-
公开(公告)号:KR1020130092305A
公开(公告)日:2013-08-20
申请号:KR1020120013962
申请日:2012-02-10
Applicant: 한국전자통신연구원
CPC classification number: G06F8/36 , G06F8/447 , G06F8/70 , G06F9/451 , G06F15/161
Abstract: PURPOSE: An integrated development apparatus and a method for network applications and a server using the same are provided to build various applications for hardware using a network processor by providing a general application program interface (API). CONSTITUTION: An application storage unit (100) stores an application built by a user, and application attribute management unit (200) manages attribute information including input information, output information, and interlinked information between an input and an output. A target code generation unit (300) generates a corresponding target code by compiling the application stored in the application storage unit based on the attribute information stored in the application attribute management unit. A code loading unit (400) loads the generated target code in hardware. [Reference numerals] (100) Application storage unit; (200) And application attribute management unit; (300) Target code generation unit; (400) Code loading unit; (500) Input module; (600) Log information management
Abstract translation: 目的:提供一种用于网络应用的集成开发设备和方法以及使用其的服务器,以通过提供通用应用程序接口(API)来构建使用网络处理器的硬件的各种应用。 构成:应用存储单元(100)存储由用户构建的应用,应用属性管理单元(200)在输入和输出之间管理包括输入信息,输出信息和互连信息的属性信息。 目标代码生成部(300)基于存储在应用属性管理部中的属性信息,编译存储在应用存储部中的应用,生成对应的目标代码。 代码加载单元(400)在硬件中加载生成的目标代码。 (附图标记)(100)应用存储单元; (200)和应用属性管理单元; (300)目标代码生成单元; (400)代码加载单元; (500)输入模块; (600)日志信息管理
-
公开(公告)号:KR101292873B1
公开(公告)日:2013-08-02
申请号:KR1020090128019
申请日:2009-12-21
Applicant: 한국전자통신연구원
IPC: H04L12/26
CPC classification number: H04L43/028 , G06F13/385 , H04L12/14 , H04L41/5087 , H04L41/509 , H04L43/026 , H04L45/00
Abstract: 네트워크로부터 패킷을 수신하고, 제1 칩셋에서 상기 수신되는 패킷을 확인하여 상세분석의 진행 여부를 결정하고, 제2 칩셋에서 상세분석이 요구되는 패킷에 대해서만 상세분석하는 네트워크 인터페이스 카드장치 및 상기 네트워크 인터페이스 카드장치를 이용한 트래픽 처리 방법에 관한 구성이 개시된다.
네트워크 인터페이스 카드, 고속 트래픽, 패킷, Traffic Analysis-
公开(公告)号:KR1020110071444A
公开(公告)日:2011-06-29
申请号:KR1020090128019
申请日:2009-12-21
Applicant: 한국전자통신연구원
IPC: H04L12/26
CPC classification number: H04L43/028 , G06F13/385 , H04L12/14 , H04L41/5087 , H04L41/509 , H04L43/026 , H04L45/00
Abstract: PURPOSE: A network interface card apparatus and a traffic processing method using the network interface card apparatus are provided to process the traffic on the real time without the erasure of the detailed information for the bulk traffic more than 10G. CONSTITUTION: A packet receiving part(110) receives a packet from a network. A first chip set(120) confirms the received packet. A first chip set processes the first analysis to decide whether the second analysis is processed or not. A second chip set(130) processes the second analysis for the packet in which the second analysis is required among the received packets. A packet transfer part(140) again transmits to the network the packet analyzed by the first analysis or the second.
