专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明申请

US20100212013A1 LOG-BASED TRACEBACK SYSTEM AND METHOD USING CENTROID DECOMPOSITION TECHNIQUE 有权
标题翻译：基于LOG的跟踪系统和使用中心分解技术的方法
公开(公告)号：US20100212013A1
公开(公告)日：2010-08-19
申请号：US12669633
申请日：2007-11-21
申请人： Jong Hyun Kim , Geon Lyang Kim , Seon Gyoung Sohn , Beom Hwan Chang , Chi Yoon Jeong , Jong Ho Ryu , Jung Chan Na , Jong Soo Jang , Sung Won Sohn
发明人： Jong Hyun Kim , Geon Lyang Kim , Seon Gyoung Sohn , Beom Hwan Chang , Chi Yoon Jeong , Jong Ho Ryu , Jung Chan Na , Jong Soo Jang , Sung Won Sohn
IPC分类号： G06F11/34
CPC分类号： H04L45/00 , H04L45/12 , H04L63/1416 , H04L63/1425 , H04L63/1441 , H04L2463/146
摘要： There are provided a system and method for tracing back an attacker by using centroid decomposition technique, the system including: a log data input module collecting log data of an intrusion alarm from an intrusion detection system; a centroid node detection module generating a shortest path tree by applying a shortest path algorithm to network router connection information collected by a network administration server, detecting a centroid node by applying centroid decomposition technique removing a leaf-node to the shortest path tree, and generating a centroid tree whose node of each level is the detected centroid node; and a traceback processing module requesting log data of a router matched with the node of each level of the centroid tree, and tracing back a router identical to the log data of the collected intrusion alarm as a router connected to a source of an attacker by comparing the log data of the router with the log data of the collected intrusion alarm. According to the system and method, an attacker causing a security intrusion event may be quickly detected, a load on the system is reduced, and a passage host exposed to a danger or having weaknesses may be easily recognized, thereby easily coping with an attack.
摘要翻译：提供了一种通过使用质心分解技术跟踪攻击者的系统和方法，该系统包括：日志数据输入模块，从入侵检测系统收集入侵警报的日志数据; 质心节点检测模块，通过对网络管理服务器收集的网络路由器连接信息应用最短路径算法，生成最短路径树，通过应用质心分解技术检测质心节点，去除叶节点到最短路径树，并生成每个级别的节点是检测到的质心节点的质心树; 以及回溯处理模块，请求与质心树的每个级别的节点匹配的路由器的日志数据，并且通过比较来跟踪与收集的入侵警报器的日志数据相同的路由器作为连接到攻击者的源的路由器路由器的日志数据与收集的入侵报警的日志数据。根据系统和方法，可以快速地检测到导致安全入侵事件的攻击者，系统上的负载减少，并且易于识别暴露于危险或具有弱点的通道主机，从而容易地应对攻击。

12. 发明申请

US20100208083A1 SYSTEM AND METHOD FOR PROVIDING APPLICATION SERVICE USING IMAGE DATA 有权
标题翻译：使用图像数据提供应用服务的系统和方法
公开(公告)号：US20100208083A1
公开(公告)日：2010-08-19
申请号：US12678967
申请日：2008-05-14
申请人： Yun Kyung Lee , Jong Wook Han , Geon Woo Kim , Deok Gyu Lee , Kyo Il Chung , Jong Soo Jang
发明人： Yun Kyung Lee , Jong Wook Han , Geon Woo Kim , Deok Gyu Lee , Kyo Il Chung , Jong Soo Jang
IPC分类号： H04N5/225
CPC分类号： H04N7/18 , H04L65/4084 , H04L65/605 , H04N21/21 , H04N21/23
摘要： There is provided a system and method for providing an application service using image data. One image data processing server collects images (for example, still images and moving images) captured by various kinds of image capturing apparatuses, such as CCTV systems and processes the collected images into data required to provide application services. A plurality of application service servers only provide processed data of the image data processing server without requiring an additional process to a display device of a user. Accordingly, the configuration of each of the application service servers is simplified to thereby reduce manufacturing costs.
摘要翻译：提供了一种使用图像数据提供应用服务的系统和方法。一个图像数据处理服务器收集诸如CCTV系统的各种图像捕获设备捕获的图像（例如，静止图像和运动图像），并将收集的图像处理为提供应用服务所需的数据。多个应用服务服务器仅提供图像数据处理服务器的处理数据，而不需要对用户的显示设备的附加处理。因此，简化了各应用服务服务器的配置，从而降低制造成本。

