-
公开(公告)号:KR1020110042485A
公开(公告)日:2011-04-27
申请号:KR1020090099167
申请日:2009-10-19
Applicant: 한국전자통신연구원
CPC classification number: H04L63/1433 , G06F21/577
Abstract: PURPOSE: An apparatus for diagnosing efficient remote security threat and a method thereof are provided to diagnose a device through the reference to a common vulnerability list and report the diagnosis result through a vulnerability diagnosis tool placed at a remote place. CONSTITUTION: A vulnerability analysis unit(10) searches for the determined reference key type to obtain a vulnerability inspection list from a vulnerability list management database, wherein the vulnerability inspection list exists in main characteristic information. An attack agent(40) inspects the vulnerability of the main characteristic information based on the preset characteristic information for the vulnerability inspection list existing in the main characteristic information. A result analysis unit(60) reports the result of the inspected vulnerability of the main characteristic information. A GUI(Graphical User Interface) management unit(70) interfaces the reported vulnerability result through a vulnerability diagnosis tool.
Abstract translation: 目的:提供用于诊断有效的远程安全威胁的装置及其方法,用于通过参考公共漏洞列表来诊断设备,并通过放置在远程位置的漏洞诊断工具来报告诊断结果。 构成:漏洞分析单元(10)搜索确定的参考密钥类型以从漏洞列表管理数据库获得漏洞检查列表,其中漏洞检查列表存在于主要特征信息中。 攻击代理(40)根据主要特征信息中存在的漏洞检查列表的预设特征信息检查主要特征信息的脆弱性。 结果分析单元(60)报告主要特征信息的被检查的脆弱性的结果。 GUI(图形用户界面)管理单元(70)通过漏洞诊断工具来接收所报告的漏洞结果。
-
公开(公告)号:KR1020110040152A
公开(公告)日:2011-04-20
申请号:KR1020090097313
申请日:2009-10-13
Applicant: 한국전자통신연구원
IPC: H04L12/22
CPC classification number: H04L63/1408 , H04L2463/146
Abstract: PURPOSE: A method for reversely tracking an attacker packet and a system therefore are provided to sense the attacker packet by using a hash function and a bloom filter. CONSTITUTION: A first router(100) receives a hash information list of an attacker packet from a server(300) which reversely track an attack path of the attacker packet in a network. A hash value is extracted by applying a hash function to a reception packet. It is determined whether the information corresponding to the extracted hash value exists in the hash information list. The reception packet is determined to the attacker packet according to the information corresponding to the extracted hash value. The determination result is transmitted to the server.
Abstract translation: 目的:提供一种用于反向跟踪攻击者数据包和系统的方法,以通过使用散列函数和绽放过滤器来感知攻击者数据包。 构成:第一路由器(100)从服务器(300)接收攻击者包的哈希信息列表,该服务器反向跟踪网络中的攻击者包的攻击路径。 通过将哈希函数应用于接收分组来提取散列值。 确定在哈希信息列表中是否存在与提取的散列值相对应的信息。 接收包根据与提取的散列值对应的信息确定给攻击者包。 确定结果被发送到服务器。
-
公开(公告)号:KR101029539B1
公开(公告)日:2011-04-18
申请号:KR1020090023137
申请日:2009-03-18
Applicant: 한국전자통신연구원
CPC classification number: Y02D10/34
Abstract: 본 발명은 부채널 검증 방법 및 그 장치에 관한 것이다.
부채널 검증 장치는 소프트웨어로 구현된 암호 프로그램의 동작을 제어하는 MCU, 하드웨어로 구현된 암호 프로그램의 1차 동작 검증을 수행하는 FPGA, 그리고 MCU 내지 FPGA에 전원을 공급하여 MCU 내지 FPGA을 동작시키거나, 암호 프로그램의 구동 시 소비전력을 측정하여 측정한 소비전력을 토대로 부채널 분석을 수행하는 전원분리 모듈을 포함한다.
