专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

71. 发明公开

KR1020120111689A ＡＬＥ 서비스 가상화 방법 无效
标题翻译： ALE服务虚拟化的方法
公开(公告)号：KR1020120111689A
公开(公告)日：2012-10-10
申请号：KR1020110030330
申请日：2011-04-01
申请人： 한국전자통신연구원
发明人： 이호성 , 오세원 , 방효찬 , 김선진 , 황재각
IPC分类号： G06F15/16
摘要： PURPOSE: A virtual ALE service method is provided to control an ALE service resource which is individually constructed through an integrated interface. CONSTITUTION: An ALE spec processing request is received from one or more ALE(Application Level Event) clients(301). An ALE service resource processing the received ALE spec is searched(302). An ALE spec distribution rule is setup(303). The ALE spec request is transmitted to the ALE service resource(304). An ALE report is received from each ALE service resource(305). [Reference numerals] (301) Receiving an ALE spec process request; (302) Searching for an ALE service resource; (303) Setting up an ALE spec distribution rule; (304) Distributing an ALE spec; (305) Receiving an individual ALE report; (306) Merging an individual ALE report; (307) Transmitting the merged ALE report; (AA) Start; (BB) End
摘要翻译：目的：提供虚拟ALE服务方法来控制通过集成接口单独构建的ALE服务资源。规定：从一个或多个ALE（应用程序级别事件）客户端（301）接收ALE规范处理请求。搜索处理接收到的ALE规范的ALE服务资源（302）。设置ALE规范分发规则（303）。 ALE规范请求被发送到ALE服务资源（304）。从每个ALE服务资源（305）收到ALE报告。（附图标记）（301）接收ALE规格处理请求; （302）搜索ALE服务资源; （303）设置ALE规范分发规则; （304）分发ALE规范; （305）接收个人ALE报告; （306）合并单独的ALE报告; （307）传输合并的ALE报告; （AA）开始; （BB）结束

72. 发明授权

KR100915229B1 이동 궤적 패턴 제공 방법 有权
标题翻译：移动轨迹图提供方法
公开(公告)号：KR100915229B1
公开(公告)日：2009-09-02
申请号：KR1020080017468
申请日：2008-02-26
申请人： 한국전자통신연구원
发明人： 이용준 , 방효찬 , 박종현
IPC分类号： G06F19/00 , G06K17/00
摘要： 본 발명은 RFID(Radio Frequency Identification) 데이터 스트림(Data Stream)을 이용하여 RFID 태그(Tag)가 부착된 객체들의 이동 궤적 패턴(Moving Trajectory Patterns)을 탐사(Mining)하고 표현(Representation)하도록 한 이동 궤적 패턴 제공 방법에 관한 것으로, 이동 객체에 대한 이동 궤적 패턴을 제공하는 방법에 있어서, RFID 태그를 부착한 이동 객체의 경로에 대해 연속적인 스트림 형태로 데이터를 로딩하는 단계, 슬라이딩 윈도우마다 빈발한 이동 궤적 패턴을 탐사하여 발견된 이동 궤적 패턴을 데이터베이스에 저장하는 단계, 그리고 사용자에 의한 질의가 있는 경우, 사용자의 질의에 대응하는 이동 궤적 패턴을 판독하여 표현하는 단계를 포함하도록 함으로써, 단일 패스로 패턴 탐사가 가능하며, 객체의 순차, 반복, 주기 패턴에 대해 그래프의 교점과 연결선으로 다양하게 표현 가능하며, 객체 행위 인식에 용이하다.

