-
公开(公告)号:KR101480905B1
公开(公告)日:2015-01-13
申请号:KR1020130113929
申请日:2013-09-25
Applicant: 한국전자통신연구원
CPC classification number: H04L63/1491 , H04L63/1475
Abstract: 인위적인 통신을 이용하여 제어 시스템의 네트워크에서 트래픽 추이 및 통신 패턴을 보호하는 장치에 관한 것이다. 일 실시예에 따르면, 그 장치는 네트워크에 설치되어 인위적인 통신을 생성하고 필터링하는 통신 단말 장치와, 그 통신 단말 장치에 현재시간에 인위적인 통신을 생성할지 여부를 결정하여 송신측 통신 단말 장치에 인위적인 통신 생성을 요청하고, 수신측 통신 단말 장치에 그 인위적인 통신을 필터링하도록 요청하는 통신 서버 장치를 포함할 수 있다.
Abstract translation: 本发明涉及一种用于保护交通趋势的装置和使用任意通信的控制系统的网络中的通信模式。 根据一个实施例,该装置包括安装在网络中以进行任意通信并进行过滤的通信终端装置; 以及通信服务器装置,通过确定当前在通信终端装置中是否生成任意通信,请求发送通信终端装置进行任意通信,并请求接收通信终端装置对任意通信进行过滤。
-
公开(公告)号:KR101446474B1
公开(公告)日:2014-10-02
申请号:KR1020130053675
申请日:2013-05-13
Applicant: 한국전자통신연구원
IPC: H04L29/08
CPC classification number: H04L61/2007 , H04L45/72 , H04L61/6022 , H04L63/0236
Abstract: The present invention relates to a communications control method using a MAC address in a smart grid environment and an apparatus thereof. The communications control method comprises the steps of: detecting the connection of a terminal by a communications control device; determining whether the terminal corresponds to a product of an authorized company based on a manufacturing company of the detected terminal; using the MAC address corresponding to the terminal to distinguish a path, if the terminal is to be applicable to the product of the authorized company; requesting a smart grid network IP address or a general net IP address according to the distinguished path to an address providing server; and controlling the communications with a network gateway according to the IP address received from the address providing server.
Abstract translation: 本发明涉及在智能电网环境中使用MAC地址的通信控制方法及其装置。 通信控制方法包括以下步骤:通过通信控制装置检测终端的连接; 确定终端是否对应于基于所检测终端的制造公司的授权公司的产品; 使用终端对应的MAC地址来区分路径,如果终端适用于授权公司的产品; 根据到地址提供服务器的识别路径请求智能网格网络IP地址或通用网络IP地址; 以及根据从地址提供服务器接收到的IP地址来控制与网络网关的通信。
-
公开(公告)号:KR101383069B1
公开(公告)日:2014-04-08
申请号:KR1020130059834
申请日:2013-05-27
Applicant: 한국전자통신연구원
CPC classification number: H04L63/1408 , H04L43/045
Abstract: The present invention relates to a device and a method for detecting network abnormality using cluster information and visually showing the detected result. For this purpose, the device for detecting network abnormality of the present invention includes: a packet collection unit for collecting packets transmitted and received in a network; a packet analysis unit for extracting predetermined attribute values of the packets, and generating attribute value vectors by vectorizing the attribute values; a grouping unit for generating a plurality of groups by grouping the attribute value vectors with predetermined size and interval; a clustering unit for generating clusters by clustering the groups; a cluster analysis unit for concluding analysis data by analyzing the clusters; and a determination unit for determining a state of the network based on the analysis data. [Reference numerals] (110) Packet collection unit; (120) Packet analysis unit; (130) Grouping unit; (140) Clustering unit; (150) Visualization unit; (160) Cluster analysis unit; (170) Determination unit
