Patent application number | Description | Published |
20090259673 | METHOD AND APPARATUS FOR EXTRACTING TEXT FROM INTERNET MAIL ATTACHMENT FILE - Provided are a method and apparatus for extracting text from an Internet mail attachment file. The apparatus includes a mail display unit for displaying Internet mail and an attachment file received from outside, an attachment file storage for storing the attachment file, a text extraction engine for extracting a text code included in the attachment file, and an attachment file text extractor for extracting text included in the attachment file using the text extraction engine. | 10-15-2009 |
20090299935 | METHOD AND APPARATUS FOR DIGITAL FORENSICS - A method and apparatus for digital forensics are provided. The apparatus for digital forensics includes a page file extractor for extracting a page file stored in a target storage medium, a stored-page feature extractor for extracting features of pages stored in the extracted page file, a page classifier for comparing the extracted features of the pages with at least one predetermined classification criterion and classifying the pages according to the comparison results, and a digital forensics unit for performing digital forensics according to the classified pages. According to the method and apparatus, it is possible to perform digital forensics using only information of a page file. | 12-03-2009 |
20090313699 | APPARATUS AND METHOD FOR PREVENTING ANOMALY OF APPLICATION PROGRAM - An apparatus and method for preventing an anomaly of an application program are provided. More particularly, an apparatus and method for preventing an anomaly of an application program that detect and stop an anomaly on the basis of a behavior profile for an application program are provided. The apparatus includes a behavior monitor that detects behavior of an application program in operation, an anomaly detector that determines whether the detected behavior of the application program is an anomaly on the basis of a behavior profile of the application program in operation, and an anomaly stopper that stops the behavior of the application program determined as an anomaly by the anomaly detector. Possible application program behavior is stored according to its purpose in a behavior profile and an anomaly is detected and stopped on the basis of the behavior profile, thereby decreasing a false-positive rate of anomaly detection and simultaneously solving a problem of a conventional security programs being incapable of defending against attacks using the authority of a program trusted by a user. | 12-17-2009 |
20110219454 | METHODS OF IDENTIFYING ACTIVEX CONTROL DISTRIBUTION SITE, DETECTING SECURITY VULNERABILITY IN ACTIVEX CONTROL AND IMMUNIZING THE SAME - Provided is a method of identifying an ActiveX control distribution site, detecting a security vulnerability in an ActiveX control and immunizing the same. A security vulnerability existing in an ActiveX control may be automatically detected, effects brought on by the corresponding security vulnerability may be measured, and abuse of the detected security vulnerability in a user PC to be protected may be immediately prevented. Therefore, since the user PC may be protected regardless of a security patch, it is anticipated that security problems in the Internet environment caused by imprudent use of the ActiveX control may be significantly enhanced. | 09-08-2011 |
20110314527 | INTERNET PROTOCOL-BASED FILTERING DEVICE AND METHOD, AND LEGITIMATE USER IDENTIFYING DEVICE AND METHOD - Provided are an Internet Protocol (IP)-based filtering device and method and a legitimate user identifying device and method. The IP-based filtering method includes receiving packets from terminals, determining whether the packets are transmitted based on legitimate user IPs, transmitting the packets to a web server when it is determined that the packets are transmitted based on the legitimate user IPs, and determining whether a capacity capable of processing the packets exists in the web server when it is determined that the received packets are not the packets transmitted based on the legitimate user IPs, and transmitting the packets to the web server when it is determined that the capacity exists in the web server, and blocking the packets when the capacity does not exist. | 12-22-2011 |
20130122861 | SYSTEM AND METHOD FOR VERIFYING APPS FOR SMART PHONE - A system and method for verifying apps for a smart phone are provided. The system for verifying apps for a smart phone includes an app auto-verification device and an app self-verification device. The app auto-verification device analyzes the installation tile of an app to be installed in the smart phone, constructs a scenario, executes the app in the smart phone in accordance with the scenario, and determines malicious behavior using the results of the execution. The app self-verification device monitors an installation file corresponding to an app to be installed in the smart phone, and determines malicious behavior by analyzing a behavioral log corresponding to results of the monitoring. | 05-16-2013 |
20140013389 | COMMUNICATION BLOCKING CONTROL APPARATUS AND METHOD THEREOF - A communication blocking control method includes receiving a communication blocking request from a terminal in an idle state in which it is difficult to find out whether information is leaked or not; registering a state of the terminal in a communication blocked list according to the communication blocking request; and blocking external communication of the terminal through a network. | 01-09-2014 |
20140020067 | APPARATUS AND METHOD FOR CONTROLLING TRAFFIC BASED ON CAPTCHA - An apparatus and method for controlling traffic based on a Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) are provided. The traffic control apparatus includes a traffic monitoring unit, a CAPTCHA verification unit, a list management unit, and a traffic control unit. The traffic monitoring unit monitors a packet between an internal network and an external network. The CAPTCHA verification unit, if packet information is not present in an access control list, sends a CAPTCHA request message to a client computer, receives a CAPTCHA response message, and verifies the CAPTCHA response message. The list management unit, if the packet information is present in the access control list, detects an access control policy corresponding to the packet information in the access control list. The traffic control unit controls traffic based the verification of the CAPTCHA response message and the control policy. | 01-16-2014 |
20140047543 | APPARATUS AND METHOD FOR DETECTING HTTP BOTNET BASED ON DENSITIES OF WEB TRANSACTIONS - An apparatus and method for detecting a Hyper Text Transfer Protocol (HTTP) botnet based on the densities of transactions. The apparatus includes a collection management unit, a web transaction classification unit, and a filtering unit. The collection management unit extracts metadata from HTTP request packets collected by a traffic collection sensor. The web transaction classification unit extracts web transactions by analyzing the metadata, and generates a gray list by arranging the extracted web transactions according to the frequency of access. The filtering unit detects an HTTP botnet by filtering the gray list based on a white list and a black list. | 02-13-2014 |
20140123288 | NETWORK INTRUSION DETECTION APPARATUS AND METHOD USING PERL COMPATIBLE REGULAR EXPRESSIONS-BASED PATTERN MATCHING TECHNIQUE - A network intrusion detection apparatus and method that perform Perl Compatible Regular Expressions (PCRE)-based pattern matching on the payloads of packets using a network processor equipped with a Deterministic Finite Automata (DFA) engine. The network intrusion detection apparatus includes a network processor core for receiving packets from a network, and transmitting payloads of the received packets to a Deterministic Finite Automata (DFA) engine. A detection rule converter converts a PCRE-based detection rule, preset to detect an attack packet, into a detection rule including a pattern to which only PCRE grammar corresponding to the DFA engine is applied. The DFA engine performs PCRE pattern matching on the payloads of the packets based on the detection rule converted by the detection rule converter. | 05-01-2014 |
20150067868 | APPARATUS AND METHOD FOR MANIFESTING EVENT TO VERIFY SECURITY OF MOBILE APPLICATION - An apparatus and method for manifesting an event to verify the security of a mobile application are provided. The apparatus for manifesting an event to verify the security of a mobile application includes a tester application production unit, a tester application execution unit, and a tester application daemon execution unit. The tester application production unit produces a tester application for testing an application to be tested based on application information which is extracted from the application to be tested. The tester application execution unit executes the application to be tested by manifesting an event included in the extracted application information, and extracts a user view object output to a screen of a smart device when the application to be tested is executed. The tester application daemon execution unit generates a touch event based on the extracted user view object, and performs a screen change. | 03-05-2015 |