73. 发明授权

KR100862194B1 침해사건 공유 장치 및 방법, 그리고 이를 포함하는네트워크 보안 시스템 失效
标题翻译：共享侵权事故的装置和方法以及包含IT的网络安全系统
公开(公告)号：KR100862194B1
公开(公告)日：2008-10-09
申请号：KR1020070034102
申请日：2007-04-06
申请人： 한국전자통신연구원
发明人： 김현주 , 장범환 , 이수형 , 김건량 , 방효찬 , 손선경 , 정치윤 , 김종현 , 박원주 , 유종호 , 나중찬 , 장종수 , 손승원
IPC分类号： G06F11/00 , G06F21/00
摘要： A device and a method for sharing infringement accident information, and a network security system including the same are provided to enable domains included in the network security system to share the information related to infringement accidents occurring in the network security system by using a standardized Internet format and transfer protocol. A controller(111) which comprises a reporting unit(111-1), a reporting analyzing unit(111-2), a tracking request unit(111-3) and a tracking execution unit(111-4) controls operation of a security management device by detecting an infringement accident occurring in managed domains, and generating infringement accident information including a trust level of the managed domain, a seriousness level of the infringement accident, and priority of management actions, or analyzing the infringement accident information received from external domains. A message converter(112) generates a message by encoding the infringement accident information and extracts the infringement accident information by decoding the message received from the external domains based on an IODEF(Incident Objection Description Exchange Format)/RID(Real-Time Inter-network Defense) data format. A message transceiver(113) transceives the message with the external domains by using SOAP(Simple Object Application Protocol)/HTTPS(HyperText Transfer Protocol over Secure socket level).
摘要翻译：提供了一种共享侵权事故信息的装置和方法，以及包括该网络安全系统的网络安全系统，以使网络安全系统中包含的域能够通过使用标准的因特网格式共享与网络安全系统中发生的侵权事故相关的信息和传输协议。一种控制器（111），包括报告单元（111-1），报告分析单元（111-2），跟踪请求单元（111-3）和跟踪执行单元（111-4）控制安全性通过检测管理域中发生的侵权事故，产生管理域的信任级别，侵权事故的严重程度，管理行为的优先级，或分析从外部域收到的侵权事故信息的侵权事故信息，管理设备。消息转换器（112）通过对侵权事件信息进行编码来生成消息，并且通过根据IODEF（事件异常描述交换格式）/ RID（实时网络间）解码从外部域接收到的消息来提取侵权事件信息防御）数据格式。消息收发器（113）通过使用SOAP（简单对象应用协议）/ HTTPS（通过安全套接字级别的超文本传输协议）来收发与外部域的消息。

74. 发明公开

KR1020080040921A 대규모 네트워크에서의 보안 관리 방법 및 장치 失效
标题翻译：用于管理大型网络环境中的安全性的方法和装置
公开(公告)号：KR1020080040921A
公开(公告)日：2008-05-09
申请号：KR1020060108893
申请日：2006-11-06
申请人： 한국전자통신연구원
发明人： 방효찬 , 김동영 , 나중찬 , 장범환 , 김건량 , 손선경 , 김종현 , 정치윤 , 유종호 , 이수형 , 김현주 , 박원주 , 장종수
IPC分类号： G06F15/00 , G06F17/00
摘要： A method and an apparatus for managing security in large network environment are provided to detect an attack pattern of a network by classifying traffic information depending on a flow having the same characteristic, and to recognize attack situation by analyzing the statistical information. An apparatus for managing security is made up of a traffic receiver(110), a traffic classifier(120), a traffic analyzer(130) and an external interface(140). The traffic receiver collects traffic information(Net flow) from all router which are scattered in a large network in real time. The traffic classifier comprises multi hash table having a stratified structure, and stores the traffic information as traffic statistics information by classifying the traffic information into each flow group. The traffic analyzer receives the traffic statistics information, detects flows which show abnormal indication, and recognizes attack situation. The external interface notifies the present security situation to the outside according to the notified attack situation.
摘要翻译：提供一种用于管理大型网络环境中的安全性的方法和装置，用于通过根据具有相同特征的流分类业务信息来检测网络的攻击模式，并通过分析统计信息来识别攻击情况。用于管理安全性的装置由业务接收器（110），业务分类器（120），业务分析器（130）和外部接口（140）组成。流量接收方从实时分散在大型网络中的所有路由器收集流量信息（Net Flow）。流分类器包括具有分层结构的多哈希表，并将流量信息作为流量统计信息存储，将流量信息分类到每个流组中。流量分析仪接收流量统计信息，检测出异常指示的流量，识别攻击情况。外部接口根据通知的攻击情况将当前的安全情况通知给外界。