13. 发明授权

US07773809B2 Method and apparatus for distinguishing obscene video using visual feature 有权
标题翻译：使用视觉特征区分淫秽视频的方法和装置
公开(公告)号：US07773809B2
公开(公告)日：2010-08-10
申请号：US11442565
申请日：2006-05-26
申请人： Seung Min Lee , Taek Yong Nam , Jong Soo Jang , Ho Gyun Lee
发明人： Seung Min Lee , Taek Yong Nam , Jong Soo Jang , Ho Gyun Lee
IPC分类号： G06K9/00 , G06K9/46 , G06K9/62 , G10L15/06 , G04H60/32
CPC分类号： G06K9/00711 , G06K9/4652
摘要： A method and apparatus for generating discriminant functions for distinguishing obscene videos by using visual features of video data, and a method and apparatus for determining whether videos are obscene by using the generated discriminant functions, are provided. The method of generating discriminant functions includes: creating a first frame set by extracting a predetermined number of frames for each video data unit from a group of video data classified as obscene or non-obscene, and creating a second frame set by selecting the frames; generating a frame based discriminant function by extracting visual features of frames of the second frame set, and then generating a first discriminant value by determining whether each frame of the first frame set contains obscene video data; generating a group frame based discriminant function by extracting visual features of a group of frames of the first frame set, and then generating a second discriminant value by determining whether the frames of the group contain obscene video data; and generating a synthetic discriminant function by using the first and second discriminant values as a representative value of the video data. Accordingly, obscene video data stored in a computer system can be automatically and accurately distinguished.
摘要翻译：提供一种用于通过使用视频数据的视觉特征来产生用于区分淫秽视频的判别函数的方法和装置，以及用于通过使用所生成的判别函数来确定视频是淫秽的方法和装置。产生判别函数的方法包括：通过从分类为淫秽或非淫秽的一组视频数据中提取每个视频数据单元的预定数量的帧来创建第一帧集合，并通过选择帧来创建第二帧集合; 通过提取第二帧集合的帧的视觉特征，生成基于帧的判别函数，然后通过确定第一帧集合的每个帧是否包含淫秽视频数据来生成第一判别值; 通过提取第一帧集合的帧组的视觉特征，生成基于组帧的判别函数，然后通过确定该组的帧是否包含淫秽视频数据来生成第二判别式值; 以及通过使用第一和第二判别值作为视频数据的代表值来产生合成判别函数。因此，可以自动且准确地区分存储在计算机系统中的淫秽视频数据。

14. 发明授权

US07735137B2 Method and apparatus for storing intrusion rule 失效
标题翻译：存储入侵规则的方法和装置
公开(公告)号：US07735137B2
公开(公告)日：2010-06-08
申请号：US11484257
申请日：2006-07-10
申请人： Kwang Ho Baik , Byoung Koo Kim , Jin Tae Oh , Jong Soo Jang , Sung Won Sohn
发明人： Kwang Ho Baik , Byoung Koo Kim , Jin Tae Oh , Jong Soo Jang , Sung Won Sohn
IPC分类号： G06F11/00 , G06F12/14 , G06F12/16 , G08B23/00
CPC分类号： H04L63/1416
摘要： A method and apparatus for storing an intrusion rule are provided. The method stores a new intrusion rule in an intrusion detection system having already stored intrusion rules, and includes: generating combinations of divisions capable of dividing the new intrusion rule into a plurality of partial intrusion rules; calculating the frequency of hash value collisions between each of the generated division combinations and the already stored intrusion rules; dividing the new intrusion rule according to the division combination which has the lowest calculated frequency of hash value collisions; and storing the divided new intrusion rule in a corresponding position of the intrusion detection system. According to the method and apparatus, the size of the storage unit occupied by the intrusion rule can be reduced, and by performing pattern matching, the performance of the intrusion detection system can be enhanced.
摘要翻译：提供了一种用于存储入侵规则的方法和装置。该方法在已经存储了入侵规则的入侵检测系统中存储新的入侵规则，并且包括：生成能够将新的入侵规则划分成多个部分入侵规则的分割组合; 计算每个生成的分割组合与已经存储的入侵规则之间的散列值冲突的频率; 根据哈希值碰撞计算频率最低的划分组合划分新的入侵规则; 并将分割的新入侵规则存储在入侵检测系统的相应位置。根据该方法和装置，可以减少入侵规则占用的存储单元的大小，通过执行模式匹配，能够提高入侵检测系统的性能。