이로써 본 발명은 하드웨어나 소프트웨어로 구현된 암호 프로그램의 구동 시 소비 전력을 쉽게 측정할 수 있으며, 이를 통해 부채널 검증을 용이하게 할 수 있다.
부채널 공격, 암호, 하드웨어, 소프트웨어-
公开(公告)号:KR1020110011935A
公开(公告)日:2011-02-09
申请号:KR1020090069418
申请日:2009-07-29
Applicant: 한국전자통신연구원
CPC classification number: H04L63/1425
Abstract: PURPOSE: A network attach sensing device based on visual data analysis and a method thereof are provided to convert traffic information into an image and sense various attacks on a network using the formed image through a visual data analysis technique. CONSTITUTION: A traffic image generator(100) generates a traffic image through IP additional information. By comparing the traffic image with a previously inputted traffic image, a network attack detector(200) detects a network attack. A network attack analyzer(300) detects network attack information and pattern information of the network attack information. A network attack detection result expression unit(400) expresses the network attack information and the pattern information of the network attack.
Abstract translation: 目的:提供一种基于视觉数据分析的网络附着感测装置及其方法,用于通过视觉数据分析技术将交通信息转换为图像,并使用形成的图像感知网络上的各种攻击。 构成:流量图像生成器(100)通过IP附加信息生成流量图像。 通过将流量图像与先前输入的流量图像进行比较,网络攻击检测器(200)检测网络攻击。 网络攻击分析器(300)检测网络攻击信息和网络攻击信息的模式信息。 网络攻击检测结果表达单元(400)表示网络攻击信息和网络攻击的模式信息。
-
公开(公告)号:KR101003104B1
公开(公告)日:2010-12-21
申请号:KR1020080131716
申请日:2008-12-22
Applicant: 한국전자통신연구원
CPC classification number: H04W12/12 , H04L63/1416
Abstract: 본 발명은 무선 네트워크에서 보안 상황 감시 장치에 관한 것으로, 본 발명에 따른 무선 네트워크에서 보안 상황 감시 장치는 하나 이상의 RF 신호 정보를 수집하는 RF 신호 수집부, 트래픽 정보, 경보 정보 중 하나 이상을 포함하는 보안 이벤트 정보를 수집하는 보안 이벤트 수집부, 수집된 RF 신호 정보와 보안 이벤트 정보의 연관성을 분석하여 매핑하는 보안 이벤트 정보 매핑부 및 매핑된 보안 이벤트 정보를 표시하는 보안 이벤트 정보 표시부를 포함한다. 이에 의해, RF 신호 감시를 통해 획득된 RF 신호 정보와, 무선 네트워크 장비에서 발생되는 트래픽 정보, 경보 정보를 포함하는 보안 이벤트 정보를 매핑하여 정보 시각화 기법을 사용하여 효과적으로 표현함으로써 네트워크 관리자가 현재 무선 네트워크의 보안 상황을 직관적으로 인지할 수 있는 장점이 있다.
RF 신호, 보안, 매핑, 표시-
Patent Agency Ranking
公开(公告)号:KR1020100076856A
公开(公告)日:2010-07-06
申请号:KR1020090032429
申请日:2009-04-14
Applicant: 한국전자통신연구원
Abstract: PURPOSE: An apparatus and a method for extracting user information using client-based script are provided to collect the IP(Internet Protocol) addresses of an attacking host and a proxy server used by the attacking host can be collected by using a script that sets a direct connection between a monitoring server and the attacking host. CONSTITUTION: A web client issues a request for a first webpage to a web server(S101). Then, the web server may transmit the first webpage to the web client along with a script for detecting the IP address of the web client(S103). The script is automatically executed in a web browser of the web client along with the first webpage without a requirement of an additional Java applet, an ActiveX program or an ActiveX plug-in. Once the script is executed in the web browser of the web client, a user identifier for the web client may be created by combining a time-shift value and a random value. Thereafter, the script issues a request for the right and method to access to a monitoring server to the monitoring server(S105). Then, the monitoring server responds to the request(S107), and the script sets a socket communication between the web client and the monitoring server(S109). The socket communication is used for various purposes such as querying a database, issuing a request for TCP(Transmission Control Protocol) communication or issuing a request for FTP(File Transfer Protocol) connection. The script transmits user information, including the user identifier of the web client and information regarding a webpage having the script loaded therein, to the monitoring server. In addition, the script issues a request for a second webpage to the monitoring server(S111). If the web client attempts to access the web server via an anonymous proxy server, the second web page is transmitted to the monitoring server via the anonymous proxy server, and thus, the monitoring server is able to collect the IP address of the anonymous proxy server.
