专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20090293100A1 APPARATUS AND METHOD FOR CHECKING PC SECURITY 有权
标题翻译：检查PC安全的装置和方法
公开(公告)号：US20090293100A1
公开(公告)日：2009-11-26
申请号：US12203974
申请日：2008-09-04
申请人： Jung Min KANG , Kang San KIM , Do Hoon LEE
发明人： Jung Min KANG , Kang San KIM , Do Hoon LEE
IPC分类号： G06F17/10
CPC分类号： G06F21/57
摘要： Provided are an apparatus and method for checking Personal Computer (PC) security. The apparatus includes a check module for checking a security configuration of a PC on the basis of a check policy received from a security check server and outputting check results, and a control module for changing the security configuration of the PC on the basis of a control policy received from the security check server and the check results received from the check module. According to the apparatus, a security check agent installed in each PC performs security check and changes a security configuration according to a control policy, such that the security configurations of PCs in a network can be managed collectively.
摘要翻译：提供了一种用于检查个人计算机（PC）安全性的装置和方法。该装置包括：检查模块，用于基于从安全检查服务器接收的检查策略和输出检查结果来检查PC的安全配置，以及控制模块，用于基于控制来改变PC的安全配置从安全检查服务器收到的策略和从检查模块接收到的检查结果。根据该装置，安装在每个PC中的安全检查代理进行安全检查，并根据控制策略改变安全配置，使得可以集中管理网络中的PC的安全配置。

2. 发明申请

US20100024033A1 APPARATUS AND METHOD FOR DETECTING OBFUSCATED MALICIOUS WEB PAGE 有权
标题翻译：检测障碍性恶性网页的装置和方法
公开(公告)号：US20100024033A1
公开(公告)日：2010-01-28
申请号：US12410636
申请日：2009-03-25
申请人： Jung Min KANG , Young Han CHOI , Do Hoon LEE , Eung Ki PARK
发明人： Jung Min KANG , Young Han CHOI , Do Hoon LEE , Eung Ki PARK
IPC分类号： G06F11/00
CPC分类号： G06F21/53 , G06F21/563 , H04L63/1466
摘要： An apparatus and method for detecting an obfuscated malicious web page are provided to find a malicious web page by deobfuscating an obfuscated malicious code. The apparatus includes an obfuscated code detector that detects whether an obfuscated code is included in a source code of a web page, a deobfuscation function inserter that reconfigures the source code by inserting a function for deobfuscating the obfuscated code into the source code, a deobfuscator that is called by the function inserted into the reconfigured source code and deobfuscates the obfuscated code, and a malicious code detector that detects a malicious code using the deobfuscated code.
摘要翻译：提供用于检测混淆的恶意网页的装置和方法，以通过对模糊的恶意代码进行混淆来查找恶意网页。该装置包括：检测网页的源代码中是否包含混淆的代码的混淆代码检测器;通过插入用于将模糊化代码混淆到源代码中的功能来重新配置源代码的去模糊功能插入器;解扰器，被插入到重新配置的源代码中的功能调用，并且对混淆的代码进行混淆，以及使用去模糊化代码来检测恶意代码的恶意代码检测器。

3. 发明申请

US20090055928A1 METHOD AND APPARATUS FOR PROVIDING PHISHING AND PHARMING ALERTS 审中-公开
标题翻译：提供检验和药物警报的方法和装置
公开(公告)号：US20090055928A1
公开(公告)日：2009-02-26
申请号：US12056375
申请日：2008-03-27
申请人： Jung Min KANG , Do Hoon LEE , Eng Ki PARK , Choon Sik PARK
发明人： Jung Min KANG , Do Hoon LEE , Eng Ki PARK , Choon Sik PARK
IPC分类号： G06F21/00
CPC分类号： H04L63/1475 , G06F21/554 , G06F2221/2119 , H04L63/168
摘要： Provided is an Internet information security technique, and more particularly, a method for alerting a user that a connected web site is a phishing site by comparing connected web site information with normal site information.To this end, the method includes the steps of: (a) extracting information on a presently connected site; (b) if information on a normal site having the same domain as the connected site exists in a database, comparing the connected site information with the normal site information; and (c) if the connected site information does not match the normal site information, alerting a user that the connected site is a phishing site. Therefore, the user may safely use the Internet by confirming whether the connected web site is a phishing site.
摘要翻译：提供了一种互联网信息安全技术，更具体地，涉及通过将连接的网站信息与正常的站点信息进行比较来提醒用户连接的网站是钓鱼网站的方法。为此，该方法包括以下步骤：（a）提取当前连接的站点的信息; （b）如果在数据库中存在与连接站点具有相同域的正常站点的信息，则将所连接的站点信息与正常站点信息进行比较; 和（c）如果所连接的站点信息与正常站点信息不匹配，则提醒用户该连接站点是钓鱼站点。因此，用户可以通过确认所连接的网站是否是网络钓鱼站点来安全地使用因特网。

