公开(公告)号：KR101538374B1

公开(公告)日：2015-07-22

申请号：KR1020110103255

申请日：2011-10-10

Applicant: 한국전자통신연구원

Inventor： 임선희

IPC: G06F21/30 ,  H04L12/22 ,  H04L12/26

Abstract: 본발명에따른사이버위협사전예측장치는, DNS 트래픽을분석하여 C&C 서버로의심되는도메인주소를추출하는 DNS 기반 C&C 서버탐지부; 네트워크트래픽을분석하여상기 C&C 서버에접속하는좀비 PC들의 IP 주소를검출하고좀비 PC들의정보를탐지하는네트워크기반비정상탐지부; 및상기좀비 PC들의정보를기반으로사이버위협상황을예측하는사이버위협예측부를포함하는것을특징으로한다.

公开(公告)号：KR1020140035655A

公开(公告)日：2014-03-24

申请号：KR1020120102177

申请日：2012-09-14

Applicant: 한국전자통신연구원

Inventor： 서대희 ,  이성원 ,  임선희 ,  김기영 ,  김종현 ,  이병길

IPC: G06F21/00

Abstract: The present invention relates to an apparatus and method for the multi-analysis of a file for tracking an attack source and a spread site in real time. The present invention is technology to analyze a corresponding file by selectively applying a real-time analysis method or a cooperation analysis method for tracking the attack source and the spread site with regard to a harmful file among files loaded on a file sharing site. [Reference numerals] (100) File uploader; (200) File sharing server; (300) Attack tracking unit; (400) File posting unit; (500) Reputation analysis unit

Abstract translation: 本发明涉及用于实时跟踪攻击源和扩散站点的文件的多重分析的装置和方法。 本发明是通过选择性地应用用于跟踪文件共享站点上的文件中的有害文件的跟踪攻击源和扩散站点的实时分析方法或协作分析方法来分析对应文件的技术。 （附图标记）（100）文件上传器; （200）文件共享服务器; （300）攻击跟踪单位; （400）文件发布单元; （500）声望分析单位

公开(公告)号：KR1020130058813A

公开(公告)日：2013-06-05

申请号：KR1020110124760

申请日：2011-11-28

Applicant: 한국전자통신연구원

Inventor： 안개일 ,  서대희 ,  김종현 ,  임선희 ,  이성원 ,  김기영 ,  서동일

IPC: G06F21/00

CPC classification number: H04L63/0407 ,  G06F21/6245 ,  G06F21/6254 ,  G06F21/6263 ,  H04L63/1441 ,  G06F21/00

Abstract: PURPOSE: An agent device for sharing security information based an anonymous identifier among security management domains and a method thereof are provided to share security information based on an identifier based on hash, thereby preventing leakage of personal information included in the security information. CONSTITUTION: An identifier conversion unit(220) converts a real name identifier included in security information into an anonymous identifier and converts security information based on the real name identifier into security information based on the anonymous identifier. A security information communication unit(240) transmits the security information based on the anonymous identifier to the outside of a security management domain in order that security management domains share the security information. The identifier conversion unit converts the real name identifier included in the security information into a hash identifier which is the anonymous identifier by using a one-way hash function. [Reference numerals] (210) Security information providing unit; (220) Identifier conversion unit; (230) Identifier mapping information storage unit; (242) Security information transmitting unit; (244) Security analyzing information receiving unit; (250) Security analyzing information processing unit; (312) Security information receiving unit; (314) Security analyzing information transmitting unit; (320) Identifier reference storage unit; (330) Security information analyzing unit; (340) Reception agent device determination unit; (AA) Anonymous based security information; (BB) Anonymous based security information analyzing result

Abstract translation: 目的：提供一种用于在安全管理域之间基于匿名标识符共享安全信息的代理装置及其方法，用于基于散列来分配基于标识符的安全信息，从而防止安全信息中包含的个人信息的泄漏。 构成：标识符转换单元（220）将安全信息中包含的真实姓名标识符转换为匿名标识符，并且基于匿名标识符将基于真实姓名标识符的安全信息转换成安全信息。 安全信息通信单元（240）将安全信息基于匿名标识符发送到安全管理域的外部，以便安全管理域共享安全信息。 标识符转换单元通过使用单向散列函数将包括在安全信息中的实名标识符转换为匿名标识符的散列标识符。 （附图标记）（210）安全信息提供单元; （220）标识符转换单元; （230）标识符映射信息存储单元; （242）安全信息发送单元; （244）安全分析信息接收单元; （250）安全分析信息处理单元; （312）安全信息接收单元; （314）安全分析信息发送单元; （320）标识符参考存储单元; （330）安全信息分析单元; （340）接收代理设备确定单元; （AA）基于匿名的安全信息; （BB）基于匿名的安全信息分析结果

