会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 5. 发明公开
    • 비밀 정보 기반의 상호 인증 방법 및 장치
    • 基于秘密信息提供交叉认证的方法和设备
    • KR1020160111789A
    • 2016-09-27
    • KR1020150036940
    • 2015-03-17
    • 현대자동차주식회사기아자동차주식회사조선대학교산학협력단서울대학교산학협력단
    • 안현수정호진우준영김호연이강석윤종윤노종선김영식
    • H04L9/32H04L9/08
    • H04L9/0869H04L9/3273H04L2209/84
    • 본발명은비밀정보기반의상호인증방법및 장치에관한것이다. 본발명의일 실시예에따른외부장치와연동되는차량제어기에서의상호인증방법은상기외부장치로부터의수신된인증요청메시지에따라난수를상기외부장치에전송하는제1 단계와상기난수를매개변수로하는제1 함수를이용하여변수를생성하는제2 단계와상기변수및미리저장된보안키를매개변수로하는제2함수를이용하여제1 세션키를생성하는제3 단계와상기외부장치로부터제1 응답키를수신하는제4 단계와상기난수, 상기변수, 상기제1 세션키를매개변수로하는제3함수를이용하여제2 응답키를생성하는제5 단계와상기제1 응답키와상기제2 응답키의일치여부에기반하여상기외부장치를인증하는제6 단계를포함하여구성될수 있다. 따라서, 본발명은보안정보에기반하여외부장치와차량제어기사이의상호인증을가능하게하는장점이있다.
    • 本发明涉及一种基于机密信息进行相互认证的方法和装置。 根据本发明的实施例的与外部设备结合操作的车辆控制器中的相互认证方法可以包括:响应于从外部接收到的认证请求消息将随机数S发送到外部设备的第一步骤 设备; 通过使用使用随机数S作为参数的第一函数来生成变量i的第二步骤; 通过使用使用变量i和先前存储的秘密密钥K作为参数的第二函数来生成第一会话密钥Ks的第三步骤; 从外部设备接收第一响应密钥的第四步骤; 通过使用使用随机数S,变量i和第一会话密钥Ks的第三函数作为参数来生成第二响应密钥的第五步骤; 以及第六步骤,基于第一响应密钥是否与第二响应密钥相同,来认证外部设备。 因此,可以根据机密信息相互认证外部装置和车辆控制装置的优点。
    • 6. 发明授权
    • 차량 네트워크 공격 탐지 장치 및 그 방법
    • 用于检测车辆网络的装置及其方法
    • KR101371902B1
    • 2014-03-10
    • KR1020120144900
    • 2012-12-12
    • 현대자동차주식회사서울대학교산학협력단조선대학교산학협력단
    • 안현수이정희이병욱배현철노종선김지엽우준영조창민김영식문영식
    • H04L12/26H04L12/851
    • H04L63/1425H04L67/12
    • The present invention relates to a device for detecting an attack on a vehicle network and a method thereof and is to provide to a device for detecting an attack on a vehicle network and a method thereof which accumulatively counts packets by each device (ID) connected to a vehicle network bus, calculates the accumulated value by accumulating an inspected value (S) whenever accumulatively counting packets and determines that an attack is occurred if the average accumulated value calculated by dividing the accumulated value by the accumulated counting does not exceed a first threshold value. For the purpose, in a vehicle network environment in which devices, having a priority for packet transmission, connected to a vehicle network bus include: a packet collection unit for collecting packets transmitted through the vehicle network bus; a packet counting unit for accumulatively counting the number of packets collected by the packet collection unit; an inspected value calculation unit for calculating an inspected value based on a time difference between packets having the same ID; an accumulated value calculation unit for calculating an accumulated value by adding the inspected value which is calculated by the inspected value calculation unit to the previous inspected value; an average accumulated value calculation unit for calculating the average accumulated value by dividing the accumulated value calculated by the accumulated value calculation unit by accumulated counting value by the packet counting unit; and an attack determination unit for determining the existence of attack based on the average accumulated value calculated by the average accumulated value calculation unit. [Reference numerals] (10) Packet collection unit; (20) Packet counting unit; (30) Inspected value calculation unit; (40) Accumulated value calculation unit; (50) Average accumulated value calculation unit; (60) Attack determination unit; (70) Control unit