4. 发明申请

US20090313699A1 APPARATUS AND METHOD FOR PREVENTING ANOMALY OF APPLICATION PROGRAM 有权
标题翻译：防止应用程序异常的装置和方法
公开(公告)号：US20090313699A1
公开(公告)日：2009-12-17
申请号：US12332012
申请日：2008-12-10
申请人： In Sook JANG , Eun Young LEE , Hyung Geun OH , Do Hoon LEE
发明人： In Sook JANG , Eun Young LEE , Hyung Geun OH , Do Hoon LEE
IPC分类号： G06F11/30 , G06F21/22
CPC分类号： G06F21/554 , G06F21/52
摘要： An apparatus and method for preventing an anomaly of an application program are provided. More particularly, an apparatus and method for preventing an anomaly of an application program that detect and stop an anomaly on the basis of a behavior profile for an application program are provided. The apparatus includes a behavior monitor that detects behavior of an application program in operation, an anomaly detector that determines whether the detected behavior of the application program is an anomaly on the basis of a behavior profile of the application program in operation, and an anomaly stopper that stops the behavior of the application program determined as an anomaly by the anomaly detector. Possible application program behavior is stored according to its purpose in a behavior profile and an anomaly is detected and stopped on the basis of the behavior profile, thereby decreasing a false-positive rate of anomaly detection and simultaneously solving a problem of a conventional security programs being incapable of defending against attacks using the authority of a program trusted by a user.
摘要翻译：提供一种用于防止应用程序的异常的装置和方法。更具体地，提供一种用于防止基于应用程序的行为特征来检测和停止异常的应用程序的异常的装置和方法。该装置包括：行为监视器，其检测运行中的应用程序的行为;异常检测器，其基于运行中的应用程序的行为特征来确定检测到的应用程序的行为是否为异常;异常阻塞这阻止由异常检测器确定为异常的应用程序的行为。可能的应用程序行为根据其目的存储在行为配置文件中，并且基于行为配置文件检测和停止异常，从而减少异常检测的假阳性率并同时解决常规安全程序的问题不能使用用户信任的程序的权限来防御攻击。

5. 发明申请

US20080115221A1 SYSTEM AND METHOD FOR PREDICTING CYBER THREAT 有权
标题翻译：用于预测CYBER THREAT的系统和方法
公开(公告)号：US20080115221A1
公开(公告)日：2008-05-15
申请号：US11938356
申请日：2007-11-12
申请人： Joo Beom YUN , Seung Hyun PAEK , In Sung PARK , Eun Young LEE , Hyung Geun OH , Do Hoon LEE
发明人： Joo Beom YUN , Seung Hyun PAEK , In Sung PARK , Eun Young LEE , Hyung Geun OH , Do Hoon LEE
IPC分类号： G06F12/14
CPC分类号： H04L63/145 , G06F21/552
摘要： Provided are a system and method for predicting a cyber threat. The system and method collect various variables and synthetically predict the frequency, dangerousness, possibility, and time of the occurrence of a cyber threat including hacking, a worm/virus, a Denial of Service (DoS) attack, illegal system access, a malicious code, a social engineering attack, system/data falsification, cyber terror/war, weakness exploitation, etc., using a time-series analysis method and a Delphi method, and inform a user in advance of the prediction result, thereby enabling the user to prepare against the cyber threat.
摘要翻译：提供了一种用于预测网络威胁的系统和方法。系统和方法收集各种变量，综合预测网络威胁发生的频率，危险性，可能性和时间，包括黑客，蠕虫/病毒，拒绝服务（DoS）攻击，非法系统访问，恶意代码使用时间序列分析方法和德尔菲法进行社会工程攻击，系统/数据伪造，网络恐怖/战争，弱势利用等，并提前通知用户预测结果，从而使用户能够准备反对网络威胁。

