-
公开(公告)号:KR1020110119918A
公开(公告)日:2011-11-03
申请号:KR1020100039335
申请日:2010-04-28
Applicant: 한국전자통신연구원
CPC classification number: G06F21/566
Abstract: PURPOSE: A malignant code in which is hided in a normal process detection apparatus using virtual environment, system, and method thereof are provided to effectively counteract malignant codes by detecting the changed code of the detected malignant code. CONSTITUTION: A malignant code detection module(210) distinguishes codes in which are related to thread by extracting information about the thread in which is created from a process. The malignant code detection module extracts the distinguished malignant code by distinguishing the malignant code. A malignant code termination module(220) terminates the execution of the code and determines the malignant code based on an analysis result. The analysis result is created by analyzing the extracted code in virtual environment.
Abstract translation: 目的:提供使用虚拟环境,系统及其方法的正常过程检测装置中隐藏的恶性代码,以通过检测检测到的恶性代码的改变的代码来有效地抵消恶性代码。 构成:恶性代码检测模块(210)通过提取关于从进程创建的线程的信息来区分与线程相关的代码。 恶性代码检测模块通过区分恶性代码来提取恶性代码。 恶性代码终止模块(220)终止代码的执行并基于分析结果确定恶性代码。 分析结果是通过分析虚拟环境中提取的代码来创建的。
-
公开(公告)号:KR1020090003034A
公开(公告)日:2009-01-09
申请号:KR1020070069229
申请日:2007-07-10
Applicant: 한국전자통신연구원
IPC: G06Q10/06
CPC classification number: G06Q10/063
Abstract: An information asset identifying and evaluating method is provided to suggest a quantitative evaluation standard for asset value evaluation, asset analysis and asset evaluation to provide an effective and objective asset evaluation method and establish a formula for asset value evaluation and asset analysis to secure objectivity. An information asset identifying and evaluating method includes a step(S100) of detecting constitution forms of information assets in a list, a step(S110) of calculating asset value through a quantitative evaluation standard for each information asset, and a step(S120) of determining priority of major assets through the quantitative asset evaluation result and listing the major assets.
Abstract translation: 提供信息资产识别和评估方法,提出资产评估,资产分析和资产评估的定量评价标准,提供有效客观的资产评估方法,建立资产评估和资产分析方案,确保客观性。 信息资产识别和评估方法包括:检测列表中的信息资产的构成形式的步骤(S100);通过每个信息资产的定量评估标准计算资产值的步骤(S110);以及步骤(S120) 通过量化资产评估结果确定重大资产重点,列出重大资产。
-
公开(公告)号:KR1020030088300A
公开(公告)日:2003-11-19
申请号:KR1020020026405
申请日:2002-05-14
Applicant: 한국전자통신연구원
IPC: H04L12/22
CPC classification number: H04L63/1433 , H04L63/1441
Abstract: PURPOSE: A system for analyzing vulnerability of a network is provided to consist of vulnerability analysis agents and a vulnerability analysis manager, and to analyze vulnerability detection results under network environment, then to manage a vulnerability detection code, thereby efficiently analyzing the detection results. CONSTITUTION: Vulnerability analysis agents(11) check an internal network of a vulnerability analysis-targeted network(100). A firewall unit(12) receives results from each agent(11), and analyzes the received results. A vulnerability analysis manager(200) detects vulnerability on DMZ(De-Militarized Zones)(13). A security protocol(300) is used for communication between the agents(11) and the manager(200). The vulnerability analysis agents(11) bring out recent vulnerability lists from the manager(200), and check vulnerability based on the network for a host designated by a private network(14). The manager(200) receives checked results through the network from the agents(11), and analyzes the results to report the results.
Abstract translation: 目的:提供一种分析网络漏洞的系统,由漏洞分析代理和漏洞分析管理器组成,分析网络环境下的漏洞检测结果,管理漏洞检测码,从而有效分析检测结果。 构成:脆弱性分析代理(11)检查一个内部网络的漏洞分析目标网络(100)。 防火墙单元(12)从每个代理(11)接收结果,并分析接收到的结果。 漏洞分析经理(200)检测DMZ(非军事区)的脆弱性(13)。 安全协议(300)用于代理(11)和管理器(200)之间的通信。 漏洞分析代理(11)从管理器(200)中输出最近的漏洞列表,并根据专用网络指定的主机(14)检查基于网络的漏洞。 管理者(200)通过网络从代理(11)接收检查结果,并分析结果以报告结果。
-
公开(公告)号:KR100902116B1
公开(公告)日:2009-06-09
申请号:KR1020070069229
申请日:2007-07-10
Applicant: 한국전자통신연구원
IPC: G06Q10/06
Abstract: 본 발명은 자산 가치 평가, 자산분석, 자산 평가에 대한 정량적인 평가기준을 제시하여 객관적인 자산 평가가 가능하도록 하는 정보 자산 식별 및 평가 방법에 관한 것으로, 본 발명의 정보 자산 평가 식별 및 평가 방법은, 조직의 핵심업무 지원을 위한 목록화된 정보 자산의 구성형태를 파악하는 자산 식별 단계와; 상기 정보 자산별 정량적인 평가기준을 통한 자산가치 산정을 수행하는 자산 가치 산정 단계와; 상기 자산 가치 산정 단계에서의 자산가치 산정 후, 정량화된 자산 평가결과를 통하여 주요자산의 우선 순위를 결정하고 목록화하는 자산 평가 수행 단계를 포함하여 구성되며, 실제 위험분석에 적용가능하다.
정보보호, 자산가치 산정, 자산식별, 자산분석, 위험분석
-
-
-
Search Results
14
records
(took 0.02 seconds)
