专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09577948B2 Method and apparatus for connecting to server using trusted IP address of domain 有权
标题翻译：使用域的可信IP地址连接到服务器的方法和装置
公开(公告)号：US09577948B2
公开(公告)日：2017-02-21
申请号：US14122078
申请日：2012-06-01
申请人： Byoung Hoon Kim , Seong Cheol Kim
发明人： Byoung Hoon Kim , Seong Cheol Kim
IPC分类号： G06F15/173 , H04L12/911 , H04L12/24 , H04L29/14 , H04L29/12
CPC分类号： H04L47/70 , H04L41/082 , H04L61/1511 , H04L69/40
摘要： An apparatus for connecting to an update server includes an update unit configured to connect to the update server over a network using a pre-stored domain name address of the update server and an IP address acquisition unit configured to acquire an IP address of the connected update server. The IP address acquired by the IP address acquisition unit is stored as a trusted IP address in a storage unit. The apparatus further includes a reconnection processing unit configured to fetch the trusted IP address of the update server and try connecting to the update server using the trusted IP address in the case of failure to connect to the update server using the pre-stored domain name address.
摘要翻译：用于连接到更新服务器的装置包括：更新单元，被配置为使用预先存储的更新服务器的域名地址通过网络连接到更新服务器;以及IP地址获取单元，被配置为获取所连接的更新的IP地址服务器。由IP地址获取单元获取的IP地址作为可信IP地址存储在存储单元中。该装置还包括：重新连接处理单元，被配置为获取更新服务器的可信IP地址，并且在使用预存的域名地址未能连接到更新服务器的情况下尝试使用可信IP地址连接到更新服务器。

2. 发明授权

US09141796B2 System and method for detecting malware in file based on genetic map of file 有权
标题翻译：基于文件遗传图谱检测文件中的恶意软件的系统和方法
公开(公告)号：US09141796B2
公开(公告)日：2015-09-22
申请号：US13977250
申请日：2011-12-27
申请人： Jeong Hun Kim , Kyu Beom Hwang
发明人： Jeong Hun Kim , Kyu Beom Hwang
IPC分类号： G06F21/00 , G06F21/56
CPC分类号： G06F21/56 , G06F21/562 , G06F21/564 , G06F2221/033 , G06F2221/2145 , H04L63/145
摘要： A method for detecting whether a file includes malware is performed on a device. The method includes extracting information of at least two predetermined items in the file; creating a genetic map for the file by altering the extracted information into a previously set format; comparing the created genetic map with a previously stored malware genetic map to obtain a similarity between the created genetic map and the previously stored malware genetic map; and determining that the file is a malware when the similarity is higher than a reference value.
摘要翻译：在设备上执行用于检测文件是否包括恶意软件的方法。该方法包括提取文件中至少两个预定项目的信息; 通过将提取的信息改变为先前设置的格式来创建文件的遗传图谱; 将创建的遗传图谱与先前存储的恶意软件遗传图谱进行比较，以获得所创建的遗传图谱和先前存储的恶意软件遗传图谱之间的相似性; 并且当相似度高于参考值时，确定该文件是恶意软件。

3. 发明授权

US08549631B2 Internet site security system and method thereto 有权
标题翻译：互联网站点安全系统及其方法
公开(公告)号：US08549631B2
公开(公告)日：2013-10-01
申请号：US13054816
申请日：2009-02-12
申请人： Ho-Woong Lee , Sung Jin Yang , Sang Min Chung
发明人： Ho-Woong Lee , Sung Jin Yang , Sang Min Chung
IPC分类号： G06F11/00 , G06F12/14 , G06F12/16 , G08B23/00
CPC分类号： G06F21/53
摘要： The present invention discloses an internet site security system and method thereof. That is, the present invention comprises a browser execution module which executes the browser for providing a work-performing environment on the internet site according to the selection of a user; a memory protection module which, according to the execution of the browser, prevents an external module from accessing a memory area allocated to the browser and detects whether the memory area is tampered or not and whether the executing code is tampered or not; and a browser protection module which prevents another process or module from debugging the browser execution module according to the execution of the browser, and distinguishing several modules loaded to the memory area into acceptable modules and unacceptable modules, and thereby is able to provide a secure electronic transaction based environment against a malicious attack.
摘要翻译：本发明公开了一种互联网站点安全系统及其方法。也就是说，本发明包括浏览器执行模块，其执行用于根据用户的选择在因特网站点上提供工作执行环境的浏览器; 存储器保护模块，根据浏览器的执行，防止外部模块访问分配给浏览器的存储区域，并检测存储区域是否被篡改，以及执行代码是否被篡改; 以及浏览器保护模块，其防止另一进程或模块根据浏览器的执行调试浏览器执行模块，并将加载到存储区域的多个模块区分为可接受的模块和不可接受的模块，从而能够提供安全的电子基于事务的环境，防止恶意攻击。

