会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明公开
    • 댁내망 관리 장치 및 방법
    • 家庭网络管理设备和方法
    • KR1020170090125A
    • 2017-08-07
    • KR1020160010616
    • 2016-01-28
    • 한국전자통신연구원
    • 박상길
    • H04L29/06
    • 본발명은스마트기기의보급으로인한아파트등 댁내망내의트래픽발생량증가및 댁내존재하는 PC등전자기기가침입으로인해봇(bot)으로서동작되고있는상황에대해대비하여안정적이고쉬운관리가가능한댁내망의제공을위하여, 인터넷및 공유무선네트워크등 에지(Edge) 영역에서 SDN 기술과댁내망에대한보안증대기술을통하여클린인터넷환경과각종공격및 봇넷의위협으로부터전자기기들을보호할수 있는보안기능을내재하고, 오픈플로우(Open flow) 스위치를내장한댁내망게이트웨이의구조를통하여, 대량트래픽분산제어방법으로트래픽을모니터링하여효과적으로댁내망을관리할수 있는댁내망관리장치및 방법에관한것이다.
    • 本发明的家庭网络是用于在其中由于PC,诸如电子设备的情况制备可靠和易于管理诸如公寓本处所增加通信量和在家庭网络中,由于在智能设备的进入和作为机器人(机器人)操作所述扩散可能 对于报价,固有的安全特性,可以保护网络和共享无线网络,如边(边)从一个干净的互联网环境中的电子设备,以及各种攻击和僵尸网络通过在该地区SDN技术和家庭网络增加了安全技术的威胁 并且,以通过家庭网络网关的与该结构的流动打开(开放流)一个内置的开关,监测流量,可以有效地管理处所归属网络到网络管理设备和方法散装流量分布控制方法。
    • 2. 发明公开
    • 빅데이터 분석을 이용한 유해 정보 수집 방법 및 장치
    • 使用大数据分析的交通分类的方法和装置
    • KR1020140117217A
    • 2014-10-07
    • KR1020130032390
    • 2013-03-26
    • 한국전자통신연구원
    • 이왕봉박상길
    • G06F21/00G06F17/40
    • H04L63/1408
    • A harmful information collecting device and a method to collect harmful information by analyzing a plurality of packets in real time which are collected in real time on a network. The method includes a packet receiving step for receiving multiple packets collected from at least one packet collecting unit; a packet analysis step for analyzing whether the received packet includes harmful information; a harmful site information extracting step for extracting information on harmful sites which have received the packet proven to have harmful information through the analysis; and a harmful site information storing step for storing the extracted harmful site information in a database.
    • 有害的信息收集装置和通过分析实时地在网络上实时收集的多个分组来收集有害信息的方法。 该方法包括:分组接收步骤,用于接收从至少一个分组收集单元收集的多个分组; 分组分析步骤,用于分析所接收的分组是否包括有害信息; 有害位置信息提取步骤,用于通过分析提取已经接收到被证明具有有害信息的分组的有害站点的信息; 以及用于将提取的有害站点信息存储在数据库中的有害站点信息存储步骤。
    • 3. 发明公开
    • 패킷처리 장치 및 방법
    • 装置和处理包装盒的方法
    • KR1020120072038A
    • 2012-07-03
    • KR1020100133802
    • 2010-12-23
    • 한국전자통신연구원
    • 박상길김상완이왕봉윤상식
    • H04L12/56G06F13/14
    • H04L45/60H04L12/4625H04L45/7457
    • PURPOSE: A packet processing apparatus and method thereof are provided to rapidly create products by using a bridging algorithm which embodies an FPGA(Field Programmable Gate Array) in a card which processes packet information for a network. CONSTITUTION: A processor(102) processes packets in a network. A memory unit(104) stores a table for matching the packets in the network. A gate array(103) mediates an interface between the processor and the memory unit. The gate array provides a programmable communication interface between the processor and the memory unit. The processor corresponds to an ASIC(Application Specific Integrated Chip), an NPU(Network Processor Unit), an MP(Multi-core Processor), or an MCP(Many-Core Processor).
    • 目的:提供一种分组处理装置及其方法,以通过使用在处理网络的分组信息的卡中实现FPGA(现场可编程门阵列)的桥接算法快速创建产品。 构成:处理器(102)处理网络中的数据包。 存储单元(104)存储用于匹配网络中的分组的表。 门阵列(103)介导处理器和存储器单元之间的接口。 门阵列提供处理器和存储器单元之间的可编程通信接口。 处理器对应于ASIC(专用集成芯片),NPU(网络处理器单元),MP(多核处理器)或MCP(多核处理器)。
    • 7. 发明公开
    • 시그니처 패턴 매칭방법과 그 시스템 및 시그니처 패턴이기록된 기록매체
    • 签名模式匹配方法,相同系统和计算机可读介质存储签名模式
    • KR1020090065306A
    • 2009-06-22
    • KR1020070132796
    • 2007-12-17
    • 한국전자통신연구원
    • 이성원문화신박상길오진태장종수신영찬
    • G06F21/00
    • H04L63/1416H04L41/0604H04L41/0631
    • A signature pattern matching method, a system for the same and a computer readable medium storing a signature pattern are provided to reduce the amount of memory use by minimizing a memory access time based on the usage of a bloom filter. The sub string of a traffic packet is extracted(S100), and a hash value is obtained by applying a hash function to the extracted sub string(S110). A pre-filtering that checks membership is performed(S120), and a bloom filter which is supposed to be compared with a currently-obtained harsh value is queried(S130). It is checked over whether or not a pattern matched with the queried bloom filter exists(S140), and it is checked over whether or not a signature completion filed is included to the sub string of the matched signature pattern(S150).
