(公告)号:US20230004499A1
公开(公告)日:2023-01-05
申请号:US17737174
申请日:2022-05-05
Inventor: Yong-Je CHOI , Dae-Won KIM , Sang-Su LEE , Byeong-Cheol CHOI , Dong-Wook KANG , Yang-Seo CHOI
IPC: G06F12/0873 , G06F12/0868
Abstract: Disclosed herein are an apparatus and method for extracting memory map information from firmware. The apparatus includes one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program retrieves memory-related data from firmware, sets a data structure by analyzing binary code based on the memory-related data, and retrieves a memory map structure from the firmware using the data structure.
-
公开(公告)号:US20190050578A1
公开(公告)日:2019-02-14
申请号:US16041974
申请日:2018-07-23
Inventor: Yang-Seo CHOI
Abstract: An apparatus and method for assessing cybersecurity vulnerabilities based on a serial port. The apparatus includes a vulnerability DB for storing vulnerability assessment items, a communication unit for configuring an environment for serial communication with an assessment target device and configuring a network environment, a vulnerability scanning unit for selecting a vulnerability assessment item for which cybersecurity vulnerability assessment is to be performed on the assessment target device, and performing scanning for checking the selected vulnerability assessment item on the assessment target device, a response analysis unit for analyzing a response of the assessment target device to the scanning, and setting one or more of an operating system, an application, and a protocol corresponding to the assessment target device, and a vulnerability presence determination unit for determining, using the set one or more of the operating system, application, and protocol, whether a vulnerability is present.
-
公开(公告)号:US20220166702A1
公开(公告)日:2022-05-26
申请号:US17135505
申请日:2020-12-28
Inventor: Gae-Il AN , Yang-Seo CHOI
Abstract: Disclosed herein are a fuzzing preprocessing apparatus and method for automating smart network fuzzing. The fuzzing preprocessing method includes collecting communication message samples that are sent by a fuzzing target client to a fuzzing target system, comparing the communication message samples with each other, and then identifying sizes and types of fields of a fuzzing target protocol, determining a property of a protocol field value with reference to ASCII code, determining a coverage of a user field based on a response message to a test communication message that has been sent to the fuzzing target system, and storing a fuzzing protocol data model having a field number, a field type, a field size, a field value property, and a field value of the fuzzing target protocol, as elements.
-
公开(公告)号:US20230004680A1
公开(公告)日:2023-01-05
申请号:US17738524
申请日:2022-05-06
Inventor: Yong-Je CHOI , Dae-Won KIM , Sang-Su LEE , Byeong-Cheol CHOI , Dong-Wook KANG , Ik-Kyun KIM , Yang-Seo CHOI
Abstract: Disclosed herein are an apparatus and method for verifying the integrity of a hardware board. The apparatus includes one or more processors and execution memory for storing at least one program that is executed by the processors, wherein the program is configured to compare images of components arranged on a verification target board and a source board in a first image, obtained by photographing the verification target board, and in a second image prestored for the source board, as to whether images of the components are identical to each other, and compare first firmware extracted from the verification target board with second firmware of the source board, as to whether first firmware is identical to second firmware and verify integrity of the verification target board based on whether the images are identical to each other and on whether the pieces of firmware are identical to each other.
-
Patent Agency Ranking
公开(公告)号:US20150121072A1
公开(公告)日:2015-04-30
申请号:US14254305
申请日:2014-04-16
Inventor: Yang-Seo CHOI , Ik-Kyun Kim
CPC classification number: G06F21/57 , G06F21/51 , G06F21/572 , H04L9/3247 , H04L63/08 , H04L63/123 , H04L63/1441
Abstract: There is provided an object verification apparatus comprising; a communication module receiving object information to verify an object and integrity of the object, and requesting original object information to an integrity authentication server in which the original object information for the object is registered and receiving the original object information from the integrity authentication server; and a control module determining whether current object information extracted from the object and the object information are identical or not, controlling the communication module according to the determined result, and comparing the original object information and the current object information to verify the final integrity of the object.
