专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20100024033A1 APPARATUS AND METHOD FOR DETECTING OBFUSCATED MALICIOUS WEB PAGE 有权
标题翻译：检测障碍性恶性网页的装置和方法
公开(公告)号：US20100024033A1
公开(公告)日：2010-01-28
申请号：US12410636
申请日：2009-03-25
申请人： Jung Min KANG , Young Han CHOI , Do Hoon LEE , Eung Ki PARK
发明人： Jung Min KANG , Young Han CHOI , Do Hoon LEE , Eung Ki PARK
IPC分类号： G06F11/00
CPC分类号： G06F21/53 , G06F21/563 , H04L63/1466
摘要： An apparatus and method for detecting an obfuscated malicious web page are provided to find a malicious web page by deobfuscating an obfuscated malicious code. The apparatus includes an obfuscated code detector that detects whether an obfuscated code is included in a source code of a web page, a deobfuscation function inserter that reconfigures the source code by inserting a function for deobfuscating the obfuscated code into the source code, a deobfuscator that is called by the function inserted into the reconfigured source code and deobfuscates the obfuscated code, and a malicious code detector that detects a malicious code using the deobfuscated code.
摘要翻译：提供用于检测混淆的恶意网页的装置和方法，以通过对模糊的恶意代码进行混淆来查找恶意网页。该装置包括：检测网页的源代码中是否包含混淆的代码的混淆代码检测器;通过插入用于将模糊化代码混淆到源代码中的功能来重新配置源代码的去模糊功能插入器;解扰器，被插入到重新配置的源代码中的功能调用，并且对混淆的代码进行混淆，以及使用去模糊化代码来检测恶意代码的恶意代码检测器。

2. 发明申请

US20090259673A1 METHOD AND APPARATUS FOR EXTRACTING TEXT FROM INTERNET MAIL ATTACHMENT FILE 审中-公开
标题翻译：从互联网邮件附件文件中提取文本的方法和装置
公开(公告)号：US20090259673A1
公开(公告)日：2009-10-15
申请号：US12194600
申请日：2008-08-20
申请人： Young Han CHOI , In Sook JANG , Hyung Geun OH , Do Hoon LEE
发明人： Young Han CHOI , In Sook JANG , Hyung Geun OH , Do Hoon LEE
IPC分类号： G06F17/30
CPC分类号： G06Q10/107 , G06F16/313 , G06F16/345
摘要： Provided are a method and apparatus for extracting text from an Internet mail attachment file. The apparatus includes a mail display unit for displaying Internet mail and an attachment file received from outside, an attachment file storage for storing the attachment file, a text extraction engine for extracting a text code included in the attachment file, and an attachment file text extractor for extracting text included in the attachment file using the text extraction engine.
摘要翻译：提供了一种从Internet邮件附件文件中提取文本的方法和装置。该装置包括用于显示互联网邮件的邮件显示单元和从外部接收的附件文件，用于存储附件文件的附件文件存储器，用于提取包含在附件文件中的文本代码的文本提取引擎，以及附件文件文本提取器用于使用文本提取引擎提取附件文件中包含的文本。

