Patents by Inventor Ki Jong Koo
Ki Jong Koo has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11997128Abstract: Collecting the topology and asset information of the virtual generated computer network, converting the topology and asset information into a training data set for training the neural network model, training the neural network model based on the training data set, and training A method and apparatus for predicting an attack vulnerability of a computer network through the step of inferring an attack vulnerability of a target computer network using a neural network model are provided.Type: GrantFiled: August 5, 2021Date of Patent: May 28, 2024Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTEInventors: Ki Jong Koo, Dae Sung Moon, Jooyoung Lee, Ik Kyun Kim, Kyungmin Park, Ho Hwang
-
Publication number: 20240163297Abstract: Disclosed herein are an artificial Intelligence (AI)-based cyber training method. The AI-based cyber training method may include generating a unit attack by training an attack agent based on environment and state information of a cyber range (CR) and a set of attack tools executable on a system, executing the unit attack in the CR, and then determining whether the unit attack has succeeded, and determining whether to perform an attack or a defense based on whether the unit attack has succeeded.Type: ApplicationFiled: August 23, 2023Publication date: May 16, 2024Inventors: Jae-Hak YU, Ki-Jong KOO, Dae-Sung MOON, Ik-Kyun KIM
-
Publication number: 20240104195Abstract: Disclosed herein are an apparatus and method for updating an Internet-based malware detection engine using virtual machine scaling. The method may include creating a scaling group and an update group set based on a first virtual machine image, creating a second virtual machine image for a running virtual machine in response to occurrence of a snapshot event in the virtual update group run based on the first virtual machine image, modifying the scale-out image of the scaling group to the second virtual machine image, updating the scaling group by triggering a scale-out event and a scale-in event in the scaling group in response to occurrence of an update event, and modifying the scale-in image of the scaling group to the second virtual machine image.Type: ApplicationFiled: June 15, 2023Publication date: March 28, 2024Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTEInventors: Sang-Min LEE, Ki-Jong KOO, Jung-Tae KIM, Ji-Hyeon SONG, Jong-Hyun KIM, Dae-Sung MOON
-
Publication number: 20230047450Abstract: Disclosed herein are an apparatus and method for inferring a cyberattack path based on attention. The apparatus includes memory in which at least one program is recorded and a processor for executing the program. The program generates test data required for generating an intelligent attack graph and generates an attack graph based on an intelligent attack path prediction model.Type: ApplicationFiled: August 5, 2022Publication date: February 16, 2023Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTEInventors: Ki-Jong KOO, Dae-Sung MOON, Joo-Young LEE, Ik-Kyun KIM, Kyung-Min PARK
-
Publication number: 20220188339Abstract: Disclosed herein are a network environment synchronization apparatus and method. The network environment synchronization apparatus includes one or more processors, and execution memory for storing at least one program that is executed by the one or more processors, wherein the at least one program is configured to collect data from a network environment and generate a management structure in which collected data is distributed into preset respective group units, generate data discriminators for respective group units using a preset hash function, determine whether data of the management structure has changed with reference to data newly collected from the network environment based on the data discriminators, and when it is determined whether data of the management structure has changed, update the data of the management structure with the newly collected data.Type: ApplicationFiled: December 15, 2021Publication date: June 16, 2022Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTEInventors: Joo-Young LEE, Ki-Jong KOO, Ik-Kyun KIM, Dae-Sung MOON, Kyung-Min PARK
-
Publication number: 20220046048Abstract: Collecting the topology and asset information of the virtual generated computer network, converting the topology and asset information into a training data set for training the neural network model, training the neural network model based on the training data set, and training A method and apparatus for predicting an attack vulnerability of a computer network through the step of inferring an attack vulnerability of a target computer network using a neural network model are provided.Type: ApplicationFiled: August 5, 2021Publication date: February 10, 2022Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTEInventors: Ki Jong KOO, Dae Sung MOON, Jooyoung LEE, Ik Kyun KIM, Kyungmin PARK, Ho HWANG
-
Patent number: 11171915Abstract: Disclosed herein are a server apparatus, a client apparatus, and a method for communication based on network address mutation. The method for communication based on network address mutation, performed by the server apparatus and the client apparatus, includes setting the external address of a network interface for receiving a packet from the client apparatus; setting the internal address of a hidden interface in order to forward the packet received through the network interface to the hidden interface; modifying the external address based on a preset network address mutation rule; and communicating with the client apparatus by forwarding the packet, received from the client apparatus based on the modified external address, to the hidden interface.Type: GrantFiled: June 26, 2019Date of Patent: November 9, 2021Assignee: Electronics and Telecommunications Research InstituteInventors: Kyung-Min Park, Samuel Woo, Dae-Sung Moon, Ki-Jong Koo, Ik-Kyun Kim, Joo-Young Lee