4. 发明申请

US20130227686A1 METHOD AND APPARATUS FOR BLOCKING MALICIOUS ACCESS TO PROCESS 有权
标题翻译：阻塞恶意访问过程的方法和装置
公开(公告)号：US20130227686A1
公开(公告)日：2013-08-29
申请号：US13883351
申请日：2011-11-03
申请人： Yunseock Kim , Jaegap Yang , Hanju Kim
发明人： Yunseock Kim , Jaegap Yang , Hanju Kim
IPC分类号： H04L29/06
CPC分类号： H04L63/1466 , G06F21/52
摘要： An apparatus for blocking an external access to a browser includes an access monitor for monitoring whether a program is accessing the browser; and a document-object acquisition detector for detecting whether the program detected to access the browser by the access monitor acquires a document object of the browser; and an injection blocker for blocking the access of the program to the browser when the document object acquisition detector detects the document object acquisition by the corresponding program.
摘要翻译：用于阻止对浏览器的外部访问的装置包括用于监视程序是否正在访问浏览器的访问监视器; 以及文件对象获取检测器，用于检测由访问监视器检测到访问浏览器的程序是否获取浏览器的文档对象; 以及当所述文档对象获取检测器检测到由所述对应程序获取文档对象时，阻止所述程序访问所述浏览器的注射阻挡器。

5. 发明申请

US20130003582A1 NETWORK SPLITTING DEVICE, SYSTEM AND METHOD USING VIRTUAL ENVIRONMENTS 审中-公开
标题翻译：网络分割设备，使用虚拟环境的系统和方法
公开(公告)号：US20130003582A1
公开(公告)日：2013-01-03
申请号：US13582247
申请日：2011-03-03
申请人： Heean Park , Kyung Wan Kang , Kwang Tae Kim
发明人： Heean Park , Kyung Wan Kang , Kwang Tae Kim
IPC分类号： H04L12/26
CPC分类号： H04L63/08 , H04L69/22
摘要： A network separation apparatus allows a user terminal, connected to an internal network, to connect an external network. The network separation apparatus includes a packet transmission/reception unit to receive a packet generated in a virtual environment on the user terminal and transmit the packet either to the external network or the internal network. The apparatus also includes a packet analysis unit to analyze the packet received from the packet transmission/reception unit and a packet processing unit to allow the packet to be transmitted to the external network or the internal network, separately, based on an analysis result of the packet from the packet analysis unit and a preset packet processing policy.
摘要翻译：网络分离装置允许连接到内部网络的用户终端连接外部网络。网络分离装置包括：分组发送/接收单元，用于接收在用户终端上的虚拟环境中生成的分组，并将分组发送到外部网络或内部网络。该装置还包括：分组分析单元，用于分析从分组发送/接收单元接收的分组;以及分组处理单元，用于基于分组结果分别将分组发送到外部网络或内部网络来自分组分析单元的分组和预设分组处理策略。

6. 发明申请

US20120144500A1 METHOD AND APPARATUS FOR PROTECTING DATA USING A VIRTUAL ENVIRONMENT 有权
标题翻译：用于使用虚拟环境保护数据的方法和装置
公开(公告)号：US20120144500A1
公开(公告)日：2012-06-07
申请号：US13389883
申请日：2010-08-10
申请人： Kyung Wan Kang , Kwang Tae Kim , Heean Park
发明人： Kyung Wan Kang , Kwang Tae Kim , Heean Park
IPC分类号： G06F21/00
CPC分类号： H04L63/1416 , G06F21/53 , G06F2009/45587 , H04L63/1408
摘要： The present invention relates to a method and apparatus for protecting data using a virtual environment, which creates a safe virtual environment that supports the execution of application programs being operated on a computer and which enables important data to be inputted or outputted only within the virtual environment, such that access to the important data is prevented in a general local environment. According to the present invention, data leakage is initially prevented to protect data, and convenience is provided in that a user may use the computer in a general manner while performing desired work.
摘要翻译：本发明涉及一种使用虚拟环境来保护数据的方法和装置，其创建一个安全的虚拟环境，该安全虚拟环境支持在计算机上正在操作的应用程序的执行，并使得只能在虚拟环境内输入或输出重要的数据，使得在一般的本地环境中防止对重要数据的访问。根据本发明，最初防止数据泄漏来保护数据，并且提供便利性，因为用户可以在执行期望的工作时以一般方式使用计算机。

7. 发明申请

US20040123136A1 Method for modifying executing file on real time and method for managing virus infected file using the same 审中-公开
标题翻译：实时修改执行文件的方法和使用该文件管理病毒感染文件的方法
公开(公告)号：US20040123136A1
公开(公告)日：2004-06-24
申请号：US10732530
申请日：2003-12-11
申请人： AHNLAB, INC.
发明人： Deok-Young Jung
IPC分类号： G06F012/14 , G06F012/00
CPC分类号： G06F21/56 , G06F8/656 , G06F21/568
摘要： A method for modifying an executing file on real time and a method for treating a virus using the same. The method for treating a virus in real-time includes the steps of: a) obtaining a file object of the executing file to be modified; b) modifying an original image stored on an address of a physical memory indicated by an image section of the executing file; c) modifying a data image stored on an address of a physical memory indicated by a data section of the executing file; d) obtaining a virtual memory address on which the executing file is loaded; and e) modifying a private image on the virtual memory address.
摘要翻译：一种用于实时修改执行文件的方法和使用该程序来处理病毒的方法。实时处理病毒的方法包括以下步骤：a）获取要修改的执行文件的文件对象; b）修改存储在由执行文件的图像部分指示的物理存储器的地址上的原始图像; c）修改存储在由执行文件的数据部分指示的物理存储器的地址上的数据图像; d）获取在其上加载执行文件的虚拟存储器地址; 以及e）修改虚拟存储器地址上的私有映像。