15. 发明授权

US07735128B2 Method of storing pattern matching policy and method of controlling alert message 失效
标题翻译：存储模式匹配策略的方法和控制报警信息的方法
公开(公告)号：US07735128B2
公开(公告)日：2010-06-08
申请号：US11635245
申请日：2006-12-07
申请人： Byoung Koo Kim , Kwang Ho Baik , Jin Tae Oh , Jong Soo Jang , Sung Won Sohn
发明人： Byoung Koo Kim , Kwang Ho Baik , Jin Tae Oh , Jong Soo Jang , Sung Won Sohn
IPC分类号： G06F9/00 , G06F7/04 , H04L9/00
CPC分类号： H04L12/5602
摘要： A method of storing a pattern matching policy and a method of controlling an alert message are provided. The method includes (a) generating a content structure as a sub-structure of a header combination structure of a stored traffic pattern which is a policy to be newly applied to a pattern matching apparatus; (b) determining whether a content of the stored traffic pattern is identical to a content of an original traffic pattern stored in advance in the pattern matching apparatus; (c) allocating a content index of the content of the original traffic pattern to the content of the stored traffic pattern if the content of the stored traffic pattern is identical to the content of the original traffic pattern; and (d) determining whether a header combination structure of the original traffic pattern comprises only one content structure or more than one content structure and allocating a header index of the header combination structure of the stored traffic pattern to the header combination structure of the original traffic pattern if the header combination structure of the original traffic pattern is found to comprise only one content structure. Accordingly, it is possible to efficiently use hardware memories with limited storage capacities and effectively perform a pattern matching function.
摘要翻译：提供了一种存储模式匹配策略的方法和一种控制警报消息的方法。该方法包括：（a）生成内容结构作为作为新应用于模式匹配装置的策略的存储的流量模式的头部组合结构的子结构; （b）确定存储的业务模式的内容是否与预先存储在模式匹配装置中的原始业务模式的内容相同; （c）如果存储的业务模式的内容与原始业务模式的内容相同，则将原始业务模式的内容的内容索引分配给所存储的业务模式的内容; 和（d）确定原始业务模式的报头组合结构是否仅包含一个内容结构或多于一个内容结构，并且将所存储的业务模式的报头组合结构的报头索引分配给原始业务的报头组合结构如果发现原始流量模式的头组合结构仅包含一个内容结构，则模式。因此，可以有效地使用具有有限存储容量的硬件存储器并且有效地执行模式匹配功能。