6. 发明申请

US20090299935A1 METHOD AND APPARATUS FOR DIGITAL FORENSICS 有权
标题翻译：数字法人的方法与装置
公开(公告)号：US20090299935A1
公开(公告)日：2009-12-03
申请号：US12252869
申请日：2008-10-16
申请人： Young Han CHOI , Tae Ghyoon KIM , Hyung Geun OH , Do Hoon LEE
发明人： Young Han CHOI , Tae Ghyoon KIM , Hyung Geun OH , Do Hoon LEE
IPC分类号： G06N5/02 , G06F12/06
CPC分类号： G06K9/00
摘要： A method and apparatus for digital forensics are provided. The apparatus for digital forensics includes a page file extractor for extracting a page file stored in a target storage medium, a stored-page feature extractor for extracting features of pages stored in the extracted page file, a page classifier for comparing the extracted features of the pages with at least one predetermined classification criterion and classifying the pages according to the comparison results, and a digital forensics unit for performing digital forensics according to the classified pages. According to the method and apparatus, it is possible to perform digital forensics using only information of a page file.
摘要翻译：提供了一种用于数字取证的方法和装置。用于数字取证的装置包括用于提取存储在目标存储介质中的页面文件的页面文件提取器，用于提取存储在所提取的页面文件中的页面的特征的存储页面特征提取器，用于将提取的特征提取的页面分类器具有至少一个预定分类标准的页面，并根据比较结果分类页面;以及数字取证单元，用于根据分类页面进行数字取证。根据该方法和装置，可以仅使用页面文件的信息来执行数字取证。

7. 发明申请

US20090100517A1 APPARATUS AND METHOD FOR MONITORING AND PROTECTING SYSTEM RESOURCES FROM WEB BROWSER 有权
标题翻译：用于从网络浏览器监控和保护系统资源的装置和方法
公开(公告)号：US20090100517A1
公开(公告)日：2009-04-16
申请号：US12208401
申请日：2008-09-11
申请人： Su Yong KIM , Dae Sik CHOI , Dong Hyun LEE , Do Hoon LEE
发明人： Su Yong KIM , Dae Sik CHOI , Dong Hyun LEE , Do Hoon LEE
IPC分类号： G06F21/06
CPC分类号： G06F21/554 , G06F21/629 , G06F2221/2141 , H04L63/10
摘要： An apparatus and method for preventing an attempt to perform malicious activities using web browser weaknesses are provided. A file protection module monitors attempts to access at least one file resource when the web browser executes a program, and allows or denies access. A registry protection module monitors attempts to access at least one registry resource when the web browser executes a program, and allows or denies access. A process protection module monitors attempts to execute or terminate at least one process when the web browser executes a program, and allows or denies the execution or termination.
摘要翻译：提供了一种用于防止尝试使用web浏览器弱点进行恶意活动的装置和方法。当Web浏览器执行程序并允许或拒绝访问时，文件保护模块监视尝试访问至少一个文件资源。注册表保护模块监视在Web浏览器执行程序时访问至少一个注册表资源的尝试，并允许或拒绝访问。当Web浏览器执行程序时，进程保护模块监视执行或终止至少一个进程的尝试，并允许或拒绝执行或终止。

