Patents Assigned to Internet Security
  • Publication number: 20240289454
    Abstract: An apparatus for collecting meta data related to malicious code meta information, includes: an application programming interface (API) key setting unit configured to register as a member of a collection channel related to malicious code of cyber attacks, and set the API key as an initialization input; a collection channel access unit configured to, upon input of the set API key, access the collection channel; an execution command interpretation unit configured to, subsequent to accessing the collection channel, upon input of an execution command, interpret the input execution command; and a meta information management unit configured to, based on API information provided from the collection channel according to the interpreted execution command, extract at least one piece of meta information for identifying an attack group, and manage the at least one piece of meta information in a JSON format for each attack group.
    Type: Application
    Filed: February 12, 2024
    Publication date: August 29, 2024
    Applicant: Korea Internet & Security Agency
    Inventors: Jae Han JEONG, Chan Woong HWANG, Jae Gyu JEON, Woong GO
  • Publication number: 20240154990
    Abstract: A device for automatically sorting a cyber attack includes an event feature generator that extracts a unique attacker IP by analyzing attacker IPs for each of the different kinds of security devices, and generates AI learning features of the security events of the different kinds of security devices including feature numerical data quantifying at least two or more features through attack information analysis recorded in the different kinds of security devices based on the information on the security events of the different kinds of security devices mapped to the extracted unique attacker IP, and an attack type sorter that learns the generated feature numerical data using an unsupervised learning algorithm, generates clustering data by sorting the feature numerical data into similar attack data and clustering sorted feature numerical data, and then analyzes the generated clustering data to identify a short-term or long-term attacker's cyber attack type.
    Type: Application
    Filed: October 31, 2023
    Publication date: May 9, 2024
    Applicant: Korea Internet & Security Agency
    Inventors: Do Won KIM, Tae Eun KIM, Ki Jong SON, Sae Woom LEE, Seul Ki CHOI, Tae Hyeon KIM, Gyeong Jin NA
  • Publication number: 20240152604
    Abstract: Disclosed are a system and method for automatically generating a playbook and verifying validity of a playbook based on artificial intelligence, wherein the system present invention includes a system for automatically generating a playbook that automatically generates the playbook, and a system for verifying validity of a playbook that is connected to the system for automatically generating a playbook through a network to perform the verification of the validity on the playbook received from the system for automatically generating a playbook.
    Type: Application
    Filed: October 31, 2023
    Publication date: May 9, 2024
    Applicant: Korea Internet & Security Agency
    Inventors: Do Won KIM, Tae Eun KIM, Ki Jong SON, Sae Woom LEE, Seul Ki CHOI, Tae Hyeon KIM, Gyeong Jin NA
  • Publication number: 20240152608
    Abstract: A method of supporting decision-making of security control includes: (a) when an system for automatically analyzing a security threat receives a security warning from a security device, collecting security threat events generating the security warning from the security device; (b) when the collected security threat events exceed a preset event processing threshold, generating, by the system for automatically analyzing a security threat, a first request message for preferentially processing a security event; (c) when receiving the first request message generated from the system, determining, by the system for supporting priority of security control, a priority processing order of the security threat events, and notifying the system; and (d) when receiving the second request message generated from the system, determining, by the system for supporting priority of security control, a priority processing order and notifying the system for automatically analyzing a security threat of the determined priority process
    Type: Application
    Filed: October 31, 2023
    Publication date: May 9, 2024
    Applicant: Korea Internet & Security Agency
    Inventors: Do Won KIM, Tae Eun KIM, Ki Jong SON, Sae Woom LEE, Seul Ki CHOI, Tae Hyeon KIM, Gyeong Jin NA
  • Publication number: 20230171272
    Abstract: Disclosed are a system and a method for detecting session initiation protocol (SIP) noncoding, and more particularly, to a system and a method for detecting SIP noncoding, which can manage reputation of a client terminal according to whether or not the client terminal sends an encoded SIP message through a 5G non-standalone/Standalone (5G NSA/SA), thereby preventing an SIP spoofing attack.
