-
公开(公告)号:KR101587161B1
公开(公告)日:2016-01-20
申请号:KR1020140116875
申请日:2014-09-03
Applicant: 한국전자통신연구원
CPC classification number: H04L63/1416 , H04L29/06877 , H04L29/06884 , H04L63/101 , H04L12/22
Abstract: 보호대상네트워크에서전송파일에대한실시간안티바이러스검사및 악성파일전송트래픽차단을네트워크상에서고속으로수행하는실시간네트워크안티바이러스수행장치및 방법을제시한다. 제시된장치는입력된패킷을파싱하여전송데이터스트림을출력하는패킷처리부, 전송데이터스트림의체크섬을매 패킷마다계산하되전송데이터스트림의마지막패킷이입력되면전송데이터스트림이포함하는시그니처를출력하는패킷별체크섬계산부, 시그니처를기반으로바이러스스캐닝을수행하는고속바이러스스캐닝부, 고속바이러스스캐닝부의결과를근거로입력된패킷을차단하거나목적지로전송하는탐지및 차단부, 및탐지및 차단부의결과를근거로차단리스트를업데이트하는캐싱부를포함한다.
Abstract translation: 公开了一种实时网络防病毒操作执行装置,其对保护目标网络中的发送文件执行实时防病毒测试,并以高速阻止网络上的恶意文件流量及其方法。 实时网络防病毒操作执行装置包括:分组处理单元,用于解析输入分组以输出传输数据流; 分组校验和计算单元,用于计算每个分组的传输数据流的校验和,并且如果输入了传输数据流的最后一个分组,则输出包括在传输数据流中的签名; 用于基于签名扫描病毒的高速病毒扫描单元; 检测和阻断单元,用于基于所述高速病毒扫描单元的结果阻止所述输入分组或将所述输入分组发送到目的地; 以及缓存单元,用于基于检测和阻止单元的结果来更新阻止列表。
-
公开(公告)号:KR101521808B1
公开(公告)日:2015-05-20
申请号:KR1020140019822
申请日:2014-02-20
Applicant: 한국전자통신연구원
CPC classification number: H04L63/08 , H04L63/205 , H04L9/00 , H04L9/088
Abstract: 사용자가클라우드서비스내부와외부간에전송하는데이터에대해서사용자위치, 사용자단말, 시간등의다양한상황정보에따라원격사용자단말과클라우드서비스간의데이터전송을통제할수 있도록하는클라우드환경에서의상황인지형보안통제장치, 방법, 및시스템을제시한다. 제시된장치는입력받은사용자의상황정보와키를근거로인증헤더를생성하고생성된인증헤더를원격사용자단말기로부터의패킷데이터의인증헤더와비교하여결과를출력하는인증헤더검사부, 및인증헤더검사부의결과에따라클라우드서비스네트워크의클라우드서버로부터의패킷데이터에대한전송, 변조, 폐기중에서하나를수행하는패킷데이터처리부를포함한다.