8. 发明申请

US20090094585A1 METHOD AND APPARATUS FOR ANALYZING EXPLOIT CODE IN NONEXECUTABLE FILE USING VIRTUAL ENVIRONMENT 审中-公开
标题翻译：使用虚拟环境分析不可转让文件中的开发代码的方法和装置
公开(公告)号：US20090094585A1
公开(公告)日：2009-04-09
申请号：US12056434
申请日：2008-03-27
申请人： Young Han CHOI , Hyoung Chun KIM , Do Hoon LEE
发明人： Young Han CHOI , Hyoung Chun KIM , Do Hoon LEE
IPC分类号： G06F9/44
CPC分类号： G06F9/455 , G06F21/566
摘要： Provided is a method and apparatus for analyzing an exploit code included in a nonexecutable file using a target program with vulnerability in a virtual environment. The method includes the steps of: loading a nonexecutable file including the exploit code by a target program, the target program being executed in a virtual environment and includes vulnerability; analyzing a register value of the target program and determining if the register value of the target program indicates a normal code region; storing log information on operation of the target program when the register value indicates a region other than the normal code region; and extracting and analyzing the exploit code included in the nonexecutable file based on the stored log information. In this method, the exploit code is analyzed in the virtual environment, thereby preventing damage caused by execution of the exploit code.
摘要翻译：提供了一种用于使用在虚拟环境中具有脆弱性的目标程序来分析包含在不可执行文件中的利用代码的方法和装置。该方法包括以下步骤：通过目标程序加载包括漏洞利用码的不可执行文件，目标程序在虚拟环境中执行，并且包括漏洞; 分析目标程序的寄存器值，并确定目标程序的寄存器值是否指示正常代码区; 当所述寄存器值指示除了所述正常代码区域之外的区域时，存储关于所述目标程序的操作的日志信息; 并且基于存储的日志信息提取和分析包括在不可执行文件中的利用代码。在这种方法中，在虚拟环境中分析漏洞代码，从而防止由执行漏洞利用代码造成的损害。

9. 发明申请

US20090259673A1 METHOD AND APPARATUS FOR EXTRACTING TEXT FROM INTERNET MAIL ATTACHMENT FILE 审中-公开
标题翻译：从互联网邮件附件文件中提取文本的方法和装置
公开(公告)号：US20090259673A1
公开(公告)日：2009-10-15
申请号：US12194600
申请日：2008-08-20
申请人： Young Han CHOI , In Sook JANG , Hyung Geun OH , Do Hoon LEE
发明人： Young Han CHOI , In Sook JANG , Hyung Geun OH , Do Hoon LEE
IPC分类号： G06F17/30
CPC分类号： G06Q10/107 , G06F16/313 , G06F16/345
摘要： Provided are a method and apparatus for extracting text from an Internet mail attachment file. The apparatus includes a mail display unit for displaying Internet mail and an attachment file received from outside, an attachment file storage for storing the attachment file, a text extraction engine for extracting a text code included in the attachment file, and an attachment file text extractor for extracting text included in the attachment file using the text extraction engine.
摘要翻译：提供了一种从Internet邮件附件文件中提取文本的方法和装置。该装置包括用于显示互联网邮件的邮件显示单元和从外部接收的附件文件，用于存储附件文件的附件文件存储器，用于提取包含在附件文件中的文本代码的文本提取引擎，以及附件文件文本提取器用于使用文本提取引擎提取附件文件中包含的文本。

10. 发明申请

US20080313701A1 SYSTEM AND METHOD FOR MANAGING NETWORK BY VALUE-BASED ESTIMATION 有权
标题翻译：通过基于价值的估计来管理网络的系统和方法
公开(公告)号：US20080313701A1
公开(公告)日：2008-12-18
申请号：US12039858
申请日：2008-02-29
申请人： Young Han CHOI , Hyoung Chun KIM , Tae Ghyoon KIM , Do Hoon LEE , Eungki PARK
发明人： Young Han CHOI , Hyoung Chun KIM , Tae Ghyoon KIM , Do Hoon LEE , Eungki PARK
IPC分类号： G06F15/173 , G06F21/00
CPC分类号： H04L41/0893
摘要： A system and method for managing a network by value-based estimation is provided. A network device requesting communication is defined as an active point and a network device receiving a request for communication is defined as a passive point. A value of a network device is determined according to the number of active points connected to the corresponding network device, and a value of a network device that is in a path of communication between network devices is determined based on a value of a network device passing through the corresponding network device. When a policy for changing a network environment is transferred in a state where the values of the network devices have been estimated, a policy conflict test is performed on the basis of the estimated values of the network devices, thereby determining application of the policy in due consideration of the values and significance of the network devices.
摘要翻译：提供了一种通过基于价值的估计来管理网络的系统和方法。请求通信的网络设备被定义为活动点，并且接收通信请求的网络设备被定义为被动点。根据连接到相应网络设备的活动点的数量来确定网络设备的值，并且基于网络设备通过的值来确定处于网络设备之间的通信路径中的网络设备的值通过相应的网络设备。当在网络设备的值已被估计的状态下转移网络环境的策略时，基于网络设备的估计值执行策略冲突测试，从而确定策略的应用考虑网络设备的价值和意义。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式