| Patent application number | Description | Published |
|---|
| 20090259673 | METHOD AND APPARATUS FOR EXTRACTING TEXT FROM INTERNET MAIL ATTACHMENT FILE - Provided are a method and apparatus for extracting text from an Internet mail attachment file. The apparatus includes a mail display unit for displaying Internet mail and an attachment file received from outside, an attachment file storage for storing the attachment file, a text extraction engine for extracting a text code included in the attachment file, and an attachment file text extractor for extracting text included in the attachment file using the text extraction engine. | 10-15-2009 |
| 20090299935 | METHOD AND APPARATUS FOR DIGITAL FORENSICS - A method and apparatus for digital forensics are provided. The apparatus for digital forensics includes a page file extractor for extracting a page file stored in a target storage medium, a stored-page feature extractor for extracting features of pages stored in the extracted page file, a page classifier for comparing the extracted features of the pages with at least one predetermined classification criterion and classifying the pages according to the comparison results, and a digital forensics unit for performing digital forensics according to the classified pages. According to the method and apparatus, it is possible to perform digital forensics using only information of a page file. | 12-03-2009 |
| 20090313699 | APPARATUS AND METHOD FOR PREVENTING ANOMALY OF APPLICATION PROGRAM - An apparatus and method for preventing an anomaly of an application program are provided. More particularly, an apparatus and method for preventing an anomaly of an application program that detect and stop an anomaly on the basis of a behavior profile for an application program are provided. The apparatus includes a behavior monitor that detects behavior of an application program in operation, an anomaly detector that determines whether the detected behavior of the application program is an anomaly on the basis of a behavior profile of the application program in operation, and an anomaly stopper that stops the behavior of the application program determined as an anomaly by the anomaly detector. Possible application program behavior is stored according to its purpose in a behavior profile and an anomaly is detected and stopped on the basis of the behavior profile, thereby decreasing a false-positive rate of anomaly detection and simultaneously solving a problem of a conventional security programs being incapable of defending against attacks using the authority of a program trusted by a user. | 12-17-2009 |
| 20110219454 | METHODS OF IDENTIFYING ACTIVEX CONTROL DISTRIBUTION SITE, DETECTING SECURITY VULNERABILITY IN ACTIVEX CONTROL AND IMMUNIZING THE SAME - Provided is a method of identifying an ActiveX control distribution site, detecting a security vulnerability in an ActiveX control and immunizing the same. A security vulnerability existing in an ActiveX control may be automatically detected, effects brought on by the corresponding security vulnerability may be measured, and abuse of the detected security vulnerability in a user PC to be protected may be immediately prevented. Therefore, since the user PC may be protected regardless of a security patch, it is anticipated that security problems in the Internet environment caused by imprudent use of the ActiveX control may be significantly enhanced. | 09-08-2011 |
| 20110314527 | INTERNET PROTOCOL-BASED FILTERING DEVICE AND METHOD, AND LEGITIMATE USER IDENTIFYING DEVICE AND METHOD - Provided are an Internet Protocol (IP)-based filtering device and method and a legitimate user identifying device and method. The IP-based filtering method includes receiving packets from terminals, determining whether the packets are transmitted based on legitimate user IPs, transmitting the packets to a web server when it is determined that the packets are transmitted based on the legitimate user IPs, and determining whether a capacity capable of processing the packets exists in the web server when it is determined that the received packets are not the packets transmitted based on the legitimate user IPs, and transmitting the packets to the web server when it is determined that the capacity exists in the web server, and blocking the packets when the capacity does not exist. | 12-22-2011 |