3. 发明申请

US20080313701A1 SYSTEM AND METHOD FOR MANAGING NETWORK BY VALUE-BASED ESTIMATION 有权
标题翻译：通过基于价值的估计来管理网络的系统和方法
公开(公告)号：US20080313701A1
公开(公告)日：2008-12-18
申请号：US12039858
申请日：2008-02-29
申请人： Young Han CHOI , Hyoung Chun KIM , Tae Ghyoon KIM , Do Hoon LEE , Eungki PARK
发明人： Young Han CHOI , Hyoung Chun KIM , Tae Ghyoon KIM , Do Hoon LEE , Eungki PARK
IPC分类号： G06F15/173 , G06F21/00
CPC分类号： H04L41/0893
摘要： A system and method for managing a network by value-based estimation is provided. A network device requesting communication is defined as an active point and a network device receiving a request for communication is defined as a passive point. A value of a network device is determined according to the number of active points connected to the corresponding network device, and a value of a network device that is in a path of communication between network devices is determined based on a value of a network device passing through the corresponding network device. When a policy for changing a network environment is transferred in a state where the values of the network devices have been estimated, a policy conflict test is performed on the basis of the estimated values of the network devices, thereby determining application of the policy in due consideration of the values and significance of the network devices.
摘要翻译：提供了一种通过基于价值的估计来管理网络的系统和方法。请求通信的网络设备被定义为活动点，并且接收通信请求的网络设备被定义为被动点。根据连接到相应网络设备的活动点的数量来确定网络设备的值，并且基于网络设备通过的值来确定处于网络设备之间的通信路径中的网络设备的值通过相应的网络设备。当在网络设备的值已被估计的状态下转移网络环境的策略时，基于网络设备的估计值执行策略冲突测试，从而确定策略的应用考虑网络设备的价值和意义。

4. 发明申请

US20090299935A1 METHOD AND APPARATUS FOR DIGITAL FORENSICS 有权
标题翻译：数字法人的方法与装置
公开(公告)号：US20090299935A1
公开(公告)日：2009-12-03
申请号：US12252869
申请日：2008-10-16
申请人： Young Han CHOI , Tae Ghyoon KIM , Hyung Geun OH , Do Hoon LEE
发明人： Young Han CHOI , Tae Ghyoon KIM , Hyung Geun OH , Do Hoon LEE
IPC分类号： G06N5/02 , G06F12/06
CPC分类号： G06K9/00
摘要： A method and apparatus for digital forensics are provided. The apparatus for digital forensics includes a page file extractor for extracting a page file stored in a target storage medium, a stored-page feature extractor for extracting features of pages stored in the extracted page file, a page classifier for comparing the extracted features of the pages with at least one predetermined classification criterion and classifying the pages according to the comparison results, and a digital forensics unit for performing digital forensics according to the classified pages. According to the method and apparatus, it is possible to perform digital forensics using only information of a page file.
摘要翻译：提供了一种用于数字取证的方法和装置。用于数字取证的装置包括用于提取存储在目标存储介质中的页面文件的页面文件提取器，用于提取存储在所提取的页面文件中的页面的特征的存储页面特征提取器，用于将提取的特征提取的页面分类器具有至少一个预定分类标准的页面，并根据比较结果分类页面;以及数字取证单元，用于根据分类页面进行数字取证。根据该方法和装置，可以仅使用页面文件的信息来执行数字取证。

5. 发明申请

US20090094585A1 METHOD AND APPARATUS FOR ANALYZING EXPLOIT CODE IN NONEXECUTABLE FILE USING VIRTUAL ENVIRONMENT 审中-公开
标题翻译：使用虚拟环境分析不可转让文件中的开发代码的方法和装置
公开(公告)号：US20090094585A1
公开(公告)日：2009-04-09
申请号：US12056434
申请日：2008-03-27
申请人： Young Han CHOI , Hyoung Chun KIM , Do Hoon LEE
发明人： Young Han CHOI , Hyoung Chun KIM , Do Hoon LEE
IPC分类号： G06F9/44
CPC分类号： G06F9/455 , G06F21/566
摘要： Provided is a method and apparatus for analyzing an exploit code included in a nonexecutable file using a target program with vulnerability in a virtual environment. The method includes the steps of: loading a nonexecutable file including the exploit code by a target program, the target program being executed in a virtual environment and includes vulnerability; analyzing a register value of the target program and determining if the register value of the target program indicates a normal code region; storing log information on operation of the target program when the register value indicates a region other than the normal code region; and extracting and analyzing the exploit code included in the nonexecutable file based on the stored log information. In this method, the exploit code is analyzed in the virtual environment, thereby preventing damage caused by execution of the exploit code.
摘要翻译：提供了一种用于使用在虚拟环境中具有脆弱性的目标程序来分析包含在不可执行文件中的利用代码的方法和装置。该方法包括以下步骤：通过目标程序加载包括漏洞利用码的不可执行文件，目标程序在虚拟环境中执行，并且包括漏洞; 分析目标程序的寄存器值，并确定目标程序的寄存器值是否指示正常代码区; 当所述寄存器值指示除了所述正常代码区域之外的区域时，存储关于所述目标程序的操作的日志信息; 并且基于存储的日志信息提取和分析包括在不可执行文件中的利用代码。在这种方法中，在虚拟环境中分析漏洞代码，从而防止由执行漏洞利用代码造成的损害。