Abstract translation: 云环境中的上下文感知安全控制装置,方法和系统,其中,关于在云服务的内部和外部之间传输的数据,用户根据各种环境信息控制远程用户终端和云服务之间的数据传输, 作为用户位置,公开了用户终端,时间等。 该装置包括:认证报头检查单元,用于基于接收的用户环境信息和密钥生成认证报头,将生成的认证报头与来自远程用户终端的分组数据的认证报头进行比较,并输出比较结果; 以及分组数据处理单元,用于根据来自认证报头检查单元的比较结果,执行从云服务网络中的云服务器发送,调制和丢弃分组数据之一。
-
Patent Agency Ranking
公开(公告)号:KR1020120116730A
公开(公告)日:2012-10-23
申请号:KR1020110034360
申请日:2011-04-13
Applicant: 한국전자통신연구원
CPC classification number: H04L63/1458 , H04L63/1425
Abstract: PURPOSE: An apparatus and method for defending a distribution service attack in a mobile terminal are provided to defend a distribution service attack by monitoring network data transmitted from the outside to a mobile terminal. CONSTITUTION: A monitoring unit(130) monitors all network data transmitted from the outside to a mobile terminal according to the current mode of the mobile terminal. A transmission state query unit(140) queries whether network data is transmitted to the outside according to a monitoring result to a user. The monitoring unit selects a first monitoring mode or a second monitoring mode. The monitoring unit monitors the network data. [Reference numerals] (110) Mode sensing unit; (120) Critical file management unit; (130) Monitoring unit; (140) Transmission state query unit
Abstract translation: 目的:提供一种用于保护移动终端中的分发服务攻击的装置和方法,用于通过监视从外部向移动终端发送的网络数据来保护分发服务攻击。 构成:根据移动终端的当前模式,监视单元(130)监视从外部向移动终端发送的所有网络数据。 传输状态查询单元(140)根据对用户的监视结果来查询网络数据是否被发送到外部。 监视单元选择第一监视模式或第二监视模式。 监控单元监控网络数据。 (附图标记)(110)模式感测单元; (120)关键文件管理单元; (130)监控单元; (140)传输状态查询单元
-
公开(公告)号:KR101086451B1
公开(公告)日:2011-11-25
申请号:KR1020110087435
申请日:2011-08-30
Applicant: 한국전자통신연구원
CPC classification number: H04L63/1483 , G06F21/645 , G06F2221/2119
Abstract: PURPOSE: An apparatus and method for defending a modulation of a client screen is provided to prevent the transformation of a client screen due to a web injection attack and a memory hacking attack by offering a dynamically created random web to the client. CONSTITUTION: A random web generator(230) changes the same web page into a random URI(Uniform Resource Identifier) by the requests of clients, creates different random web sources, and supplies the random web sources to the clients. A web modification determiner(250) determines the screen modification of the random web sources by comparing the generated web source ID value about the random web source and the generated web source ID value.
Abstract translation: 目的:提供一种用于保护客户端屏幕的调制的装置和方法,以通过向客户端提供动态创建的随机web来防止由于web注入攻击和存储器黑客攻击而导致的客户端屏幕的转换。 构成:随机网页生成器(230)通过客户端的请求将同一网页更改为随机URI(统一资源标识符),创建不同的随机Web源,并将随机Web源提供给客户端。 web修改确定器(250)通过比较生成的关于随机web源的Web源ID值和生成的web源ID值来确定随机Web源的屏幕修改。
-
公开(公告)号:KR1020080047248A
公开(公告)日:2008-05-28
申请号:KR1020070066157
申请日:2007-07-02
Applicant: 한국전자통신연구원
Abstract: A device and a method for testing security of RPC(Remote Procedure Call)-based software in a remote place are provided to perform a remote security test for the RPC-based software efficiently, and standardize and automatically process a series of procedures causing exceptional errors in target software. A testing target selecting module(110) determines a target service/function. An RPC interface module(120) interfaces communication with the selected service/function. A function calling/analyzing module(130) subdivides entire packet by filtering/dividing the received service/function into a part calling a service function and a network communication part setting connection needed for calling the function, and analyzing procedure/setting of a protocol set and individual protocols needed for setting the connection with a server. A communication protocol implementing module(140) modularizes and implements a network communication protocol part for transferring an RPC function call. A security testing module(150) tests security of parameter transferred when the function is called. A result analyzing module(160) analyzes a security test result by testing the security of the RPC-based software of a remote computer and collecting the packets. A testing module(170) transfers massages to a service providing function as many as possible to check over whether a service for specific input is stably operated.