公开(公告)号：KR1020120070771A

公开(公告)日：2012-07-02

申请号：KR1020100132217

申请日：2010-12-22

Applicant: 한국전자통신연구원

Inventor： 임선희 ,  안개일 ,  이성원 ,  김기영 ,  김종현 ,  서동일

IPC: H04L12/22 ,  G06F21/57

CPC classification number: G06F21/577

Abstract: PURPOSE: An apparatus and a method for quantitative security policy evaluation are provided to quantitatively evaluate a security polity on a heterogeneous network through a quantitative evaluation model. CONSTITUTION: A security policy analyzing unit(102) analyzes a security policy of a network. An estimation reference defining unit(104) defines an evaluation standard. An estimation result calculating unit(106) calculates an evaluation result of each security component. A weight calculating unit(108) groups the security components according to a security function. A quantitative estimating unit(110) estimates a security polity of each group.

Abstract translation: 目的：提供定量安全策略评估的设备和方法，通过定量评估模型定量评估异构网络上的安全策略。 构成：安全策略分析单元（102）分析网络的安全策略。 估计参考定义单元（104）定义评估标准。 估计结果计算单元（106）计算每个安全组件的评估结果。 权重计算单元（108）根据安全功能对安全组件进行分组。 定量估计单元（110）估计每个组的安全性。

公开(公告)号：KR1020070061311A

公开(公告)日：2007-06-13

申请号：KR1020060092051

申请日：2006-09-22

Applicant: 한국전자통신연구원

Inventor： 김기홍 ,  김홍기 ,  임선희 ,  김종성 ,  손욱호

IPC: A61B5/0484

Abstract: A system and a method for recognizing stress through analysis of a brain wave and relaxing the stress using music is provided to reliably seize a state or level of the stress using feature information obtained from the brain wave. A brain wave detecting unit(100) detects a brain wave using plural sensors, and transmits the detected brain wave. A stress recognizing unit(200) analyzers brain wave data transmitted from the brain wave detecting unit to extract feature information, and analyzes the extracted feature information to measure intensity of stress. An output unit(300) outputs music if the stress measured by the stress recognizing unit exceeds a predetermined intensity.

Abstract translation: 提供了通过分析脑波并通过音乐来缓解压力来识别压力的系统和方法，以使用从脑电波获得的特征信息可靠地抓住状态或应力水平。 脑波检测单元（100）使用多个传感器检测脑波，并发送检测到的脑波。 应力识别单元（200）分析从脑电波检测单元发送的脑波数据，提取特征信息，分析提取出的特征信息来测量应力强度。 如果由应力识别单元测量的应力超过预定强度，则输出单元（300）输出音乐。

公开(公告)号：KR1020060040001A

公开(公告)日：2006-05-10

申请号：KR1020040089167

申请日：2004-11-04

Applicant: 한국전자통신연구원

Inventor： 김건우 ,  임선희 ,  이상수 ,  김기현 ,  김정녀 ,  장종수

IPC: H04L9/32 ,  H04L9/08 ,  H04L9/28 ,  H04L29/06

CPC classification number: H04L63/04 ,  H04L63/061

Abstract: 본 발명에 의한 투명성을 보장하는 전송 계층에서의 보안 제공 방법 및 그 장치는, 어플리케이션 프로그램으로부터 데이터 패킷을 수신한 후 상기 데이터 패킷에 해당하는 키 정보를 검색하는 단계; 상기 검색이 실패하면, 어플리케이션 계층에 상주하는 키 교환 모듈에 새로운 키를 협상할 것을 요청하고 대기하는 단계; 및 상기 키 교환 모듈이 새롭게 협상된 키 정보를 커널에 저장하면, 이를 기반으로 암호 및 복호를 수행하는 단계;를 포함하는 것을 특징으로 하며 커널 내의 전송 계층에서 데이터 패킷에 대한 암호/복호를 수행함으로써 어플리케이션 프로그램에 보안 투명성을 제공하고, 용이한 확장성과 효율적으로 제어할 수 있는 구조를 제공한다.
전송 계층 보안, 전송계층보안(Transport Layer Security), 커널(kernel), Secure Socket Layer(SSL), 투명성(Transparency)