6. 发明申请

US20110239294A1 SYSTEM AND METHOD FOR DETECTING MALICIOUS SCRIPT 有权
标题翻译：用于检测恶性症状的系统和方法
公开(公告)号：US20110239294A1
公开(公告)日：2011-09-29
申请号：US12944100
申请日：2010-11-11
申请人： Tae Ghyoon KIM , Young Han CHOI , Seok Jin CHOI , Cheol Won LEE
发明人： Tae Ghyoon KIM , Young Han CHOI , Seok Jin CHOI , Cheol Won LEE
IPC分类号： G06F21/00
CPC分类号： G06F21/563 , G06F21/566
摘要： Provided are a system and method for detecting a malicious script. The system includes a script decomposition module for decomposing a web page into scripts, a static analysis module for statically analyzing the decomposed scripts in the form of a document file, a dynamic analysis module for dynamically executing and analyzing the decomposed scripts, and a comparison module for comparing an analysis result of the static analysis module and an analysis result of the dynamic analysis module to determine whether the decomposed scripts are malicious scripts. The system and method can recognize a hidden dangerous hypertext markup language (HTML) tag irrespective of an obfuscation technique for hiding a malicious script in a web page and thus can cope with an unknown obfuscation technique.
摘要翻译：提供了用于检测恶意脚本的系统和方法。该系统包括用于将网页分解成脚本的脚本分解模块，用于以文档文件的形式静态分析分解的脚本的静态分析模块，用于动态地执行和分析分解的脚本的动态分析模块，以及比较模块用于比较静态分析模块的分析结果和动态分析模块的分析结果，以确定分解的脚本是否是恶意脚本。系统和方法可以识别隐藏的危险超文本标记语言（HTML）标签，而不管用于在网页中隐藏恶意脚本的混淆技术，并且因此可以应对未知的混淆技术。

7. 发明申请

US20080115016A1 SYSTEM AND METHOD FOR ANALYZING UNKNOWN FILE FORMAT TO PERFORM SOFTWARE SECURITY TEST 审中-公开
标题翻译：用于分析未知文件格式以执行软件安全测试的系统和方法
公开(公告)号：US20080115016A1
公开(公告)日：2008-05-15
申请号：US11850921
申请日：2007-09-06
申请人： Young Han CHOI , Hyoung Chun Kim , Soon Jwa Hong
发明人： Young Han CHOI , Hyoung Chun Kim , Soon Jwa Hong
IPC分类号： G06F11/36
CPC分类号： G06F11/3676
摘要： A system and method for analyzing a file format to perform a software security test are provided. The system includes a file scanner for monitoring a program that loads an unknown file on a memory and parsing function parameters of the loaded file, and a file analyzer for receiving the parsing data from the file scanner and extracting a field location and a data type of the unknown file format.
摘要翻译：提供了用于分析文件格式以执行软件安全性测试的系统和方法。该系统包括文件扫描器，用于监视在存储器上加载未知文件并解析加载的文件的功能参数的程序，以及文件分析器，用于从文件扫描器接收解析数据，并提取字段位置和数据类型未知的文件格式。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式