Abstract translation: 目的:提供一种使用网络接口卡装置的网络接口卡装置和流量处理方法,用于实时处理流量,而不会擦除大于10G的批量流量的详细信息。 构成:分组接收部分(110)从网络接收分组。 第一芯片组(120)确认所接收的分组。 第一个芯片组处理第一个分析以决定是否处理第二个分析。 第二芯片组(130)处理在所接收的分组中需要进行第二次分析的分组的第二分析。 分组传送部分(140)再次向网络发送由第一分析或第二分析分析的分组。
-
公开(公告)号:KR1020110071425A
公开(公告)日:2011-06-29
申请号:KR1020090127991
申请日:2009-12-21
Applicant: 한국전자통신연구원
IPC: H04L12/26
CPC classification number: H04L43/024
Abstract: PURPOSE: A dynamic flow sampling device and a method thereof are provided to dynamically process a flow sampling for packet based on the load information and standard value. CONSTITUTION: A traffic receiver(110) receives the traffic signal. A system monitoring part(120) collects the load information for the load of Internet network. A storage(130) stores a standard value for the flow sampling. A flow sampling processor(140) processes the flow sampling for the packet having the traffic based on the load information and the standard value. A traffic transmission part(150) transmits the traffic for the packet sampled flow.
Abstract translation: 目的:提供一种动态流量采样装置及其方法,用于根据负载信息和标准值动态地处理分组的流采样。 构成:交通接收机(110)接收交通信号。 系统监视部分(120)收集因特网网络负载的负载信息。 存储器(130)存储用于流量采样的标准值。 流采样处理器(140)基于负载信息和标准值处理具有业务的分组的流采样。 业务传输部分(150)发送用于分组采样流的业务。
-
公开(公告)号:KR1020100073136A
公开(公告)日:2010-07-01
申请号:KR1020080131727
申请日:2008-12-22
Applicant: 한국전자통신연구원
CPC classification number: H04L63/1416 , G06F17/30705 , H04L63/0263
Abstract: PURPOSE: A signature clustering method based on attack signature grouping using bit-vector of hashing results is provided to reduce the time for work through rapid pattern matching using hardware. CONSTITUTION: A prime message is extracted from a packet received(S120). In case the prime message is a first message, overlapping hashing of the prime message is executed(S130,S140). A bit vector table is updated using the hash values(S150). In case the prime message is not the first message, consecutive hashing of the prime message is executed(S170). In case the hash values exist in the bit vector table, the processing result is outputted(S270).
Abstract translation: 目的:提供使用哈希结果位向量进行攻击签名分组的签名聚类方法,以减少使用硬件进行快速模式匹配的工作时间。 构成:从收到的数据包中提取一个主要消息(S120)。 在主消息是第一消息的情况下,执行主消息的重叠散列(S130,S140)。 使用散列值更新位向量表(S150)。 在主消息不是第一消息的情况下,执行主消息的连续散列(S170)。 在哈希值存在于位向量表中的情况下,输出处理结果(S270)。
-
Patent Agency Ranking
公开(公告)号:KR1020100073134A
公开(公告)日:2010-07-01
申请号:KR1020080131725
申请日:2008-12-22
Applicant: 한국전자통신연구원
CPC classification number: H04L63/123 , H04L63/1416
Abstract: PURPOSE: A character string including type determining device for signature automatic creation system and a method thereof are provided to confirm similarity and comprehensibility in a classification of document or a search engine result thereby minimizing displayed result outcome. CONSTITUTION: If input data is new data, a white list management unit(110) renews bit vector table by hash value. A data search unit(120) searches the bit vector table through the white list management unit. The data search unit searches index having appointed hash value. The data search unit traces hash value of relevant index by searching active-set index according to circumstance.