75. 发明公开

KR1020070035918A 플로우-사각형 또는 플로우-시계를 이용한 네트워크 상태표시 장치 및 그 방법 有权
标题翻译：通过使用流动四边形或流动时钟可视化网络状态的方法及其方法
公开(公告)号：KR1020070035918A
公开(公告)日：2007-04-02
申请号：KR1020050116586
申请日：2005-12-01
申请人： 한국전자통신연구원
发明人： 장범환 , 나중찬 , 김건량 , 김동영 , 김진오 , 김현주 , 방효찬 , 이수형 , 손선경 , 장종수 , 손승원
IPC分类号： H04L12/24 , H04L12/26
CPC分类号： H04B7/2606 , H04W16/26 , H04W40/22 , H04W48/08 , H04W76/10
摘要： An apparatus and method for transmitting relay station (RS) type information in a multi-hop relay cellular communication system are provided. In the RS type information providing method, an RS transmits a message including information about RS's type to an MS. The MS acquires the RS type information from the message and performs an initial connection procedure with the RS based on the RS type information.

76. 发明授权

KR100617312B1 정책기반 네트워크 시스템에서의 정책 분배 방법 失效
标题翻译：基于策略的网络系统中策略分配的方法
公开(公告)号：KR100617312B1
公开(公告)日：2006-08-30
申请号：KR1020040091567
申请日：2004-11-10
申请人： 한국전자통신연구원
发明人： 김건량 , 김진오 , 방효찬 , 나중찬 , 장종수
IPC分类号： G06F17/00 , G06F15/00
摘要： 본 발명에 의한 정책서버의 정책 분배 방법은 정책서버와 정책 클라이언트를 포함하는 정책 기반 네트워크상에서 상기 정책 클라이언트의 정책 요청에 따라 정책 클라이언트에게 정책 분배를 하는 방법에 있어서, 정책클라이언트로부터 롤(role)과 캐퍼빌리티(capability)정보를 포함하는 정책 요청을 수신하는 단계; 및 상기 정책 요청에 부응하여 정책을 결정한 후 PIB(Policy Information Base)로 변환하여 상기 정책클라이언트로 송신하는 단계;를 포함하는 것을 특징으로 하며, 복잡하고 대규모화되는 네트워크나 네트워크의 서비스들을 관리하기 위해 정의된 정책을 롤을 기반으로 관리하고 분배하는데 최적의 정책 분배 알고리즘으로써, 관리자의 개별적인 인터페이스들의 관리 대신 롤을 기반으로 한 정책 정의와 분배를 통해 복잡하고 대규모화되는 네트워크와 네트워크 서비스들을 효율적으로 관리할 수 있다.

77. 发明公开

KR1020040036228A 네트워크에서의 유해 트래픽 탐지 및 대응 시스템 및 방법 失效
标题翻译：用于网络中有害的交通检测和复制的系统和方法
公开(公告)号：KR1020040036228A
公开(公告)日：2004-04-30
申请号：KR1020020065176
申请日：2002-10-24
申请人： 한국전자통신연구원
发明人： 방효찬 , 나중찬 , 손승원
IPC分类号： H04L12/22
CPC分类号： H04L63/1416 , H04L63/0236 , H04L63/1458
摘要： PURPOSE: A system and a method for detecting and coping with harmful traffic in a network are provided to protect a system and a network resource by detecting a harmful traffic, tracing a source of the harmful traffic and cutting off the source. CONSTITUTION: A traffic monitoring unit(700) periodically monitors change of traffic flowing into active security node systems and if there is a traffic change exceeding a pre-set reference value, the traffic monitoring unit(700) transmits event information to active security management systems. A harmful traffic tracing management unit(710) determines whether to trace the harmful traffic on the basis of the event information, generates a harmful traffic tracing unit(720) and transmits it to the active security node system. A harmful traffic tracking unit(720) detects an IP address having the traffic component exceeding the reference value, analyzes traffic transmitted from a corresponding source IP address by sessions, detects and cuts off session traffic exceeding the reference value, and transfers a corresponding result to the active security management system. A harmful traffic cut-off report unit(730) informs the active security management system of the result.
摘要翻译：目的：提供一种用于检测和应对网络中有害流量的系统和方法，通过检测有害流量，追踪有害流量来源并切断源来保护系统和网络资源。规定：流量监控单元（700）定期监视流入主动安全节点系统的流量变化，如果流量变化超过预设参考值，则流量监控单元（700）向主动安全管理系统。有害的交通跟踪管理单元（710）根据事件信息确定是否追踪有害的业务，生成有害的业务跟踪单元（720）并将其发送到主动安全节点系统。有害交通跟踪单元（720）检测具有超过参考值的交通分量的IP地址，通过会话分析从对应的源IP地址发送的流量，检测并切断超过参考值的会话流量，并将相应的结果传送到主动安全管理系统。有害交通阻断报告单元（730）向主动安全管理系统通知结果。

