| Patent application number | Description | Published |
|---|
| 20100002880 | SYSTEM AND METHOD FOR LAWFUL INTERCEPTION USING TRUSTED THIRD PARTIES IN SECURE VoIP COMMUNICATIONS - Disclosed is a system for lawful interception using a trusted third party in secure VoIP communication. A VoIP transmit terminal generates a secure packet using a master key received from a trusted third party and then communicates with a VoIP receive terminal. A collection device having received a lawful interception instruction from a key recovering system collects and transmits the secure packet to the key recovering system. The key recovering system decrypts the secure packet using the master key received from the trusted third party and provides the decrypted secure packet to a lawful interception requester or provides the master key received from the trusted third party and the secure packet to the lawful interception requester. It is possible to provide the perfect lawful interception in the secure VoIP communication environment, and to guarantee a perfect forward secrecy since the master key is changed for each call. | 01-07-2010 |
| 20100162350 | SECURITY SYSTEM OF MANAGING IRC AND HTTP BOTNETS, AND METHOD THEREFOR - The present invention relates to a security system of managing IRC and HTTP botnets and a method therefor. More specifically, the present invention relates to a system and a method that detects a botnet in an Internet service provider network to store information related to the detected botnet in a database and performs security management of IRC and HTTP botnets, including a botnet management security management (BMSM) system, configured to visualize the information related to the detected botnet and establish an against policy related to the detected botnet. Accordingly, the present invention provides a security system of managing IRC and HTTP botnets that can efficiently performs the security management of IRC and HTTP botnets by using the BMSM system | 06-24-2010 |
| 20100169973 | System and Method For Detecting Unknown Malicious Code By Analyzing Kernel Based System Actions - There is provided a system and method for detecting unknown malicious code by analyzing kernel based system actions. More particularly, the system and method provides an advantage of actively countering unknown malicious code or viruses by monitoring kernel based system events in real time, organizing action data based on the collected event data, determining whether the action data corresponds to predetermined malicious actions, backtracking a subject of a malicious action when the action data is determined to correspond to the malicious action, and processing the malicious action. | 07-01-2010 |
| 20100290462 | METHOD OF MANAGING GROUP OF DYNAMIC MULTICAST EFFICIENTLY - The present invention relates to a method of efficiently managing dynamic multicast groups. In the method of efficiently managing dynamic multicast groups a hierarchical structure is used as a network structure for a multicast service. Accordingly, there are advantages in that groups can be merged or divided efficiently and overload depending on group management can be reduced. | 11-18-2010 |
| 20110004769 | PASSWORD INPUT SYSTEM USING AN ALPHANUMERIC MATRIX AND PASSWORD INPUT METHOD USING THE SAME - The present invention relates to a password input algorithm, more particularly to a password input system and method using an alphanumeric matrix. An aspect of the invention can provide a password input system and method that can defend against keylogging attacks and shoulder surfing attacks, by having the final password inputted by way of certain alphanumeric matrix letters which are separated by a particular distance from the letters forming the password in the alphanumeric matrix. Also, an aspect of the invention can provide a password input system and method that can further increase the probability of defending against keylogging attacks and shoulder surfing attacks, by having the final password inputted by way of certain alphanumeric matrix letters which are separated by a particular distance from the letters forming the password in the alphanumeric matrix, but with the alphanumeric matrix rotated every time a letter is inputted. | 01-06-2011 |
| 20110004928 | PASSWORD INPUT SYSTEM USING ALPHANUMERIC MATRICES AND PASSWORD INPUT METHOD USING THE SAME - The present invention relates to a password input algorithm, more particularly to a password input system and method using alphanumeric matrices. An aspect of the invention can provide a password input system and method using alphanumeric matrices that can defend against keylogging attacks and shoulder surfing attacks by including a movable second alphanumeric matrix and a fixed first alphanumeric matrix and enabling a user to input a password by moving the password letters of the second alphanumeric matrix to the user-defined value of the first alphanumeric matrix. Another aspect of the invention can provide a password input system and method using alphanumeric matrices that can defend against shoulder surfing attacks by enabling a user to input a password by dividing the password by every two digits and moving the cross-points for the two digits, respectively, to the user-defined value of the first alphanumeric matrix. | 01-06-2011 |