Abstract translation: 目的:提供一种字符串,其包括用于签名自动创建系统的类型确定装置及其方法,用于在文档或搜索引擎结果的分类中确认相似性和可理解性,从而最小化显示的结果结果。 构成:如果输入数据是新数据,白名单管理单元(110)通过哈希值更新位向量表。 数据搜索单元(120)通过白名单管理单元搜索比特向量表。 数据搜索单元搜索具有指定散列值的索引。 数据搜索单元根据情况通过搜索活动集索引来跟踪相关索引的哈希值。
-
公开(公告)号:KR1020040057177A
公开(公告)日:2004-07-02
申请号:KR1020020083634
申请日:2002-12-24
Applicant: 한국전자통신연구원
IPC: G06F15/00
Abstract: PURPOSE: A structure for caching a sliding window and a method for recording/analyzing the data of a network attack situation using the same are provided to monitor the situation for the event generation and the network attack in real-time by equipping with a cache entry recording an event frequency generated in a time interval on the continuous time. CONSTITUTION: In case that the network intrusion is detected, the key data having the information for the network attack situation is extracted(S10). The extracted key data is searched from the cache table by looking up a sliding window cache table storing an intrusion detecting event frequency of the network attack(S20). In the case that the matched key data is present in the lookup cache table, the intrusion detection event frequency for the network attack situation is recorded to an entry of the corresponding cache table(S80). In the case that the matched key data is not present in the lookup cache table, the intrusion detection event frequency for the network attack situation is recorded by generating a new entry of the cache table(S40).
Abstract translation: 目的:提供一种用于缓存滑动窗口的结构和使用该结构记录/分析网络攻击情况的数据的方法,通过装备缓存条目来实时监控事件生成和网络攻击的情况 记录在时间间隔内连续生成的事件频率。 构成:在检测到网络入侵的情况下,提取具有网络攻击情况的信息的密钥数据(S10)。 通过查找存储网络攻击的入侵检测事件频率的滑动窗口缓存表,从高速缓存表中搜索提取的密钥数据(S20)。 在匹配的密钥数据存在于查找缓存表中的情况下,将网络攻击情况的入侵检测事件频率记录到对应的高速缓存表的条目(S80)。 在匹配的密钥数据不存在于查找缓存表中的情况下,通过生成高速缓存表的新条目来记录网络攻击情况的入侵检测事件频率(S40)。
-
公开(公告)号:KR100422807B1
公开(公告)日:2004-03-12
申请号:KR1020010054399
申请日:2001-09-05
Applicant: 한국전자통신연구원
IPC: H04L12/22
Abstract: PURPOSE: A security gateway device for a policy-based network security control and an operating method therefor are provided to dynamically meet a cyber terror by updating a correspondence policy according to a terror type in a policy cache when the cyber terror is generated and applying the updated policy to a newly generated cyber terror. CONSTITUTION: A CPA(Cyber Patrol Agent)(201) receives a cyber terror detection signal, and transmits the received cyber terror detection signal to a CPCS(Cyber Patrol Control System)(300). A policy receiving unit(202) receives a policy corresponding to the cyber terror detection signal from the CPCS(300). A security policy engine(203) receives the policies from the policy receiving unit(202), and outputs a dynamic security policy among the policies. A QoS(Quality of Service) policy executing engine(206) receives the policies from the policy receiving unit(202), and outputs a dynamic QoS policy among the policies. A security policy cache(204) receives the dynamic security policy from the security policy engine(203), and stores the received dynamic security policy according to the type of a cyber terror by a schema unit. A policy cache(205) receives the dynamic security policy of the schema unit from the security policy cache(204), receives the dynamic QoS policy from the QoS policy executing engine(206), updates policy information, and outputs updated policy information to the policy receiving unit(202) for dynamically corresponding to the cyber terror.