78. 发明公开

KR1020030062055A 네트워크 보안 정책의 표현,저장 및 편집 방법 失效
标题翻译：用于表示，存储和编辑网络安全策略的方法
公开(公告)号：KR1020030062055A
公开(公告)日：2003-07-23
申请号：KR1020020002465
申请日：2002-01-16
申请人： 한국전자통신연구원
发明人： 김숙연 , 김건량 , 김명은 , 김기영 , 장종수 , 손승원 , 방효찬
IPC分类号： H04L12/22
CPC分类号： H04L63/0263 , H04L63/20
摘要： PURPOSE: A method for expressing, storing and editing a network security policy is provided to reduce development cost and time for policy-based network security management system, and to allow a designer to directly design an operation structure of a network security policy management tool, database schema and a structure of an object. CONSTITUTION: SecurityRule is a class for a rule object(200) including attributes of a rule itself. OnePacketCondition is a class for a condition object(310) indicating a condition for analyzing one packet. ConditionListType is an attribute indicating a combination method of each item for analyzing OnePacketCondition. VariableValueComparisonCondition is a class for condition objects(310a,310b) indicating a condition for comparing a field of a packet header with a value. Operator is an attribute indicating an operator to be used for checking. PayloadMatchingCondition is a class for a condition object(310c) for checking which content is included in a payload of a packet. PayloadVariable is a class for a variable object(310j) indicating a payload. AggregatedAlertAction is a class for an operation object(410a) indicating an alarming a rule applied situation. AggregatedAlertAction has an attribute of AlertDescription indicating descriptions for the rule applied situation. MessageStoreAction is a class indicating an operation object(410b) storing an alarm message. MessageShowAction is a class indicating an operation object(410c) outputting the alarm message.
摘要翻译：目的：提供一种用于表达，存储和编辑网络安全策略的方法，以减少基于策略的网络安全管理系统的开发成本和时间，并允许设计者直接设计网络安全策略管理工具的操作结构，数据库模式和对象的结构。构成：SecurityRule是规则对象（200）的类，包括规则本身的属性。 OnePacketCondition是条件对象（310）的类，指示分析一个数据包的条件。 ConditionListType是指示用于分析OnePacketCondition的每个项目的组合方法的属性。 VariableValueComparisonCondition是条件对象（310a，310b）的类，它指示用于将数据包头的字段与值进行比较的条件。运算符是指示用于检查的运算符的属性。 PayloadMatchingCondition是条件对象（310c）的类，用于检查哪个内容被包含在数据包的有效载荷中。 PayloadVariable是指示有效载荷的变量对象（310j）的类。 AggregatedAlertAction是一个操作对象（410a）的类，指示应用规则的情况令人震惊。 AggregatedAlertAction具有AlertDescription的属性，指示规则应用情况的描述。 MessageStoreAction是指示存储警报消息的操作对象（410b）的类。 MessageShowAction是指示输出警报消息的操作对象（410c）的类。