    Type: Application
    Filed: June 27, 2022
    Publication date: June 1, 2023
    Applicant: Korea Internet & Security Agency
    Inventors: Do Won KIM, Seong Min PARK, Hyung Jin CHO, Young Kwon PARK, Dae Un KIM, Sung Moon KWON
  • Publication number: 20230156043
    Abstract: Disclosed is a system and a method of supporting a decision-making for security management to cause a security controller to rapidly take precautions against a threat, the system comprising: an interface unit configured to receive a request for support of a decision-making, and a processing unit configured to support at least one decision-making concerning materialization of the threat, the selection of a security event to be preferentially processed, or the recommendation of a most suitable response according to the request for the support of the decision-making.
    Type: Application
    Filed: October 25, 2022
    Publication date: May 18, 2023
    Applicant: Korea Internet & Security Agency
    Inventors: Do Won KIM, Tae Eun KIM, Ki Jong SON, Seul Ki CHOI, Jong Ki KIM
  • Publication number: 20230156026
    Abstract: Disclosed is a system and a method of automatizing a threat analysis based on artificial intelligence according to the present invention, the system comprising: a playbook automatic-generation module configured to generate a playbook based on a template by utilizing an artificial learning model; a playbook verification and management module configured to verify effectiveness of the playbook generated by the playbook automatic-generation module; a playbook database configured to save the playbook verified by the playbook verification and management module; and a playbook execution module configured to automatically execute any playbook corresponding to a detected event through matching therebetween from the playbook database.
    Type: Application
    Filed: October 25, 2022
    Publication date: May 18, 2023
    Applicant: Korea Internet & Security Agency
    Inventors: Do Won KIM, Tae Eun KIM, Ki Jong SON, Seul Ki CHOI, Jong Ki KIM
  • Publication number: 20230146636
    Abstract: Disclosed is a system and a method of detecting an abnormal act threatening to security based on artificial intelligence according to the present invention, and, more particularly, a system and a method of detecting an abnormal act threatening to security based on artificial intelligence that are capable of rapidly carrying out pre-processing of a large-scaled data set based on multi processing, and efficiently detecting the abnormal act threatening to security via various pieces of security device on the basis of studied artificial intelligence.
    Type: Application
    Filed: October 25, 2022
    Publication date: May 11, 2023
    Applicant: Korea Internet & Security Agency
    Inventors: Do Won KIM, Tae Eun KIM, Ki Jong SON, Seul Ki CHOI, Jong Ki KIM
  • Patent number: 11409374
    Abstract: A method and apparatus for input prediction. The method includes: obtaining an input current text; obtaining a first state parameter of a first text from a cache; inputting the current text and the first state parameter into the recurrent neural network, determining a state parameter of the current text through the recurrent neural network according to the first state parameter; and determining a predicted text of the current text from the word library according to the state parameter of the current text. The first text is a previous text of the current text; the first state parameter is determined through a preset recurrent neural network according to the first text and a state parameter of a previous text of the first text; the recurrent neural network is trained with a preset word library; the word library is used to store words. Through the method and apparatus, time for determining a predicted text is reduced.
    Type: Grant
    Filed: June 18, 2019
    Date of Patent: August 9, 2022
    Assignee: Beijing Kingsoft Internet Security Software Co., Ltd.
    Inventors: Yawei Jia, Xiaoqiang Wu
  • Patent number: 11240202
    Abstract: Embodiments of the present application provide a packet processing method, an electronic device and a readable storage medium. The method is applied to an electronic device installed with a Virtual Private Network VPN application, and includes: a non-VPN application in the electronic device sending a packet that is to be sent by the non-VPN application to the VPN application through a hardware network module and a virtual network module in the electronic device; the VPN application receiving and analyzing the packet; if the analysis indicates that the packet contains a Domain Name System (DNS) resolution request, the VPN application redirecting the DNS resolution request packet to a preset secure DNS server through the virtual network module and the hardware network module. With embodiments of the present application, the security of software, hardware, and data of an electronic device can be effectively ensured with a reduced cost.
