Abstract: Disclosed are methods, apparatus and programs for generating graph database of incident resources, one of the methods comprises receiving an incident resource data set, extracting valid incident resource information from the incident resource data set, setting a resource ID for a incident resource included in the valid incident resource information, setting each attribute ID for a plurality of constituent elements of the incident resource, setting a relationship between the incident resource in which the resource ID is set and the plurality of constituent elements in which the attribute ID is each set, generating a resource node of the incident resource based on the resource ID, generating each attribute node of the plurality of constituent elements based on the attribute ID, and generating a graph database in which the resource node and the attribute node are connected to each other by an edge indicating the set relationship.

Abstract: method and apparatus for generating incident graph database are provided, one of methods comprises, generating incident coverage using an apparatus for generating an incident graph database when the incident coverage comprising a first node and a second node connected by a first edge and constituting an incident graph database does not exist, determining whether each of the first node and the second node has additional connection based on a relationship type of the first edge using the apparatus for generating an incident graph database, expanding the incident coverage to further comprise an expansion node using the apparatus for generating an incident graph database, repeating the generating of the incident coverage, the determining of whether each of the first node and the second node has the additional connection, and the expanding of the incident coverage on all edges included in the incident graph database using the apparatus for generating an incident graph database and generating a first incident node

Abstract: Provided are a method of collecting cyber incident information, the method being performed by an apparatus for collecting cyber incident information and comprises a first operation of collecting a cyber threat indicator through a first information sharing channel, a second operation of setting the collected cyber threat indicator as reference information and collecting an associated indicator retrieved from a second information sharing channel using the reference information, and a third operation of setting the associated. indicator as the reference information and repeating the second operation when it is determined that the associated indicator corresponds to the type of the reference information and that there is relevance between the cyber threat indicator and the associated indicator, wherein the second information sharing channel is determined according to the type of the reference information.

Abstract: Provided are a method and apparatus for calculating a risk of cyber attacks, and, more particularly to a method and apparatus for calculating a risk of cyber attacks, by which the risk of cyber attacks is quantitatively calculated by analyzing cyber incident information associated with the cyber attacks.

Abstract: A washing machine includes a cabinet forming an external appearance of the washing machine, a tub provided in the cabinet to accommodate wash water, a drain pump coupled to a drain hose configured to guide wash water pumped by the drain pump to outside of the cabinet, and a holder coupled to an outer surface of the cabinet to fix the drain hose to the cabinet. The holder is coupled to the outer surface of the cabinet while having both ends coupled to each other to form an accommodation hole surrounding the outer circumferential surface of the drain hose, and at least one movement preventing protrusion formed on an inner circumferential surface of the holder to prevent the drain hose from being separated from the holder protrudes toward inside of the holder to come into contact with the outer circumferential surface of the drain hose.

Abstract: Provided is a violation information intelligence analysis system configuring an AEGIS along with a violation incident association information collection system, including a violation information management module configured to manage information and violation information intelligence analysis-related information received from the violation incident association information collection system, a collection information analysis module configured to extract a violation information ID based on the received information and to extract a relationship between the violation information ID and raw data, an intelligence generation and management module configured to generate intelligence based on a policy stored in the violation information intelligence analysis system in response to an intelligence generation request, convert a format of the intelligence in order to externally transfer the intelligence, and store history information, and an intelligence analysis module configured to support an in-depth information (N-dep

Abstract: Provided is a violation information management module configuring a violation information intelligence analysis system of an accumulated and integrated intelligence system (AEGIS), including a violation incident association information collection unit configured to analyze information received from a violation incident association information collection system and log the analyzed information, a violation information ID management unit configured to query a violation information DB about an ID of violation information and issue an ID to violation information to which an ID has not been assigned as a result of the query, and a violation information management unit configured to query the violation information DB about raw data or relationship information or store raw data or relationship information in the violation information DB and to query the violation information DB about information derived based on an analysis base defined by a system or administrator.