-
Publication number: 20200153861Abstract: Disclosed herein are a decoy apparatus and a method for expanding a fake attack surface using a deception network. The method includes determining, by a protected server, whether a packet is a target to be processed when the packet is received; converting, by the protected server, the packet and transmitting, by the protected server, the converted packet to the decoy apparatus of the deception network when the packet is determined not to be such a target; receiving, by the protected server, a response packet from a decoy virtual machine included in the decoy apparatus as a reply to the converted packet; and modifying, by the protected server, the response packet and transmitting, by the protected server, the modified response packet to the source from which the packet was transmitted, in order to expand the fake attack surface.Type: ApplicationFiled: November 11, 2019Publication date: May 14, 2020Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTEInventors: Kyung-Min PARK, Dae-Sung MOON, Ki-Jong KOO, Ik-Kyun KIM, Samuel WOO, Joo-Young LEE
-
Publication number: 20200099704Abstract: Disclosed are a method and apparatus for searching for an attack path. The apparatus generates an attack graph, generates an attack graph ontology, generates a semantic attack graph by imparting semantics to the attack graph on the basis of the attack graph ontology, and searches for the attack path on the basis of the semantic attack graph.Type: ApplicationFiled: September 23, 2019Publication date: March 26, 2020Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTEInventors: Joo Young LEE, Ki Jong KOO, Ik Kyun KIM, Dae Sung MOON, Kyung Min PARK, Samuel WOO, Ho HWANG
-
Publication number: 20200007496Abstract: Disclosed herein are a server apparatus, a client apparatus, and a method for communication based on network address mutation. The method for communication based on network address mutation, performed by the server apparatus and the client apparatus, includes setting the external address of a network interface for receiving a packet from the client apparatus; setting the internal address of a hidden interface in order to forward the packet received through the network interface to the hidden interface; modifying the external address based on a preset network address mutation rule; and communicating with the client apparatus by forwarding the packet, received from the client apparatus based on the modified external address, to the hidden interface.Type: ApplicationFiled: June 26, 2019Publication date: January 2, 2020Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTEInventors: Kyung-Min PARK, Samuel WOO, Dae-Sung MOON, Ki-Jong KOO, Ik-Kyun KIM, Joo-Young LEE
-
Patent number: 9369908Abstract: A method of controlling the codec mode of a convergence internet protocol (IP) network and a terminal using the method are provided.Type: GrantFiled: November 14, 2014Date of Patent: June 14, 2016Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTEInventors: Ki Jong Koo, Hyun Joo Bae, Byung Sun Lee
-
Publication number: 20150208268Abstract: A method of controlling the codec mode of a convergence internet protocol (IP) network and a terminal using the method are provided.Type: ApplicationFiled: November 14, 2014Publication date: July 23, 2015Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTEInventors: Ki Jong KOO, Hyun Joo BAE, Byung Sun LEE
-
Publication number: 20150189331Abstract: Provided is an image data communication method. The method comprises generating encoding data by encoding image data, generating recovery data by using the encoding data, generating packets by packetizing the encoding data and the recovery data, and transmitting the generated packets. The generating of the recovery data comprises dividing the encoding data into a plurality of fragmented data, and generating the recovery data by performing an XOR operation on at least two fragmented data among the plurality of fragmented data.Type: ApplicationFiled: December 19, 2014Publication date: July 2, 2015Inventors: Ki Jong KOO, Do Young KIM
-
Patent number: 9014037Abstract: Disclosed is an apparatus for transmitting data in a communication system, including: a depacketizer configured to receive loss information on a data packet and congestion information on the channel from a terminal receiving the data packet through the channel; a frame assembly configured to confirm a congestion situation predictor from the congestion information and frame-aggregate data transmitted to the terminal according to the congestion situation predictor; a redundancy controller configured to confirm a data packet loss predictor from the loss information and generate redundancy data of the data according to the data packet loss predictor; and a packetizer configured to transmit the frame aggregated data and the redundancy data, with being included in the data packet.Type: GrantFiled: October 29, 2012Date of Patent: April 21, 2015Assignee: Electronics and Telecommunications Research InstituteInventor: Ki-Jong Koo