16. 发明申请

US20100067391A1 APPARATUS AND METHOD FOR VISUALIZING NETWORK SITUATION USING SECURITY CUBE 有权
标题翻译：使用安全库可视化网络状况的装置和方法
公开(公告)号：US20100067391A1
公开(公告)日：2010-03-18
申请号：US12516494
申请日：2007-08-23
申请人： Beom-Hwan Chang , Chi-Yoon Jeong , Seon-Gyoung Sohn , Soo-Hyung Lee , Hyo-Chan Bang , Geon-Lyang Kim , Hyun-Joo Kim , Won-Joo Park , Jong-Ho Ryu , Jong-Hyun Kim , Jong-Soo Jang , Sung-Won Sohn , Jung-Chan Na
发明人： Beom-Hwan Chang , Chi-Yoon Jeong , Seon-Gyoung Sohn , Soo-Hyung Lee , Hyo-Chan Bang , Geon-Lyang Kim , Hyun-Joo Kim , Won-Joo Park , Jong-Ho Ryu , Jong-Hyun Kim , Jong-Soo Jang , Sung-Won Sohn , Jung-Chan Na
IPC分类号： H04L12/26
CPC分类号： H04L63/1441 , H04L63/20
摘要： An apparatus and method for visualizing a network condition related to a network security are provided. The apparatus includes a traffic feature extracting unit, a network condition displaying unit, and a traffic abnormal condition determining unit. The traffic feature extracting unit extracts information including source address, source port, destination address, and destination port from network traffics, selects two of the extracted information, and calculates unique dispersion degrees of two unselected information. The network condition displaying unit displays a two-dimensional cube expressed using the calculated unique dispersion degrees for the classified traffics. The traffic abnormal condition determining unit determines whether the traffics are in an abnormal condition or not based on the two-dimensional security cube.
摘要翻译：提供了一种用于可视化与网络安全相关的网络状况的装置和方法。该装置包括交通特征提取单元，网络状态显示单元和交通异常状况判定单元。流量特征提取单元从网络流量提取包括源地址，源端口，目的地址和目的地端口的信息，选择两个提取的信息，并计算两个未选择信息的唯一色散度。网络条件显示单元显示使用所计算的分类业务的唯一色散度表示的二维立方体。交通异常判定单元基于二维安全立方体来判定是否处于异常状态。

17. 发明授权

US07613669B2 Method and apparatus for storing pattern matching data and pattern matching method using the same 有权
标题翻译：用于存储模式匹配数据的方法和装置以及使用其的模式匹配方法
公开(公告)号：US07613669B2
公开(公告)日：2009-11-03
申请号：US11453954
申请日：2006-06-14
申请人： Seung Won Shin , Jin Tae Oh , Jong Soo Jang , Sung Won Sohn
发明人： Seung Won Shin , Jin Tae Oh , Jong Soo Jang , Sung Won Sohn
IPC分类号： G06N5/02 , G06F9/26 , G06F9/34 , G06F7/00 , G06F17/30
CPC分类号： G06F21/56 , G06F17/30949 , G06F21/55 , G06F21/567 , G06K9/62 , Y10S707/99936
摘要： A method and apparatus for storing pattern matching data and a pattern matching method using the method and apparatus are provided. The method of storing original data for pattern matching in a pattern matching apparatus includes: dividing the original data into segments of a predetermined size; performing a hash operation on each of the divided segments; determining whether or not the hash operation value of each segment causes a hash collision with a hash operation value stored in a first external memory disposed outside the pattern matching apparatus; and controlling the hash operation value of each segment determined not to cause a hash collision to be stored in the first external memory. According to the method and apparatus, the original data desired to be used for pattern matching can be stored at a faster speed in a pattern matching data storing apparatus.
摘要翻译：提供一种用于存储模式匹配数据的方法和装置以及使用该方法和装置的模式匹配方法。在模式匹配装置中存储用于模式匹配的原始数据的方法包括：将原始数据划分成预定大小的段; 对每个分割的段执行散列操作; 确定每个段的散列操作值是否与存储在布置在模式匹配装置外部的第一外部存储器中的散列操作值引起哈希冲突; 并且将被确定为不引起散列冲突的每个段的散列操作值控制在第一外部存储器中。根据该方法和装置，可以在模式匹配数据存储装置中以更快的速度存储期望用于模式匹配的原始数据。