Abstract translation: 提供了一种对象验证装置,包括: 接收对象信息以验证对象的对象和完整性的通信模块,以及向对象的原始对象信息进行登记的完整性认证服务器请求原始对象信息,并且从完整性认证服务器接收原始对象信息; 以及控制模块,确定从对象提取的当前对象信息和对象信息是否相同,根据确定的结果控制通信模块,并比较原始对象信息和当前对象信息,以验证对象信息的最终完整性 目的。
-
公开(公告)号:US20220374525A1
公开(公告)日:2022-11-24
申请号:US17525604
申请日:2021-11-12
Inventor: GAE-IL AN , Yang-Seo CHOI
Abstract: Disclosed herein are an apparatus and a method for detecting a vulnerability to a nonvolatile memory attack. The apparatus for detecting a vulnerability to a nonvolatile memory attack includes memory for storing at least one program, and a processor for executing the program, wherein the program includes a fuzzer unit for sending a fuzzing message to fuzzing target software, a nonvolatile memory write control unit for, when a request to write data to a nonvolatile memory is received from the fuzzing target software, transferring nonvolatile memory write data to an attack vulnerability detection unit, and the attack vulnerability detection unit for, when the nonvolatile memory write data is received from the nonvolatile memory write control unit, searching for a vulnerability to a nonvolatile memory attack based on a result of determining whether the nonvolatile memory write data is normal based on a model pre-trained in a normal state.
-
公开(公告)号:US20210160273A1
公开(公告)日:2021-05-27
申请号:US17081414
申请日:2020-10-27
Inventor: Yang-Seo CHOI , Won-Jun SONG , Gae-Il AN
IPC: H04L29/06 , G05B19/4155
Abstract: Disclosed herein are a method for calculating a risk for an industrial control system and an apparatus for the same. The method includes collecting at least one keyword based on published vulnerabilities in a target industrial control system and generating an attack vector corresponding to the at least one keyword; collecting operating environment characteristics corresponding to the operating environment that is currently being used in the target industrial control system; calculating a targeted risk for the attack vector in consideration of a vulnerability characteristic matching the at least one keyword, among the operating environment characteristics, and a weight applied to the vulnerability characteristic; and providing the targeted risk to the operator module of the target industrial control system.
-
8.发明申请公开(公告)号:US20170237680A1
公开(公告)日:2017-08-17
申请号:US15331436
申请日:2016-10-21
Inventor: Yang-Seo CHOI , Jong-Hyun KIM , Joo-Young LEE , Sun-Oh CHOI , Ik-Kyun KIM , Dae-Sung MOON
IPC: H04L12/911 , H04L12/24
CPC classification number: H04L67/06 , H04L43/026 , H04L47/2483 , H04L49/9057
Abstract: Disclosed are an apparatus and method for reconstructing a transmitted file with high performance in real time, which select analysis target packets for reconstruction by first checking using hardware whether data file-related information is present in packets transmitted via large-capacity traffic over a broadband network, and which reconstruct a file in real time only from the selected analysis target packets. The file reconstruction apparatus for reconstructing a data file from packets on a network includes a packet monitoring unit for extracting packets on the network, a collected packet selection unit for determining whether, for the extracted packets, each packet is a reconstruction target based on flow information, and selecting a reconstruction target packet, and a file reconstruction unit for performing file reconstruction by extracting data from the reconstruction target packet and by storing the extracted data as data of a reconstructed file in a relevant flow.
-
公开(公告)号:US20170235640A1
公开(公告)日:2017-08-17
申请号:US15360957
申请日:2016-11-23
Inventor: Joo-Young LEE , Ik-Kyun KIM , Jong-Hyun KIM , Sun-Oh CHOI , Yang-Seo CHOI
CPC classification number: G06F11/1448 , G06F16/134 , G06F2201/82 , H04L67/10
Abstract: Disclosed herein are a network traffic recording apparatus and method. The network traffic recording apparatus includes a data partitioning unit for generating a single data block from original data corresponding to a certain unit and partitioning the single data block into preset units, a data integrity verification information generation unit for generating data integrity verification information for each data block, and a data redundancy elimination encoding unit for performing redundancy elimination on data, which is a target of redundancy elimination, for each data block.
-
-
-
-
-
-
-
-
Search Results
9
records
(took 0.01 seconds)
