Abstract: The present disclosure relates to a method of collecting, by a terminal, learning data of an artificial intelligence model to perform dark web document classification, the method including: generating a first word set masked with a first identifier based on text included in a first dark web document; generating a second word set masked with a second identifier based on text included in a second dark web document; calculating a similarity by comparing the first word set and the second word set; and, based on the similarity, collecting the second dark web document in a second storage unit when the similarity does not exceed a specific value, and discarding the second dark web document when the similarity exceeds the specific value.

Abstract: The present disclosure relates to a method of crawling a website by a terminal. The method may include a method of crawling a website by a terminal including: modifying a header included in a hypertext transfer protocol (HTTP) request message to avoid bot detection; transmitting the HTTP request message to a client server through a proxy server providing a dynamic Internet protocol (IP); receiving a response message for accessing the website from the client server; collecting a tag for confirming an element displayed on a user screen in the response message; and performing the crawling based on the confirmation result.

Abstract: The present disclosure relates to a method of collecting, by a terminal, learning data of an artificial intelligence model to perform dark web document classification, the method including: generating a first word set masked with a first identifier based on text included in a first dark web document; generating a second word set masked with a second identifier based on text included in a second dark web document; calculating a similarity by comparing the first word set and the second word set; and, based on the similarity, collecting the second dark web document in a second storage unit when the similarity does not exceed a specific value, and discarding the second dark web document when the similarity exceeds the specific value.

Abstract: The present disclosure relates to a method of generating, by a terminal, an integrated graph using a distributed graph including: receiving source node information from a user; identifying, by a graph types module, a location of a graph database related to a type of a source node based on the source node information; requesting, by a graph manager module, graph data to an application corresponding to the location of the graph database; receiving the graph data from the application; and integrating, by a graph integration module, a node and an edge based on the source node and the graph data to generate the integrated graph.

Abstract: The present disclosure relates to a method of automatically detecting, by an electronic device, an abnormal transaction. The method may include: acquiring transaction information from an e-commerce server, the transaction information including unique information that is difficult for a user to arbitrarily change, arbitrary information that a user changes arbitrarily, and an access Internet protocol (IP) address; extracting a first identifier based on the unique information; extracting a plurality of second identifiers based on the arbitrary information; generating a third identifier based on the plurality of second identifiers; generating a first node based on the first identifier, and generating a second node based on the third identifier; generating a third node based on the access IP address; and connecting the first node, the second node, and the third node to generate an identity map for automatically detecting the abnormal transaction.

Abstract: Provided are a terminal and method for storing and parsing log data. The method includes collecting log data on the basis of a file path of the log data, storing metadata including the file path and log data paired with the metadata in a database (DB), classifying the log data on the basis of the metadata, acquiring type information of a parser related to the log data, and parsing the log data through the parser having the type information.

Abstract: A method for securing network communication between containers by a terminal, includes: a step of installing an HSI (Hyperion Secure Interface) for communication with a secure bridge included in an NIC (Network Interface Chip) in a secure container through a manager module; a step of changing a source address of a transmission packet to a specific token on the basis of a map of the HSI through the manager module; a step of delivering the transmission packet to the secure bridge through the HSI; a step of determining whether the specific token of the transmission packet is valid; and a step of changing the specific token to the source address and delivering the transmission packet to a target container when the specific token is valid.

Abstract: According to the present specification, a method for inspecting a high-speed network packet payload by a terminal includes: a step of receiving L7 (Layer 7) policy related to containers from a user; a step of extracting string patterns to be inspected for each of the containers on the basis of the L7 policy through a pattern compiler; a step of creating a deterministic finite automaton (DFA) on the basis of the extracted string patterns through the pattern complier; and a step of converting a state transition table of the deterministic finite automaton into a match-action table through the pattern compiler and storing the match-action table in an eBPF (extended Berkeley Packet Filter) map for a payload inspection engine.

Abstract: According to a one embodiment of the present invention, a method for collecting a website in an electronic device includes: step a of accessing a web server corresponding to a Uniform Resource Locator (URL) and receiving a website corresponding to the URL; step b of obtaining a first solution key based on a CAPTCHA solution model when CAPTCHA exists in the website; step c of transmitting the first solution key to the web server and receiving an authentication result; step d of recalculating the first solution key when authentication of the first solution key has failed and transmitting a CAPTCHA resolution request signal to a user terminal when the authentication has failed more than a preset number of times; and step e of receiving a second solution key from the user terminal, transmitting the second solution key to the web server, and crawling the website.

Abstract: The present invention relates to a method and system for tracking abnormal transactions in e-commerce, and an object of the present invention is to track abnormal transactions by analyzing complex characteristic data of product information uploaded to an e-commerce platform. In order to achieve this object, a method for detecting an abnormal transaction in an electronic device according to the present invention includes: step a of generating an identity map based on first transaction information previously stored in an e-commerce server; step b of collecting second transaction information newly uploaded to the e-commerce server; step c of extracting a first identifier and second identifiers included in the second transaction information and generating a third identifier by combining the plurality of second identifiers; and step d of determining whether the second transaction information is an abnormal transaction by searching the identity map for the first identifier and the third identifier.

Abstract: The present disclosure relates to a method and apparatus for acquiring learning data to generate a machine learning model for detecting a scam account of cryptocurrency. The method comprises receiving a report related to a scam address from a first database having information about a reported scam address stored therein, acquiring a first scam address and a first description related to the first scam address from the report, extracting a plurality of first keywords related to the first scam address from the first description using natural language processing, and storing the first scam address in a second database.

Abstract: The present disclosure relates to a method for detecting a scam address of cryptocurrency using a machine learning model, and the method comprises: acquiring information about scam addresses labeled as being used for a scam transaction and information about benign addresses labeled as being used for a normal transaction from a database; acquiring information about a mule address group used for money laundering on the basis of the scam address group; acquiring feature information corresponding to each of the benign addresses and the addresses included in the scam address group or the mule address group on the basis of at least one of the information about the benign addresses, the information about the scam address group, and the information about the mule address group; and generating a machine learning model by machine learning of the feature information corresponding to each of the addresses and label information corresponding to each of the addresses.