Abstract translation: 本发明涉及一种使用群集信息检测网络异常并在视觉上显示检测结果的装置和方法。 为此,本发明的网络异常检测装置包括:收集在网络中发送和接收的分组的分组收集单元; 分组分析单元,用于提取分组的预定属性值,并通过对属性值进行向量化来生成属性值向量; 分组单元,用于通过以预定大小和间隔对所述属性值向量进行分组来生成多个组; 用于通过聚类所述组来生成聚类的聚类单元; 聚类分析单元,用于通过分析聚类结束分析数据; 以及确定单元,用于基于分析数据确定网络的状态。 (附图标记)(110)分组收集单元; (120)分组分析单元; (130)分组单位; (140)聚类单元; (150)可视化单元; (160)聚类分析单元; (170)确定单位
-
公开(公告)号:KR101366771B1
公开(公告)日:2014-02-27
申请号:KR1020130055549
申请日:2013-05-16
Applicant: 한국전자통신연구원
CPC classification number: H04L63/20 , H04L63/1408
Abstract: The present invention relates to a network security apparatus and a method thereof. The network security method comprises steps of: the network security apparatus receiving network security apparatus setup information, a security policy and a log generation policy from an external device; checking whether the security policy is corresponding to a setup type; in the case that the security policy is corresponding to the setup type, monitoring whether a communication node to which the network security is applied performs a communication according to the security policy; generating a monitoring log based on the log generation policy, and checking whether the monitoring log is corresponding to a log setup type; and in the case that the log generation policy is corresponding to the log setup type, transmitting a security log generated based on the log generation policy to the external device and performing network security. [Reference numerals] (110) Management part; (115) Security policy storage part; (120) Security policy monitoring part; (130) Security detection part; (135) Monitored log storage part; (140) Log safety detection part; (150) Log transmission part; (AA) S port; (BB) A port; (CC) B port
Abstract translation: 网络安全装置及其方法技术领域本发明涉及网络安全装置及其方法。 网络安全方法包括以下步骤:网络安全设备从外部设备接收网络安全设备设置信息,安全策略和日志生成策略; 检查安全策略是否对应于安装类型; 在安全策略对应于安装类型的情况下,监视应用了网络安全的通信节点是否根据安全策略进行通信; 根据日志生成策略生成监控日志,并检查监控日志是否对应于日志设置类型; 并且在日志生成策略对应于日志设置类型的情况下,将基于日志生成策略生成的安全日志发送到外部设备并执行网络安全。 (附图标记)(110)管理部; (115)安全政策储存部分; (120)安全政策监督部分; (130)安全检测部分; (135)监测日志存储部分; (140)日志安全检测部分; (150)对数传输部分; (AA)S端口; (BB)港口; (CC)B端口
-
公开(公告)号:KR101823421B1
公开(公告)日:2018-01-31
申请号:KR1020160044163
申请日:2016-04-11
Applicant: 한국전자통신연구원
Abstract: 화이트리스트기반의네트워크보안장치및 방법이개시된다. 본발명에따른네트워크보안장치는네트워크스위치를기반으로네트워크상에서발생하는복수개의트래픽들에상응하는네트워크현황정보를수집하는네트워크수집부; 상기네트워크현황정보를기반으로네트워크관리자에의해사용이허가된자원을이용한화이트리스트를생성하는화이트리스트생성부; 상기화이트리스트에위배되는트래픽이발생한경우에상기네트워크관리자에게알람을발생하는알람발생부; 및상기네트워크관리자로부터상기트래픽에대한차단요청이수신된경우에상기네트워크스위치를통해상기트래픽의접근을차단하는네트워크보안부를포함한다.
-
Patent Agency Ranking
公开(公告)号:KR1020170041614A
公开(公告)日:2017-04-17
申请号:KR1020160044163
申请日:2016-04-11
Applicant: 한국전자통신연구원
CPC classification number: H04L63/14 , H04L41/0695 , H04L41/28 , H04L43/062 , H04L63/1416 , H04L63/1466 , H04L63/20
Abstract: 화이트리스트기반의네트워크보안장치및 방법이개시된다. 본발명에따른네트워크보안장치는네트워크스위치를기반으로네트워크상에서발생하는복수개의트래픽들에상응하는네트워크현황정보를수집하는네트워크수집부; 상기네트워크현황정보를기반으로네트워크관리자에의해사용이허가된자원을이용한화이트리스트를생성하는화이트리스트생성부; 상기화이트리스트에위배되는트래픽이발생한경우에상기네트워크관리자에게알람을발생하는알람발생부; 및상기네트워크관리자로부터상기트래픽에대한차단요청이수신된경우에상기네트워크스위치를통해상기트래픽의접근을차단하는네트워크보안부를포함한다.