Abstract translation: 目的:提供一种用于基于策略的网络安全控制的安全网关设备及其操作方法,用于在产生网络恐怖时通过根据策略高速缓存中的恐怖类型更新通信策略来动态地满足网络恐怖, 更新政策,以新产生的网络恐怖。 组成:CPA(网络巡逻代理人)(201)接收到网络恐怖探测信号,并将接收到的网络恐怖探测信号发送给CPCS(网络巡逻控制系统)(300)。 策略接收单元(202)从CPCS(300)接收与网络恐怖检测信号相对应的策略。 安全策略引擎(203)从策略接收单元(202)接收策略,并输出策略中的动态安全策略。 QoS(服务质量)策略执行引擎(206)从策略接收单元(202)接收策略,并且在策略中输出动态QoS策略。 安全策略高速缓存(204)从安全策略引擎(203)接收动态安全策略,并且通过模式单元根据网络恐怖的类型存储接收到的动态安全策略。 策略高速缓存(205)从安全策略高速缓存(204)接收模式单元的动态安全策略,从QoS策略执行引擎(206)接收动态QoS策略,更新策略信息并将更新的策略信息输出到 策略接收单元(202),用于动态对应网络恐怖。
-
公开(公告)号:KR1020030051929A
公开(公告)日:2003-06-26
申请号:KR1020010081570
申请日:2001-12-20
Applicant: 한국전자통신연구원
IPC: H04L12/22
CPC classification number: H04L63/20 , H04L63/1425 , H04L63/1441
Abstract: PURPOSE: A method for delivering a policy of a Ladon-SGS(Security Gateway System) and managing a database for alarms is provided to reflect countermeasures on the database for alarms according to types of generated terrors, and to update the countermeasures in a cache interworking with an analyzer of the Ladon-SGS, thereby rapidly processing a monitoring system as well as being applied to detecting or breaking polices. CONSTITUTION: A policy and system manager of an optional Ladon-SGS receives packet data from a Ladon-CPCS through a network(301), to discriminate the packet data with reference to breaking information(302). If the packet data are included in the breaking information, the policy and system manager provides the packet data to a breaker through a message queue(303), and the breaker breaks the packet data(304). If the packet data are not included in the breaking information, the policy and system manager abbreviates the packet data to an event and provides the event to an analyzer through the message queue(305). The analyzer stores the event in a cache(306), and analyzes the event by using an analysis function according to types(307). The analyzer reads a pattern class to check whether a 'start' state exists(308). If so, the analyzer inserts the pattern class in a stack class(309), and if not, the analyzer decides whether a state is a 'final' state(310). If so, the analyzer copes with an invasion according to a defined invasion pattern(311), and if not, the analyzer checks whether a certain time stamp passes(312). If so, the analyzer deletes the pattern class(313), and if not, the analyzer checks whether all patterns included in a corresponding thread are inspected(314). If so, the step 307 is returned, and if not, the step 308 is returned.
Abstract translation: 目的:提供一种用于提供Ladon-SGS(安全网关系统)策略和管理数据库以进行警报的方法,以根据产生的恐怖的类型反映数据库中的警报对策,并更新缓存交互中的对策 使用Ladon-SGS的分析仪,从而快速处理监控系统,并应用于检测或破坏政策。 规定:可选Ladon-SGS的策略和系统管理器通过网络(301)从Ladon-CPCS接收分组数据,以参考断开信息来区分分组数据(302)。 如果分组数据被包含在分组信息中,则策略和系统管理器通过消息队列(303)向分组数据提供分组数据,并且断路器破坏分组数据(304)。 如果分组数据不包括在分组信息中,则策略和系统管理器将分组数据缩写为事件,并通过消息队列(305)将事件提供给分析器。 分析仪将事件存储在高速缓存(306)中,并且通过使用根据类型(307)的分析功能来分析事件。 分析仪读取模式类以检查是否存在“开始”状态(308)。 如果是这样,分析器将模式类插入堆栈类(309),如果不是,分析器决定状态是否为“最终”状态(310)。 如果是这样,分析器根据定义的入侵模式(311)处理入侵,如果不是,分析器检查某个时间戳是否通过(312)。 如果是,则分析仪删除模式类(313),如果不是,则分析器检查包括在相应线程中的所有模式是否被检查(314)。 如果是,则返回步骤307,否则返回步骤308。
-
公开(公告)号:KR102088286B1
公开(公告)日:2020-03-12
申请号:KR1020130125692
申请日:2013-10-22
Applicant: 한국전자통신연구원
IPC: H04L12/851 , H04L12/801
-
-
-
-
-
-
-
-
-
Search Results
51
records
(took 0.025 seconds)