-
Patent number: 8958296Abstract: An access point (AP) measures a congestion level of a transmission channel representing a collision probability between frames at a channel busy duration and transmits the congestion level to a terminal. Therefore, the terminal extracts a congestion level that is included in a frame that is received from the AP through a scan process for searching for an AP to which the terminal is to connect. The terminal selects an AP to connect from at least one AP based on the extracted congestion level of the transmission channel.Type: GrantFiled: May 20, 2011Date of Patent: February 17, 2015Assignee: Electronics and Telecommunications Research InstituteInventors: Ki Jong Koo, Do Young Kim, Byung Sun Lee
-
Patent number: 8369350Abstract: The transmission delay of a voice frame can be reduced by performing internal collision resolution and frame aggregation according to the presence or absence of a voice frame awaiting transmission in a MAC layer, thereby reducing an end-to-end voice transmission delay time for a VoIP service.Type: GrantFiled: September 9, 2009Date of Patent: February 5, 2013Assignee: Electronics and Telecommunications Research InstituteInventors: Ki Jong Koo, Hyun Joo Bae, Byung Sun Lee
-
Publication number: 20120213065Abstract: A media access control (MAC) apparatus and corresponding methods for guaranteeing quality-of-service in a wireless local area network (LAN) are presented. The MAC method includes extracting, performing, determining, a first transmitting step, and a second transmitting step. The extracting includes extracting a user priority from a frame received from an upper layer and separately storing a voice frame and a non-voice frame according to an access category (AC). The performing includes independently performing backoff operations for the voice frame and the non-voice frame. The determining includes determining whether the backoff operations for the voice frame and the non-voice frame have simultaneously ended. The first transmitting includes transmitting the voice frame having a higher priority first and performing the backoff operation for the non-voice frame if the backoff operations have simultaneously ended.Type: ApplicationFiled: April 27, 2012Publication date: August 23, 2012Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTEInventors: Ki Jong KOO, Dae Hwan HWANG
-
Patent number: 8199729Abstract: A media access control (MAC) apparatus and corresponding methods for guaranteeing quality-of-service in a wireless local area network (LAN) are presented. The MAC method includes the steps of extracting, performing, determining, a first transmitting step, and a second transmitting step. The extracting step includes extracting a user priority from a frame received from an upper layer and separately storing a voice frame and a non-voice frame according to an access category (AC). The performing step includes independently performing backoff operations for the voice frame and the non-voice frame. The determining step includes determining whether the backoff operations for the voice frame and the non-voice frame have simultaneously ended. The first transmitting step includes transmitting the voice frame having a higher priority first and performing the backoff operation for the non-voice frame if the backoff operations have simultaneously ended.Type: GrantFiled: April 15, 2009Date of Patent: June 12, 2012Assignee: Electronics and Telecommunications Research InstituteInventors: Ki Jong Koo, Dae Hwan Hwang
-
Patent number: 8117029Abstract: Provided is a transmission apparatus for matching sound quality measurement sections of a variable bandwidth multi-codec. The apparatus includes a measurement section setting unit setting a measurement section, which is to be measured for sound quality, in units of time; a first conversion unit converting the measurement section into a measurement section in units of samples; and an information synthesis unit synthesizing information regarding the measurement section in units of samples with a digital original sound and outputting the synthesis result. In addition, provided is a method of matching a measurement section of a reference sound, based on which the end-to-end sound quality measurement of the variable bandwidth multi-codec is performed, and a measurement section of a sound produced by the variable bandwidth multi-codec in a real-time Internet multimedia service. Therefore, distortion of measurement results due to un-matching measurement sections can be reduced.Type: GrantFiled: October 30, 2007Date of Patent: February 14, 2012Assignee: Electronics and Telecommunications Research InstituteInventors: Dae-Ho Kim, Tae-Gyu Kang, Ki-Jong Koo, Do Young Kim, Hae Won Jung
-
Publication number: 20110286329Abstract: An access point (AP) measures a congestion level of a transmission channel representing a collision probability between frames at a channel busy duration and transmits the congestion level to a terminal. Therefore, the terminal extracts a congestion level that is included in a frame that is received from the AP through a scan process for searching for an AP to which the terminal is to connect. The terminal selects an AP to connect from at least one AP based on the extracted congestion level of the transmission channel.Type: ApplicationFiled: May 20, 2011Publication date: November 24, 2011Applicant: Electronics and Telecommunications Research InstituteInventors: Ki Jong Koo, Do Young Kim, Byung Sun Lee