Abstract translation: 目的:提供一种使用基于客户端脚本提取用户信息的装置和方法,用于收集攻击主机的IP(因特网协议)地址,并且可以通过使用设置 监控服务器和攻击主机之间的直接连接。 规定:Web客户端向Web服务器发出第一网页的请求(S101)。 然后,Web服务器可以将第一网页与用于检测网络客户端的IP地址的脚本一起发送到web客户端(S103)。 该脚本与Web客户端的Web浏览器一起自动执行,而不需要附加的Java小程序,ActiveX程序或ActiveX插件。 一旦在web客户机的web浏览器中执行脚本,可以通过组合时移值和随机值来创建web客户端的用户标识符。 此后,脚本向监视服务器发出对监视服务器的权利和方法的请求(S105)。 然后,监视服务器对该请求进行响应(S107),脚本设置Web客户端与监视服务器之间的套接字通信(S109)。 套接字通信用于各种目的,例如查询数据库,发出TCP(传输控制协议)通信请求或发出FTP(文件传输协议)连接请求。 该脚本向监视服务器发送包括web客户端的用户标识符和关于其中加载有脚本的网页的信息的用户信息。 此外,脚本向监视服务器发出第二网页的请求(S111)。 如果Web客户端尝试通过匿名代理服务器访问Web服务器,则通过匿名代理服务器将第二网页发送到监控服务器,因此监控服务器能够收集匿名代理服务器的IP地址 。
-
公开(公告)号:KR1020100073131A
公开(公告)日:2010-07-01
申请号:KR1020080131722
申请日:2008-12-22
Applicant: 한국전자통신연구원
CPC classification number: H04L43/0823 , H04L43/0864 , H04L67/14
Abstract: PURPOSE: An apparatus and a method for analyzing failed-session on multi-resolution windows are provided to measure failed-session distribution on management target hosts at a time. CONSTITUTION: An SYN RTT(SYN Round Trip Time) measuring unit(701) measures SYN RTT between synchronization and receipt notification packets. A failed session distribution measuring unit(705) sets an observation window. When a synchronization packet of a host is detected in the observation window, a failed-session distribution measuring unit increases the failed-session number of the host. When a receipt notification packet of the host is detected, the failed-session distribution measuring unit decreases the failed-session number of the host. The failed-session distribution measuring unit measures the failure session number of the host.
Abstract translation: 目的:提供用于分析多分辨率窗口上的故障会话的设备和方法,以一次测量管理目标主机上的故障会话分发。 构成:SYN RTT(SYN往返时间)测量单元(701)测量同步和接收通知包之间的SYN RTT。 故障会话分配测量单元(705)设置观察窗口。 当在观察窗口中检测到主机的同步分组时,故障会话分配测量单元增加主机的故障会话数。 当检测到主机的接收通知分组时,故障会话分发测量单元减少主机的故障会话数。 故障会话分发测量单元测量主机的故障会话编号。
-
公开(公告)号:KR1020100070644A
公开(公告)日:2010-06-28
申请号:KR1020080129287
申请日:2008-12-18
Applicant: 한국전자통신연구원
CPC classification number: G06F21/6227 , H04L9/00
Abstract: PURPOSE: A method for saving and searching encrypted data on a database is provided to enhance the security of stored information when information is stored at an unreliable server which is not reliable by a user database. CONSTITUTION: Data stored at a database is encoded(S100), and the entire region of the stored data is split into a bucket unit, and the index is allocated to the split bucket regions(S120). The sequence information in a bucket region to which encoded data belong is recognized(S130). The encoded data, the index information and sequence information of the bucket region to which the encoded data belong are stored at an external server(S140).