    Type: Grant
    Filed: April 28, 2018
    Date of Patent: February 1, 2022
    Assignee: Beijing Kingsoft Internet Security Software Co., Ltd.
    Inventors: Qi Yang, Kangzong Zhang
  • Patent number: 11221859
    Abstract: A method, apparatus, and mobile terminal for presenting a screen saver of an application are disclosed. The method comprises: sending broadcast information by a first application installed on the mobile terminal to other applications when a screen saver is to be activated; obtaining version numbers of the configuration information saved by other applications based on the received broadcast information from other applications; obtaining the latest version of configuration information based on the version number of the configuration information saved by the first application and the received version numbers of the configuration information saved by other applications; determining whether the first application has the highest priority among the first application and other applications based on the priorities of the applications contained in the latest version of configuration information; and if so, presenting the screen saver of the first application.
    Type: Grant
    Filed: December 12, 2016
    Date of Patent: January 11, 2022
    Assignee: Beijing Kingsoft Internet Security Software Co., Ltd.
    Inventors: Kangzong Zhang, Yong Luo
  • Publication number: 20210117476
    Abstract: Provided are a method and apparatus for selecting key information of each group in grouped graph data. According to embodiments, key information of each group is selected using a term frequency-inverse document frequency (TF-IDF) value obtained for each node belonging to each group by using a TD-IDF algorithm for obtaining the importance of each term or keyword in a document.
    Type: Application
    Filed: November 27, 2019
    Publication date: April 22, 2021
    Applicant: Korea Internet & Security Agency
    Inventors: Seul Gi Lee, Sam Shin Shin, Byung Ik Kim, Soon Tai Park, Kyeong Han Kim, Yeon Seob Song
  • Publication number: 20210103566
    Abstract: Provided are a method for abbreviating grouped graph data and an apparatus to which the method is applied. According to an embodiment, the method for abbreviating graph data comprises obtaining source information that is information on a graph structure and grouping information that reflects a result of clustering for the source information, obtaining one or more abbreviation candidate network motifs that all member nodes of the network motifs belong to the same group, among original network motifs extracted from the source information, selecting an abbreviation target network motif based on a sum of levels of edges belonging to the abbreviation candidate network motif of the abbreviation candidate network motifs and replacing the abbreviation target network motif with a single node.
    Type: Application
    Filed: November 27, 2019
    Publication date: April 8, 2021
    Applicant: Korea Internet & Security Agency
    Inventors: Seul Gi Lee, Sam Shin Shin, Byung Ik Kim, Soon Tai Park, Kyeong Han Kim, Yeon Seob Song
  • Patent number: 10824597
    Abstract: A cache folder identification method and device, the method comprising: in the process of running target software, acquiring a plurality of sample values x1, x2, . . . xn of the number of files in the target folder according to a preset rule, the target folder being a folder used in the process of running the target software, n?2; according to a preset algorithm, calculating the statistical value of the plurality of sample values, the statistical value being used to represent the degree of dispersion of the sample values; determining whether the statistical value is greater than a preset first threshold; if so, identifying the target folder as a cache folder. The method has high identification efficiency, and can continuously monitor specific software without missing a cache folder.
    Type: Grant
    Filed: June 24, 2015
    Date of Patent: November 3, 2020
    Assignee: Beijing Kingsoft Internet Security Software Co., Ltd.
    Inventors: Qidong Yang, Guoqiang Jiao, Nan Zhang, Yong Chen
  • Patent number: 10783249
    Abstract: Embodiments of the present application provide a method and apparatus for removing a root-privileged virus and an electronic device. The method includes: scanning the smart device to find a root-privileged virus file; obtaining a root-privileged removing process according to the virus file; and removing the root-privileged virus file according to a preset removing strategy by using the root-privileged removing process. As a root-privileged process is directly obtained in this embodiment by using a found virus file, the smart device can obtain the root privileges more quickly, improving the speed of killing the root-privileged virus.