    • 提供签名模式匹配方法,用于其的系统和存储签名模式的计算机可读介质,以通过基于布隆过滤器的使用最小化存储器访问时间来减少存储器使用量。 提取业务分组的子串(S100),并通过对所提取的子串应用散列函数来获得散列值(S110)。 执行检查成员资格的预过滤(S120),并且查询应该与当前获得的苛刻值进行比较的大写过滤器(S130)。 检查是否存在与查询的布隆过滤器匹配的模式(S140),并且检查签名完成归档是否包括在匹配签名模式的子串中(S150)。
    • 8. 发明公开
    • 통합 IP 패킷 지원 보안 장치 및 방법
    • 使用FPGA支持IPV4和IPV6的方法和设备
    • KR1020080052215A
    • 2008-06-11
    • KR1020070052931
    • 2007-05-30
    • 한국전자통신연구원
    • 박상길오진태남택용
    • H04L12/22H04L12/781H04L12/56H04L29/06
    • H04L69/22H04L9/3236H04L63/0227
    • A unified security apparatus for supporting IP packets and a method thereof are provided to enable permission/filtering to be applied to an IPv4 packet and an IPv6 packet by physically using a single chipset when a dual stack scheme and a permission/filtering rule are applied. A unified security apparatus for supporting IP packets includes a packet classifier(210), a key generator(220), a lookup engine(230), and an intrusion response unit(240). The packet classifier classifies an IPv4 packet and an IPv6 packet based on version information in header information of an input IP packet. The key generator generates header information corresponding to the IPv4 packet or the IPv6 packet classified by the packet classifier and generates a discrimination key corresponding to the IPv4 packet or the IPv6 packet based on the generated header information. The lookup engine includes two banks(231,232). Different bits are assigned to the two banks. An IPv4 security policy and an IPv6 security policy are recorded in the lookup engine. In this way, both an IPv4 packet and an IPv6 packet can be searched in the current embodiment by physically using a single lookup engine. The intrusion response unit includes a packet filtering unit(241) and a bandwidth controller(242). The packet filtering unit decides a lookup key, which is a key value corresponding to the security policy established in the first bank or the second bank, and if the lookup key matches the discrimination key generated according to the IPv4 packet or the IPv6 packet by the key generator, the packet filtering unit discards or transmits the packet according to the security policy. The bandwidth controller decides a lookup key, which is a key value corresponding to the security policy established in the first bank or the second bank, and if the lookup key matches the discrimination key, the bandwidth controller controls a bandwidth according to the security policy.
    • 提供一种用于支持IP分组的统一安全装置及其方法,用于当应用双栈方案和许可/过滤规则时,通过物理地使用单个芯片组来允许/过滤应用于IPv4分组和IPv6分组。 用于支持IP分组的统一安全装置包括分组分类器(210),密钥生成器(220),查找引擎(230)和入侵响应单元(240)。 分组分类器基于输入IP分组的报头信息中的版本信息对IPv4分组和IPv6分组进行分类。 密钥发生器生成对应于IPv4分组的报头信息或由分组分类器分类的IPv6分组,并且基于生成的报头信息生成与IPv4分组或IPv6分组对应的鉴别密钥。 查找引擎包括两个库(231,232)。 不同的位被分配给两个存储体。 查询引擎中记录了IPv4安全策略和IPv6安全策略。 以这种方式,可以在当前实施例中通过物理地使用单个查找引擎来搜索IPv4分组和IPv6分组。 入侵响应单元包括分组过滤单元(241)和带宽控制器(242)。 分组过滤单元确定查找密钥,该查找密钥是与在第一组或第二组中建立的安全策略相对应的密钥值,如果查找密钥与根据IPv4分组或IPv6分组生成的鉴别密钥相匹配, 密钥生成器,包过滤单元根据安全策略丢弃或发送数据包。 带宽控制器决定查询密钥,该查找密钥是与在第一组或第二组中建立的安全策略相对应的密钥值,如果查找密钥与鉴别密钥一致,则带宽控制器根据安全策略控制带宽。
    • 9. 发明授权
    • 슬라이딩 윈도우 캐쉬 구조
    • 缓存窗口的缓存结构
    • KR100479328B1
    • 2005-03-31
    • KR1020020083634
    • 2002-12-24
    • 한국전자통신연구원
    • 김진오김익균박상길김기영장종수손승원
    • G06F15/00
    • 본 발명은 슬라이딩 윈도우 캐쉬 구조에 관한 것으로, 특히 네트워크 공격상황에 대한 침입 탐지 이벤트가 저장된 캐쉬 구조에 있어서, 네트워크 공격상황이 수행되는 시간 간격(Tw)을 슬라이딩 시간 간격의 타임 슬롯(Ts)으로 나눈 Tw/Ts개의 윈도우 크기의 카운터를 가지며 카운터에 각 타임 슬롯(Ts)에서 발생된 네트워크 공격상황에 대한 침입 탐지 이벤트 횟수가 기록된 캐쉬 엔트리와, 캐쉬 엔트리의 첫 번째 카운터에 해당하는 타임 슬롯 정보가 기록된 타임 스탬프를 구비한다. 그러므로, 본 발명은 슬라이딩 윈도우 기법을 이용하여 연속된 시간상에서 임의의 시간 간격내에 발생된 네트워크 침입 탐지 이벤트 횟수를 캐쉬 엔트리에 기록할 수 있으며 캐쉬 테이블의 네트워크 공격상황별 정보를 갖는 키 데이터와 엔트리에 기록된 이벤트 횟수를 분석하여 네트워크 공격 상황을 쉽게 분석할 수 있다.