| 20110058481 | DEVICE AND METHOD FOR GENERATING STATISTICAL INFORMATION FOR VOIP TRAFFIC ANALYSIS AND ABNORMAL VOIP DETECTION - A statistical information generator for VoIP traffic analysis is provided, which comprises a packet collection module collecting packets from a network; and a statistical information generation module analyzing information of a call setup packet or a media packet among the packets collected by the packet collection module, and generating statistical information of the network; wherein if the packet collected by the packet collection module is the call setup packet, the statistical information generation module generates the statistical information of the network using at least one of transmitter identification information, receiver identification information, and call identification information among information of the call setup packet as a key value, while if the packet collected by the packet collection module is the media packet, the statistical information generation module generates the statistical information of the network using media session identification information among information of the media packet as a key value. | 03-10-2011 |
| 20110103583 | METHOD AND SYSTEM FOR PRESERVING SECURITY OF SENSOR DATA AND RECORDING MEDIUM USING THEREOF - A method and a system for preserving sensor data based on a time key, and a recording medium thereof are provided. The time key based sensor data security preserving method includes encrypting the sensor data with an encryption key obtained using a time key based polynomial derived using random numbers and a secret key which is shared by a sensor node and an application system; and decrypting the encrypted sensor data with a decryption key obtained by deriving the same polynomial as the time key based polynomial using the random numbers and the secret key. Thus, integrity and confidentiality of the sensor data can be preserved. | 05-05-2011 |
| 20110138462 | SYSTEM AND METHOD FOR DETECTING VOIP TOLL FRAUD ATTACK FOR INTERNET TELEPHONE - Provided is a system for detecting a voice over Internet protocol (VoIP) toll fraud attack. The system includes: a database (DB) storing registration information of normal users; a packet reception module receiving a call set-up packet from a network; and a VoIP signaling message forgery/falsification detection module receiving the call set-up packet from the packet reception module and comparing sender address information or header information of the call set-up packet with the registration information stored in the DB to detect whether the call set-up packet is a packet received from one of the normal users. | 06-09-2011 |
| 20110153811 | SYSTEM AND METHOD FOR MODELING ACTIVITY PATTERNS OF NETWORK TRAFFIC TO DETECT BOTNETS - The invention relates to a system and method that can detect botnets by classifying the communication activities for each client according to destination or based on similarity between the groups of collected traffic. According to certain aspects of the invention, the communication activities for each client can be classified to model network activity by differentiating the protocols of the collected network traffic based on destination and patterning the subgroups for the respective protocols. Those servers that are estimated to be C&C servers can be classified into download and upload, spam servers and command control servers, within a botnet group detected by modeling network activity, i.e. analyzing network-based activity patterns. Also, botnet groups can be detected by way of a group information management function, for generating an activity pattern-based group matrix based on group data, and a mutual similarity analysis, performed on groups suspected to be botnets from the group information. | 06-23-2011 |
| 20110154489 | SYSTEM FOR ANALYZING MALICIOUS BOTNET ACTIVITY IN REAL TIME - A system for analyzing malicious botnet activity in real time is disclosed. This system may include: a control server configured to generate botnet activity information relating to a type of malicious botnet activity, and transmit the botnet activity information to the outside, after receiving bot occurrence information from the outside; | 06-23-2011 |
| 20110154492 | MALICIOUS TRAFFIC ISOLATION SYSTEM AND METHOD USING BOTNET INFORMATION - The present invention relates to a malicious traffic isolation system and method using botnet information, and more particularly, to a malicious traffic isolation system and method using botnet information, in which traffics for a set of clients having the same destination are routed to the isolation system based on a destination IP/Port, and botnet traffics are isolated using botnet information based on similarity among groups of the routed and flowed in traffics. The present invention may provide a malicious traffic isolation method using botnet information, which can accommodate traffics received from a PC or a C&C server infected with a bot into a quarantine area, isolate traffics generated by normal users from traffics transmitted from malicious bots, and block the malicious traffics. In addition, the present invention may provide a malicious traffic isolation method using botnet information, which can provide a function of mitigating DDoS attacks of a botnet. | 06-23-2011 |