    Type: Grant
    Filed: December 26, 2016
    Date of Patent: September 22, 2020
    Assignee: Beijing Kingsoft Internet Security Software Co., Ltd.
    Inventor: Guoqing Yuan
  • Patent number: 10748348
    Abstract: Embodiments of the present application provide a method, apparatus, electronic device for displaying an image and a storage medium. The method and apparatus are applied to an electronic device. The method comprises: determining a display angle of a 3D wallpaper containing elements, wherein the 3D wallpaper is obtained by pasting an overall spherical panoramic image containing all the elements onto one 3D model; determining a graphic to be displayed corresponding to the display angle in the overall spherical panoramic image; and rendering the graphic to be displayed and displaying the rendered graphic. In the embodiments, when the graphic to be displayed corresponding to the display angle of the 3D wallpaper is rendered, the operation on unnecessary occluded parts is avoided, thereby reducing the amount of computation in displaying the 3D wallpaper and saving the computing resources.
    Type: Grant
    Filed: August 22, 2018
    Date of Patent: August 18, 2020
    Assignee: Beijing Kingsoft Internet Security Software Co., Ltd.
    Inventor: Ming Yan Jonathan Chu
  • Patent number: 10664443
    Abstract: Embodiments of the present application disclose a method, an apparatus and an electronic device for presenting to-be-cleaned data. The method comprises: after identifying the to-be-cleaned data comprising to-be-cleaned files and to-be-cleaned folders in storage space of the electronic device, determining first-type feature information of the to-be-cleaned files and second-type feature information of the to-be-cleaned folders are (S101); determining data categories of the to-be-cleaned files based on the obtained first-type feature information of the to-be-cleaned files (S102); determining data categories of the to-be-cleaned folders based on the obtained second-type feature information of the to-be-cleaned folders (S103); presenting the to-be-cleaned files and the to-be-cleaned folders in accordance with an order set based on data categories and with a rule of presenting to-be-cleaned data of a same data category in a centralized manner (S104).
    Type: Grant
    Filed: August 24, 2016
    Date of Patent: May 26, 2020
    Assignee: Beijing Kingsoft Internet Security Software Co., Ltd.
    Inventors: Qingqing Yu, Xin Ruan
  • Patent number: 10540325
    Abstract: A method and device for identifying junk picture files, which are used for a server side to identify junk picture files in cached network data. The method comprises: obtaining a directory to be detected; determining whether the number of files in the directory is greater than or equal to a first preset value; if so, determining whether file names of the files in the directory contain keywords which represent the cached network data; if the keywords are contained, determining that the files in the directory are the cached network data, and then, determining whether keywords which represent useless picture files exist in the cached network data, so as to find out whether junk picture files exist; if the junk picture files exist, identifying the found picture files as cached junk picture files; and recording a directory path where the cached junk picture files are located. By means of the above solution, the cached network junk picture files can be accurately identified.
    Type: Grant
    Filed: June 23, 2015
    Date of Patent: January 21, 2020
    Assignee: Beijing Kingsoft Internet Security Software Co., Ltd.
    Inventors: Guoqiang Jiao, Qidong Yang, Xiliang Bai, Xueshi Du, Nan Zhang, Yong Chen
  • Patent number: D877760
    Type: Grant
    Filed: January 26, 2018
    Date of Patent: March 10, 2020
    Assignee: Beijing Kingsoft Internet Security Software Co., Ltd.
    Inventors: Weixiang Qiu, Dongxue Li, Zhe Ma, Delin Liu, Fangjie Li
  • Patent number: D879796
    Type: Grant
    Filed: May 23, 2017
    Date of Patent: March 31, 2020
    Assignee: Beijing Kingsoft Internet Security Software Co., Ltd.
    Inventors: Tingjiun Hung, Chienhsing Chen