Abstract: Provided is a mechanism capable of assigning at least one index (ID) to violation abuse resources, violation association information, and violation information by taking into consideration organic relationships between the violation abuse resources, the violation association information, and the violation information when the generated violation abuse resources, the violation association information, and the violation information are collected through an external violation sharing channel or when they are collected or queried and of managing the generated violation abuse resources, the violation association information, and the violation information.

Abstract: A system and method for analyzing mobile cyber incidents that checks whether codes attacking the weaknesses of mobile users are inserted into collected URLs and whether applications are downloaded and automatically executed, without the agreement of users, so that if the mobile cyber incidents are analyzed through the manual analysis of a manager, the applications to be analyzed manually can be reduced.

Abstract: A method for detecting mobile cyber incidents includes: allowing a mobile incident collection server to determine whether new text is received; extracting the text original hash from the received new text by means of the mobile incident collection server; allowing the mobile incident collection server to determine whether attached file exists on the basis of the extracted text original hash; if the attached file exists, extracting the attached file by means of the mobile incident collection server; and storing and managing the APP information of the extracted attached file as mobile cyber incident information in the mobile incident collection server.

Abstract: A system for detecting mobile cyber incidents includes: a mobile incident collection server adapted to collect text messages sent through communication company servers to produce text message detection information, to collect URL information based on real-time search words provided by search portals to produce URL detection information, and to collect basic information of application files being sold in application market servers to produce APK detection information; and a detection information DB adapted to receive, store and manage the text message detection information, the URL detection information and the APK detection information produced from the mobile incident collection server.

Abstract: A method for detecting mobile cyber incidents includes: allowing a mobile incident collection server to determine whether new text is received; extracting the text original hash from the received new text by means of the mobile incident collection server; allowing the mobile incident collection server to determine whether attached file exists on the basis of the extracted text original hash; if the attached file exists, extracting the attached file by means of the mobile incident collection server; and storing and managing the APP information of the extracted attached file as mobile cyber incident information in the mobile incident collection server.

Abstract: A system and method for analyzing mobile cyber incidents that checks whether codes attacking the weaknesses of mobile users are inserted into collected URLs and whether applications are downloaded and automatically executed, without the agreement of users, so that if the mobile cyber incidents are analyzed through the manual analysis of a manager, the applications to be analyzed manually can be reduced.

Abstract: A system for detecting mobile cyber incidents includes: a mobile incident collection server adapted to collect text messages sent through communication company servers to produce text message detection information, to collect URL information based on real-time search words provided by search portals to produce URL detection information, and to collect basic information of application files being sold in application market servers to produce APK detection information; and a detection information DB adapted to receive, store and manage the text message detection information, the URL detection information and the APK detection information produced from the mobile incident collection server.

Abstract: A washing machine includes a cabinet forming an external appearance of the washing machine, a tub provided in the cabinet to accommodate wash water, a drain pump coupled to a drain hose configured to guide wash water pumped by the drain pump to outside of the cabinet, and a holder coupled to an outer surface of the cabinet to fix the drain hose to the cabinet. The holder is coupled to the outer surface of the cabinet while having both ends coupled to each other to form an accommodation hole surrounding the outer circumferential surface of the drain hose, and at least one movement preventing protrusion formed on an inner circumferential surface of the holder to prevent the drain hose from being separated from the holder protrudes toward inside of the holder to come into contact with the outer circumferential surface of the drain hose.

Abstract: Hypervisor-based intrusion prevention platform is provided. The hypervisor-based intrusion prevention platform comprises a virtual network intrusion prevention system (vIPS) framework which obtains internal information of a virtualization system from a hypervisor and performs security control on the hypervisor in response to the result of intrusion detection carried out by using the internal information of the virtualization system, a hypervisor security application programming interface (API) module which provides an API used by the vIPS framework to access the hypervisor, an administrator account management and authentication module which manages an administrator account of a vIPS and authenticates the administrator account, an environment setting management module which manages environment setting values of modules within the vIPS, and an external interface module which provides an interface for system control and security control.