    • 本发明涉及一种用于检测车辆网络攻击的装置及其方法,并提供给用于检测对车辆网络的攻击的装置及其方法,其中每个装置(ID)对连接到车辆网络的数据进行累积计数 车辆网络总线,每当累积计数分组时累积检查值(S)来计算累积值,并且如果通过将累加值除以累加计数而计算的平均累积值不超过第一阈值,则确定发生攻击 。 为此,在车辆网络环境中,具有连接到车辆网络总线的分组传输优先级的设备包括:分组收集单元,用于收集通过车辆网络总线传送的分组; 分组计数单元,用于累积计数由所述分组收集单元收集的分组的数量; 检查值计算单元,用于基于具有相同ID的分组之间的时间差计算检查值; 累积值计算单元,用于通过将由检查值计算单元计算的检查值与先前检查值相加来计算累积值; 平均累计值计算单元,用于通过将由累积值计算单元计算出的累积值除以累积计数值来计算平均累积值; 以及攻击确定单元,用于基于由平均累积值计算单元计算的平均累积值来确定攻击的存在。 (附图标记)(10)分组收集单元; (20)分组计数单元; (30)检验价值计算单位; (40)累计值计算单位; (50)平均累计值计算单位; (60)攻击判定单元; (70)控制单元
    • 7. 发明授权
    • CAN 패킷 자동 분석 방법
    • CAN通信中的自动分组分析方法
    • KR101371895B1
    • 2014-03-10
    • KR1020120144901
    • 2012-12-12
    • 현대자동차주식회사서울대학교산학협력단조선대학교산학협력단
    • 이병욱배현철이정희안현수김지엽노종선우준영조창민김영식전보환문영식
    • H04L12/70
    • H04L43/045H04L43/16H04L2012/40215
    • A controller area network (CAN) packet automatic analysis method according to the present invention, which comprises the steps of sorting packets related to the performance of a specific function among data packets used in CAN, and comparing and analyzing the change of packet data values with time on the graph, enables a simple and efficient analysis on the function, the type and the operation method of the packet. [Reference numerals] (AA) Start; (BB) End; (ST10) Input data and perform a function?; (ST11) Read a log file and write ID array; (ST12) Calculate a data variation value (A) before performing the function; (ST13) Calculate a difference (B) of average data amount by section before and during performing the function; (ST14) Record and store the variation according to the time relative to a packet satisfying with 'B/A > Threshold value'; (ST15) Performing analysis?; (ST16) Display an analysis result; (ST17) Section '1' increase; (ST18) Section end?
    • 一种根据本发明的控制器局域网(CAN)数据包自动分析方法,包括以下步骤:对与CAN中使用的数据包中的特定功能的性能相关的分组进行排序,并将分组数据值的变化与 时间在图上,能够对数据包的功能,类型和操作方法进行简单有效的分析。 (附图标记)(AA)开始; (BB)结束; (ST10)输入数据并执行功能? (ST11)读取日志文件并写入ID数组; (ST12)在执行功能之前计算数据变化值(A) (ST13)在执行功能之前和期间计算平均数据量的差(B); (ST14)根据相对于满足“B / A>阈值”的包的时间记录和存储变化; (ST15)进行分析? (ST16)显示分析结果; (ST17)第1节增加; (ST18)截面?
    • 9. 发明授权
    • 가변 암호화 기반의 네트워크 보안 장치 및 그 동작 방법
    • 基于可变加密的网络安全设备及其操作方法
    • KR101594846B1
    • 2016-02-22
    • KR1020140172073
    • 2014-12-03
    • 조선대학교산학협력단동국대학교 산학협력단서울대학교산학협력단
    • 임대운노종선김영식
    • H04L9/12
    • H04L9/12Y02D50/30
    • 가변암호화기반의네트워크보안장치및 그동작방법이개시된다. 본발명의일실시예에따른가변암호화기반의네트워크보안장치및 그동작방법은특정주기간격으로, 소정의암호화방식정보를구성하고, 해당암호화방식정보들간의보안수준에따라서, 가장높은보안수준을갖는암호화방식정보를네트워크로연결되어있는복수의단말들의데이터송수신에사용될암호화방식후보로선택해둔 후상기복수의단말들사이에서데이터송수신시에데이터암복호화실패와같은보안상문제가발생하는경우, 상기복수의단말들이현재사용하고있는암호화방식을상기암호화방식후보로선택된암호화방식으로변경해줌으로써, 네트워크의보안을강화시킬수 있다.
    • 本发明涉及一种基于可变加密的网络安全装置及其操作方法。 网络安全设备以间隔周期配置预定的加密方法信息,选择具有最高安全级别的加密方法信息作为用于在连接到网络的多个终端之间发送和接收数据的加密方法候选,根据安全级别 并且当在终端之间发送和接收数据时发生诸如数据加密和解密失败之类的安全问题时,将终端当前使用的加密方法改变为选择为加密方法候选的加密方法。 因此,网络安全设备可以增强网络的安全性。