79. 发明公开

KR1020030056652A 정책기반 네트워크 보안제어시스템에서의 블랙리스트관리장치 및 관리방법 无效
标题翻译：用于管理基于策略的网络安全控制系统中的黑名单的设备和方法
公开(公告)号：KR1020030056652A
公开(公告)日：2003-07-04
申请号：KR1020010086926
申请日：2001-12-28
申请人： 한국전자통신연구원
发明人： 방효찬 , 김명은 , 김기영 , 김진오 , 장종수 , 손승원
IPC分类号： H04L12/22
CPC分类号： H04L63/20 , H04L63/101 , H04L63/1408 , H04L63/1441
摘要： PURPOSE: A device and a method for managing blacklists in a policy-based network security control system are provided to collect and analyze various network information in real time, so as to notify an operator of user addresses and host addresses exceeding a reference value and generate a network packet cutoff policy for a corresponding IP(Internet Protocol) address. CONSTITUTION: An intrusion detection alarm receiver(301) collects network intrusion alarm data from a security gateway(103) in real time. A dangerous IP address generator(302) extracts blacklist-related information from the collected network intrusion alarm data, and records the extracted information in a potential blacklist DB(307). A blacklist analyzer(303) compares and analyzes whether a network intrusion exceeds a preset threshold from the extracted blacklist-related information. An event generator(304) generates event information to record an event log in a dangerous blacklist DB(309), if the network intrusion is decided to exceed the threshold through the blacklist analyzer(303). A blacklist event monitor(305) notifies the event information generated by the event generator(304) to a remote security manager through a network. And a blacklist cut-off policy manager(310) generates and transmits a packet cutoff policy for a specific IP address through the event information and the event log.
摘要翻译：目的：提供一种用于管理基于策略的网络安全控制系统中的黑名单的设备和方法，用于实时收集和分析各种网络信息，以便向用户通知超过参考值的用户地址和主机地址，并生成用于相应的IP（因特网协议）地址的网络分组切断策略。构成：入侵检测报警接收机（301）实时收集来自安全网关（103）的网络入侵报警数据。危险的IP地址生成器（302）从所收集的网络入侵报警数据中提取黑名单相关信息，并将所提取的信息记录在潜在的黑名单DB（307）中。黑名单分析器（303）从提取的与黑名单有关的信息中比较和分析网络入侵是否超过预设阈值。如果通过黑名单分析器（303）决定网络入侵超过阈值，则事件生成器（304）生成事件信息以将事件日志记录在危险黑名单DB（309）中。黑名单事件监视器（305）通过网络向远程安全管理器通知事件发生器（304）生成的事件信息。黑名单关闭策略管理器（310）通过事件信息和事件日志生成并发送特定IP地址的分组切换策略。

80. 发明公开

KR1020030052511A 가변적인 보안 상황을 반영하는 보안 등급 설정방법 및이를 위한 기록 매체 失效
标题翻译：设置安全级别的方法反映可变安全条件及其记录的介质
公开(公告)号：KR1020030052511A
公开(公告)日：2003-06-27
申请号：KR1020010082497
申请日：2001-12-21
申请人： 한국전자통신연구원
发明人： 김진오 , 방효찬 , 김기영 , 장종수
IPC分类号： H04L12/22
CPC分类号： H04L63/1416 , H04L63/1425 , H04L63/20
摘要： PURPOSE: A method for setting security ranks reflecting variable security condition and a recorded medium therefor are provided to analyze and process detected invasion data and system management data, and to measure a current network situation with a security rank, then to operate a state transferring model, thereby establishing and performing strategies in consideration of flexible network situations. CONSTITUTION: If invasion or attach detection data are received through a network, an analyzer analyzes invasion or attach risks, importance of an attacked target, traffic amount and traffic frequency of the invasion data, and seriousness of the invasion data based on a preset analysis standard. The system sets security ranks based on a preset security rank table by analyzed results. The system decides whether to maintain the set security ranks according to variable security conditions, and re-controls the security ranks.
摘要翻译：目的：提供一种反映可变安全条件的安全等级的方法及其记录介质，用于分析和处理检测到的入侵数据和系统管理数据，并以安全等级测量当前网络状况，然后操作状态转移模型从而考虑到灵活的网络情况建立和执行战略。规定：如果通过网络接收入侵或附加检测数据，则分析仪将分析入侵或附加风险，攻击目标的重要性，入侵数据的流量和流量频率以及入侵数据的严重性，基于预设的分析标准。该系统通过分析结果基于预设的安全等级表设置安全等级。系统决定是否根据可变安全条件维护设定的安全等级，重新控制安全等级。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式