Abstract translation: 公开了一种基于白名单的网络安全设备和方法。 根据本发明的网络安全设备包括网络收集器,用于基于网络交换机收集与在网络上发生的多个业务相对应的网络状态信息; 白名单生成单元,用于基于网络状态信息基于由网络管理员授权的资源生成白名单; 警报生成单元,用于当发生违反白名单的流量时向网络管理器发出警报; 以及网络安全单元,用于当从网络管理器接收到对流量的阻塞请求时阻止通过网络交换机的流量的访问。
-
公开(公告)号:KR101593171B1
公开(公告)日:2016-02-15
申请号:KR1020140065716
申请日:2014-05-30
Applicant: 한국전자통신연구원
CPC classification number: B60R16/023 , B60R25/00 , B60R25/30 , H04L9/3228 , H04L12/6418 , H04L63/04 , H04L63/067 , H04L63/0838 , H04L63/1475 , H04L63/1491 , H04L67/12 , H04L2012/40215 , H04L2012/40273 , H04L2209/84 , H04W4/046 , H04W4/48 , H04W12/02 , H04W12/12
Abstract: 본발명은차량네트워크의차량트래픽에인위적인통신데이터를삽입하여정상적인통신환경에서차량정보유출을방지하는장치및 그방법에관한것이다. 차량정보유출방지방법은차량내 모듈과다른모듈과의차량통신프로토콜을분석하는단계, 차량통신프로토콜을분석한결과를토대로차량통신프로토콜에암호화가적용되어있는지여부를판단하는단계, 차량통신프로토콜에암호화가적용되어있는지여부에따라인위적인통신데이터를생성하는방법을선택하는단계및 선택한방법에따라인위적인통신데이터를생성하고, 생성한인위적인통신데이터를다른모듈에연결되어있는차량정보유출방지장치로전달하는단계를포함한다.
-
公开(公告)号:KR101564644B1
公开(公告)日:2015-10-30
申请号:KR1020140082905
申请日:2014-07-03
Applicant: 한국전자통신연구원
CPC classification number: H04L63/101 , H04L61/6022 , H04L63/0236 , H04L63/162
Abstract: 일정기간동안의패킷들에대해 TCP 플래그(flag) 정보없이소정형식의접근제어리스트를추출하는방법및 시스템을제시한다. 제시된방법은네트워크패킷및 네트워크트래픽로그를수집하는단계, 네트워크패킷에대해맥(MAC), 아이피(IP), 및포트(Port)의정보를포함하는네트워크트래픽로그를추출하는단계, 및네트워크트래픽로그를근거로접근제어리스트를생성하는단계를포함한다.
Abstract translation: 本发明提供了一种用于提取具有预定格式的访问控制列表的方法和系统,在特定时间段内没有关于分组的TCP标志信息。 所提出的方法包括以下步骤:收集网络分组和网络流量日志; 提取包含MAC,IP和端口信息的网络日志; 以及基于所述网络流量日志生成访问控制列表。
-
公开(公告)号:KR101445765B1
公开(公告)日:2014-10-06
申请号:KR1020130077952
申请日:2013-07-03
Applicant: 한국전자통신연구원
CPC classification number: H04L63/20 , H04L43/04 , H04L63/1408
Abstract: The present invention relates to a network management apparatus and a method thereof. A network management apparatus includes a traffic control part which collects a network traffic and controls the network traffic according to a control request message corresponding to the collected network traffic, a monitoring part which monitors the network traffic according to the set first security policy and transmits the control request message to the traffic control part according to the monitoring result, and multiple security and surveillance parts which perform a security and surveillance process according to a second security policy corresponding to the network traffic.
Abstract translation: 网络管理装置及其方法技术领域本发明涉及网络管理装置及其方法。 网络管理装置包括:流量控制部,其收集网络流量,并根据与所收集的网络流量对应的控制请求消息来控制网络流量;监视部,其根据所设定的第一安全策略监视网络流量, 根据监控结果向流量控制部分提供控制请求消息,以及根据对应于网络流量的第二安全策略执行安全和监视过程的多个安全和监视部分。
-
-
-
-
-
-
-
-
-
Search Results
24
records
(took 0.022 seconds)