8. 发明授权

US08984629B2 Apparatus and method for preemptively protecting against malicious code by selective virtualization 有权
标题翻译：通过选择性虚拟化抢先防范恶意代码的装置和方法
公开(公告)号：US08984629B2
公开(公告)日：2015-03-17
申请号：US13148177
申请日：2010-02-03
申请人： Kwang Tae Kim , Yongseok Hwang
发明人： Kwang Tae Kim , Yongseok Hwang
IPC分类号： G06F21/00 , G06F21/53 , H04L29/06 , G06F21/55 , G06F21/50
CPC分类号： G06F21/53 , G06F21/50 , G06F21/55 , H04L63/1441
摘要： In an apparatus and method for protecting resources of a computing system from a malicious code by selective virtualization, at least a part of the resources is classified as compulsory resources for executing a program on the computing system. When a vulnerable program executed in a separate space attempts to access one of the compulsory resources, an operating system level virtualization is performed. Further, when the vulnerable program attempts to access one of the resources of the computing system which is other than the compulsory resources, the vulnerable program is permitted to access a modified resource which is generated by modifying content of the resource.
摘要翻译：在通过选择性虚拟化来保护计算系统的资源免受恶意代码的装置和方法中，资源的至少一部分被分类为用于在计算系统上执行程序的强制资源。当在单独空间中执行的易受攻击的程序试图访问其中一个强制资源时，将执行操作系统级虚拟化。此外，当易受攻击的程序试图访问除强制资源之外的其中一个计算系统的资源时，易受攻击的程序被允许访问通过修改资源的内容产生的修改的资源。

9. 发明申请

US20130305373A1 METHOD AND APPARATUS FOR INSPECTING NON-PORTABLE EXECUTABLE FILES 有权
标题翻译：检查非易失性可执行文件的方法和装置
公开(公告)号：US20130305373A1
公开(公告)日：2013-11-14
申请号：US13887610
申请日：2013-05-06
申请人： AHNLAB, INC.
发明人： Cha Sung LIM , Ju Seok LEE
IPC分类号： G06F21/56
CPC分类号： G06F21/56 , G06F21/566
摘要： An apparatus for inspecting a non-PE file includes a data loading unit configured to load candidate malicious address information related to a malicious code of the non-PE file; and a program link unit configured to acquire normal address range information of a module being loaded on a memory when an application program adapted for the non-PE file is executed and set up a candidate malicious address corresponding to the candidate malicious address information to be a breakpoint of the application program. Further, the apparatus includes a malicious code determination unit configured to determine whether a next execution address is within the normal address range information when there occurs an event derived from the breakpoint.
摘要翻译：用于检查非PE文件的装置包括：数据加载单元，被配置为加载与所述非PE文件的恶意代码相关的候选恶意地址信息; 以及程序链接单元，被配置为当执行适用于所述非PE文件的应用程序时，获取正在加载到存储器上的模块的正常地址范围信息，并且将与所述候选恶意地址信息相对应的候选恶意地址设置为应用程序的断点。此外，该装置包括恶意代码确定单元，被配置为当发生从断点导出的事件时，确定下一个执行地址是否在正常地址范围信息内。

10. 发明申请

US20130283382A1 SYSTEM AND METHOD FOR DETECTING MALWARE IN FILE BASED ON GENETIC MAP OF FILE 有权
标题翻译：基于文件遗传图谱检测文件中的恶意软件的系统和方法
公开(公告)号：US20130283382A1
公开(公告)日：2013-10-24
申请号：US13977250
申请日：2011-12-27
申请人： Jeong Hun Kim , Kyu Beom Hwang
发明人： Jeong Hun Kim , Kyu Beom Hwang
IPC分类号： G06F21/56
CPC分类号： G06F21/56 , G06F21/562 , G06F21/564 , G06F2221/033 , G06F2221/2145 , H04L63/145
摘要： A method for detecting whether a file includes malware is performed on a device. The method includes extracting information of at least two predetermined items in the file; creating a genetic map for the file by altering the extracted information into a previously set format; comparing the created genetic map with a previously stored malware genetic map to obtain a similarity between the created genetic map and the previously stored malware genetic map; and determining that the file is a malware when the similarity is higher than a reference value.
摘要翻译：在设备上执行用于检测文件是否包括恶意软件的方法。该方法包括提取文件中至少两个预定项目的信息; 通过将提取的信息改变为先前设置的格式来创建文件的遗传图谱; 将创建的遗传图谱与先前存储的恶意软件遗传图谱进行比较，以获得所创建的遗传图谱和先前存储的恶意软件遗传图谱之间的相似性; 并且当相似度高于参考值时，确定该文件是恶意软件。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式