Abstract translation: 提供了一种用于测试远程RPC(远程过程调用)软件的安全性的设备和方法,用于对基于RPC的软件进行有效的远程安全测试,并标准化并自动处理一系列导致异常错误的过程 在目标软件中。 测试目标选择模块(110)确定目标服务/功能。 RPC接口模块(120)与所选择的服务/功能接口通信。 功能调用/分析模块(130)通过将接收到的服务/功能过滤/分割成调用服务功能的部分和调用功能所需的网络通信部分设置连接来分解整个分组,并且分析协议集的过程/设置 以及设置与服务器的连接所需的各种协议。 通信协议实现模块(140)模块化并实现用于传送RPC功能调用的网络通信协议部分。 当调用函数时,安全测试模块(150)测试传输的参数的安全性。 结果分析模块(160)通过测试远程计算机的基于RPC的软件的安全性并收集数据包来分析安全测试结果。 测试模块(170)将按摩量尽可能多地传送到服务提供功能,以检查特定输入的服务是否稳定地运行。
-
公开(公告)号:KR1020080042659A
公开(公告)日:2008-05-15
申请号:KR1020070058329
申请日:2007-06-14
Applicant: 한국전자통신연구원
Abstract: An automatic system for detecting fault from software by using a file including software fault generation data and a method thereof are provided to detect the fault from the software by using the file including the software fault generation data, which is formed to reduce fault processed by a system fault mechanism by considering a format of a target file. A normal file generating module(300) automatically generates a normal file(305-2), which is received as input by target software, by using a testing option(301). A fault file generating module(400) automatically generates a fault generation file(501) by inserting fault data generating software fault for the normal file into the normal file. A result analyzing module(600) monitors abnormality when the file is executed by a fault file executing module(500), and analyzes causes of the abnormality and outputs an analysis result when the abnormality occurs. The normal file generating module includes an automatic file generator automatically generating the normal file by calling a function for processing a target file format through an API(Application Program Interface)(303) or a COM(Common Object Module)(304) based on the testing option.
Abstract translation: 提供一种用于通过使用包括软件故障产生数据的文件及其方法的软件来检测软件故障的自动系统,以通过使用包括软件故障生成数据的文件来检测来自软件的故障,该文件被形成为减少由 考虑目标文件格式的系统故障机制。 正常文件生成模块(300)通过使用测试选项(301)自动生成作为目标软件的输入接收的正常文件(305-2)。 故障文件生成模块(400)通过将正常文件的故障数据生成软件故障插入正常文件来自动生成故障生成文件(501)。 结果分析模块(600)通过故障文件执行模块(500)执行文件时监视异常,分析异常的原因,并在发生异常时输出分析结果。 正常文件生成模块包括自动文件生成器,通过API(应用程序接口)(303)或COM(公共对象模块)(304),通过调用用于处理目标文件格式的功能来自动生成正常文件 测试选项。
-
公开(公告)号:KR1020030088300A
公开(公告)日:2003-11-19
申请号:KR1020020026405
申请日:2002-05-14
Applicant: 한국전자통신연구원
IPC: H04L12/22
CPC classification number: H04L63/1433 , H04L63/1441
Abstract: PURPOSE: A system for analyzing vulnerability of a network is provided to consist of vulnerability analysis agents and a vulnerability analysis manager, and to analyze vulnerability detection results under network environment, then to manage a vulnerability detection code, thereby efficiently analyzing the detection results. CONSTITUTION: Vulnerability analysis agents(11) check an internal network of a vulnerability analysis-targeted network(100). A firewall unit(12) receives results from each agent(11), and analyzes the received results. A vulnerability analysis manager(200) detects vulnerability on DMZ(De-Militarized Zones)(13). A security protocol(300) is used for communication between the agents(11) and the manager(200). The vulnerability analysis agents(11) bring out recent vulnerability lists from the manager(200), and check vulnerability based on the network for a host designated by a private network(14). The manager(200) receives checked results through the network from the agents(11), and analyzes the results to report the results.
Abstract translation: 目的:提供一种分析网络漏洞的系统,由漏洞分析代理和漏洞分析管理器组成,分析网络环境下的漏洞检测结果,管理漏洞检测码,从而有效分析检测结果。 构成:脆弱性分析代理(11)检查一个内部网络的漏洞分析目标网络(100)。 防火墙单元(12)从每个代理(11)接收结果,并分析接收到的结果。 漏洞分析经理(200)检测DMZ(非军事区)的脆弱性(13)。 安全协议(300)用于代理(11)和管理器(200)之间的通信。 漏洞分析代理(11)从管理器(200)中输出最近的漏洞列表,并根据专用网络指定的主机(14)检查基于网络的漏洞。 管理者(200)通过网络从代理(11)接收检查结果,并分析结果以报告结果。
-
-
-
-
-
-
Search Results
37
records
(took 0.028 seconds)