Abstract translation: 目的:提供一种在数据库中保存和搜索加密数据的方法,以便在信息存储在用户数据库不可靠的不可靠服务器时增强存储信息的安全性。 构成:对存储在数据库中的数据进行编码(S100),将存储数据的整个区域分割为桶单位,并将索引分配给分割桶区域(S120)。 识别编码数据所属的存储区域中的序列信息(S130)。 编码数据所属的桶区域的编码数据,索引信息和序列信息存储在外部服务器(S140)。
-
公开(公告)号:KR1020100062813A
公开(公告)日:2010-06-10
申请号:KR1020090024116
申请日:2009-03-20
Applicant: 한국전자통신연구원
CPC classification number: G06K7/10237 , G06K7/10108 , G06K7/10297 , G06K17/0029 , G06Q10/0833 , G06Q10/08355
Abstract: PURPOSE: An RFID(Radio Frequency IDentification) system, and a method for tracking a distribution process and an e-Pedigree using the same are provided to solve the security problems caused by a non-reliable service provider. CONSTITUTION: Plural RFID tag devices(200) transmits a tag signal including tag information corresponding to the paths through which products pass, and an RFID reader device(100) detects a tag signal for each path through which the products pass. The RFID reader device traces a distribution path and an E-pedigree of the product based on the tag information included in the detected tag signals.
Abstract translation: 目的:提供RFID(射频识别)系统,以及跟踪分发过程的方法和使用其的电子谱系,以解决由不可靠的服务提供商引起的安全问题。 构成:多个RFID标签装置(200)发送标签信号,该标签信号包括与产品通过的路径相对应的标签信息,RFID读取器装置(100)检测产品通过的每个路径的标签信号。 RFID读取器设备基于检测到的标签信号中包括的标签信息跟踪产品的分发路径和E谱系。
-
公开(公告)号:KR1020090065212A
公开(公告)日:2009-06-22
申请号:KR1020070132689
申请日:2007-12-17
Applicant: 한국전자통신연구원
CPC classification number: G06N3/008 , A63H2200/00 , G06Q50/30 , B25J9/0003
Abstract: A robot chatting system and a method thereof for providing a robot chatting service of high quality for a user are provided to transmit a sentence and the corresponding operation which the opponent transmits so that the robot of opponent perform the related operation while reading sentence. An interface produces a robot operation including chatting sentence including a sentence unit and an operation unit. A robot chatting server(206) provides the robot chatting service between chatter by using the robot motion inclusion chatting sentence. The robot chatting server produces motion control data corresponding to the chatting sentence my moving portion. A TTS(Text To Speech) engine(207) converts the character part within the robot motion inclusion chatting sentence into audio data. A robot 1(204) and a robot 2(205) output audio data through a speaker. The robot 1 and robot 2 operate according to motion control data.
Abstract translation: 提供一种用于为用户提供高品质的机器人聊天服务的机器人聊天系统及其方法,用于传送对方发送的句子和相应的操作,使得对手的机器人在读取句子时执行相关操作。 接口产生包括句子单元和操作单元的聊天语句的机器人操作。 机器人聊天服务器(206)通过使用机器人运动包含聊天句子在聊天之间提供机器人聊天服务。 机器人聊天服务器产生与聊天句我的移动部分对应的运动控制数据。 TTS(文字对语音)引擎(207)将机器人运动包含聊天句中的字符部分转换为音频数据。 机器人1(204)和机器人2(205)通过扬声器输出音频数据。 机器人1和机器人2根据运动控制数据进行操作。
-
-
-
-
-
-
-
-
-
Search Results
271
records
(took 0.029 seconds)