18. 发明授权

US07583952B2 Access pointer for interconnecting power line communication network and wireless network and method therefor 有权
标题翻译：用于互连电力线通信网络和无线网络的接入指针及其方法
公开(公告)号：US07583952B2
公开(公告)日：2009-09-01
申请号：US11286560
申请日：2005-11-23
申请人： Hyung Kyu Lee , Jong Wook Han , Jong Soo Jang , Sung Won Sohn
发明人： Hyung Kyu Lee , Jong Wook Han , Jong Soo Jang , Sung Won Sohn
IPC分类号： H04M9/00 , H04Q7/20
CPC分类号： H04W4/18 , H04B3/54 , H04B2203/5441 , H04B2203/5445 , H04B2203/5454 , H04L12/2803 , H04L12/2832 , H04L12/4625 , H04L2012/2841 , H04L2012/2843 , H04W80/00 , H04W88/08 , Y02D70/142
摘要： An access pointer for interconnecting a power line communication (PLC) network of a home network and a wireless network and a method therefor are provided. When data is received from the PLC network through media access control of a data link layer, data on upper layers above a network layer in the received data is converted into a format suitable to a wireless network layer. The converted data is transmitted to the wireless network through the media access control of the data link layer. Accordingly, the PLC network and the wireless network are easily interconnected.
摘要翻译：提供了用于互连家庭网络的电力线通信（PLC）网络和无线网络的接入指针及其方法。当通过数据链路层的媒体访问控制从PLC网络接收到数据时，接收到的数据中的网络层上的上层数据被转换为适合于无线网络层的格式。转换的数据通过数据链路层的媒体访问控制被发送到无线网络。因此，PLC网络和无线网络容易互连。

19. 发明申请

US20090158431A1 METHOD OF DETECTING POLYMORPHIC SHELL CODE 审中-公开
标题翻译：检测多晶壳代码的方法
公开(公告)号：US20090158431A1
公开(公告)日：2009-06-18
申请号：US12333490
申请日：2008-12-12
申请人： Dae Won KIM , Ik Kyun KIM , Yang Seo CHOI , Seung Yong YOON , Byoung Koo KIM , Jin Tae OH , Jong Soo JANG
发明人： Dae Won KIM , Ik Kyun KIM , Yang Seo CHOI , Seung Yong YOON , Byoung Koo KIM , Jin Tae OH , Jong Soo JANG
IPC分类号： G06F11/00
CPC分类号： H04L63/1416 , G06F21/566
摘要： There is provided a method of detecting a polymorphic shell code. The decoding routine of the polymorphic shell code is detected from received data. In order for the decoding routine to access the address of an encoded code, the address of a currently executed code is stored in a stack, the value is moved in a register table, and it is determined whether the value is actually used for operating a memory. Emulation is finally performed and the degree of correctness of detection is improved. Therefore, time spent on detecting the polymorphic shell code and an overhead are reduced and the correctness of detection is increased.
摘要翻译：提供了一种检测多态shell代码的方法。从接收的数据中检测多态shell码的解码程序。为了使解码程序访问编码的地址，当前执行的代码的地址被存储在堆栈中，该值被移动到寄存器表中，并且确定该值是否实际用于操作记忆。最后进行仿真，提高检测的正确性。因此，用于检测多态shell代码和开销的时间减少，并且检测的正确性增加。

20. 发明授权

US07539147B2 Apparatus and method for detecting and visualizing anomalies in network traffic 有权
标题翻译：用于检测和可视化网络流量异常的装置和方法
公开(公告)号：US07539147B2
公开(公告)日：2009-05-26
申请号：US11077638
申请日：2005-03-11
申请人： Beom Hwan Chang , Soo Hyung Lee , Jin Oh Kim , Jung Chan Na , Jong Soo Jang , Sung Won Sohn
发明人： Beom Hwan Chang , Soo Hyung Lee , Jin Oh Kim , Jung Chan Na , Jong Soo Jang , Sung Won Sohn
IPC分类号： G01R31/08
CPC分类号： H04L41/22 , H04L41/06 , H04L43/0817
摘要： Provided is an apparatus for detecting and visualizing anomalies in network traffic which includes a traffic information storing portion storing information on network traffic, a traffic state display portion presenting a status of the network traffic generated for a predetermined threshold time based on the information on network traffic on an orthogonal coordinates system in a form of a graph connecting at least one point data as a coordinate value, and a traffic anomalies determination portion determining an existence of anomalies in the network traffic based on a shape of the graph.
摘要翻译：提供了一种用于检测和可视化网络流量异常的装置，其包括存储关于网络流量的信息的交通信息存储部分，基于关于网络流量的信息呈现针对预定阈值时间生成的网络流量的状态的交通状态显示部分以连接至少一个点数据作为坐标值的图形的正交坐标系，以及基于图形的形状来确定网络业务中的异常的存在的业务异常确定部分。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式