Patents by Inventor Chiung-Ying Huang

Chiung-Ying Huang has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20210136099
    Abstract: An abnormal traffic detection method is provided according to an embodiment of the disclosure. The method includes: obtaining network traffic data of a target device; sampling the network traffic data by a sampling window with a time length to obtain sampling data; generating, according to the sampling data, an image which presents a traffic feature of the network traffic data corresponding to the time length; and analyzing the image to generate evaluation information corresponding to an abnormal traffic. In addition, an abnormal traffic detection device is also provided according to an embodiment of the disclosure to improve a detection ability and/or an analysis ability for the abnormal traffic and/or a malware.
    Type: Application
    Filed: September 8, 2020
    Publication date: May 6, 2021
    Applicant: Acer Cyber Security Incorporated
    Inventors: Ming-Kung Sun, Tsung-Yu Ho, Zong-Cyuan Jhang, Chiung-Ying Huang
  • Patent number: 10931714
    Abstract: The disclosure provides a domain name recognition method and a domain name recognition device. The domain name recognition method includes the following steps. A first string of a first domain name and a second string of a second domain name are obtained. Multiple characters of the first string and the second string are classified into multiple clusters. Multiple vectors corresponding to the clusters are generated, wherein each of the characters corresponds to one of the vectors. A first vector set corresponding to the first string and a second vector set corresponding to the second string are generated. A similarity of the first vector set and the second vector set is calculated.
    Type: Grant
    Filed: May 14, 2019
    Date of Patent: February 23, 2021
    Assignee: Acer Cyber Security Incorporated
    Inventors: Pin-Cyuan Lin, Yu-Chun Wu, Ming-Kung Sun, Zong-Cyuan Jhang, Yi-Chung Tseng, Chiung-Ying Huang
  • Publication number: 20200220897
    Abstract: The disclosure provides a domain name recognition method and a domain name recognition device. The domain name recognition method includes the following steps. A first string of a first domain name and a second string of a second domain name are obtained. Multiple characters of the first string and the second string are classified into multiple clusters. Multiple vectors corresponding to the clusters are generated, wherein each of the characters corresponds to one of the vectors. A first vector set corresponding to the first string and a second vector set corresponding to the second string are generated. A similarity of the first vector set and the second vector set is calculated.
    Type: Application
    Filed: May 14, 2019
    Publication date: July 9, 2020
    Applicant: Acer Cyber Security Incorporated
    Inventors: Pin-Cyuan Lin, Yu-Chun Wu, Ming-Kung Sun, Zong-Cyuan Jhang, Yi-Chung Tseng, Chiung-Ying Huang
  • Publication number: 20200134504
    Abstract: A system of training behavior labeling model is provided. Specifically, a processing unit inputs each data of a training data set into a plurality of learning modules to establish a plurality of labeling models. The processing unit obtains a plurality of second labeling information corresponding to each data of a verification data set and generates a behavior labeling result according to the second labeling information corresponding to each data of the verification data set. The processing unit obtains a labeling change value according to the behavior labeling result and first labeling information corresponding to each data of the verification data set. The processing unit, if determining that the labeling change value is greater than a change threshold, updates the first labeling information according to the behavior labeling results, exchanges the training data set and the verification data set and reestablishes the labeling models.
    Type: Application
    Filed: February 26, 2019
    Publication date: April 30, 2020
    Applicant: Acer Cyber Security Incorporated
    Inventors: Chun-Hsien Li, Yin-Hsong Hsu, Chien-Hung Li, Tsung-Hsien Tsai, Chiung-Ying Huang, Ming-Kung Sun, Zong-Cyuan Jhang
  • Publication number: 20200110689
    Abstract: A method for detecting abnormality adapted to detect abnormal operations of an operating system is provided. The method includes: calculating a safe range of usage of the operating system during one or more time periods according to a historical data stream; calculating abnormal ratios corresponding to the one or more time periods according to a current data stream and the safe range of usage; selecting one or more abnormal time periods from the one or more time periods according to a threshold and the abnormal ratios; calculating an abnormal indicator for each of the one or more abnormal time periods according to the historical data stream and the current data stream; and ranking the one or more abnormal time periods according to the abnormal indicator(s).
    Type: Application
    Filed: February 21, 2019
    Publication date: April 9, 2020
    Applicant: Acer Cyber Security Incorporated
    Inventors: Chun-Hsien Li, Chien-Hung Li, Jun-Mein Wu, Ming-Kung Sun, Zong-Cyuan Jhang, Yin-Hsong Hsu, Chiung-Ying Huang, Tsung-Hsien Tsai
  • Publication number: 20200112575
    Abstract: The disclosure provides a method for evaluating domain name and a server using the same method. The method includes: retrieving a raw domain name and dividing the raw domain name into a plurality of parts; retrieving a specific part of the parts, wherein the specific part include characters; encoding the characters into encoded data; padding the encoded data to a specific length; projecting the encoded data being padded as embedded vectors; sequentially inputting the embedded vectors to a plurality cells of a long short term memory model to generate a result vector; and converting the result vector to a prediction probability via a fully-connected layer and a specific function.
    Type: Application
    Filed: January 8, 2019
    Publication date: April 9, 2020
    Applicant: Acer Cyber Security Incorporated
    Inventors: Pin-Cyuan Lin, Jun-Mein Wu, Yu-Chun Wu, Ming-Kung Sun, Zong-Cyuan Jhang, Yi-Chung Tseng, Chiung-Ying Huang
  • Patent number: 10579798
    Abstract: An electronic device and a method for detecting a malicious file are provided. The method includes the following steps: An executable file is searched, and an import table is extracted from the executable file. The import table includes at least a name of a first DDL and a name of a second DDL. A distance between the first DLL and the second DLL is calculated. Whether the distance exceeds a threshold is determined. If the distance exceeds the threshold, then whether a duplicate content of the import table exists in the executable file is checked. The executable file is regarded as a malicious file if the duplicate content of the import table exists in the executable file.
    Type: Grant
    Filed: August 15, 2017
    Date of Patent: March 3, 2020
    Assignee: ACER CYBER SECURITY INCORPORATED
    Inventors: Ming-Kung Sun, Chiung-Ying Huang, Tung-Lin Tsai, Gu-Hsin Lai, Chia-Mei Chen, Tzu-Ching Chang
  • Patent number: 10294026
    Abstract: An automated warehouse storage and retrieval system may comprise at least an aisle, and each of two sides of the aisle has a shelf. A rail is laid along the aisle to enable at least an automated vehicle to move thereon. The automated vehicle has a platform, and a top surface thereof comprises at least a working station and at least a pick-and-place unit. Each of two lateral sides of the platform has two openings separated by a desired distance, and each of the openings has a climbing unit installed therein. The climbing units are configured to synchronously protrude from or move back in the openings. A side of the shelf faced to the rail has a plurality of vertical supporting members arranged in parallel, and each two adjacent supporting members are separated by the distance same as the two climbing units on the same lateral side of the platform.
    Type: Grant
    Filed: March 29, 2018
    Date of Patent: May 21, 2019
    Assignees: Tera Autotech Corporation, Department of Electrical Engineering, National Changhua Univ. of Education
    Inventors: Yi-Lung Lee, Tsair-Rong Chen, Chiung-Ying Huang, Shu-Ming Chen, Po-Hsuan Chen
  • Patent number: 10122738
    Abstract: A botnet detection system and method are provided. The method includes the steps of: retrieving a network log file of a computer device; refining the network log file according to a device alive-time record of the computer device and a network white list to obtain a plurality of individual network log files, wherein each individual network log file records time information, a source IP address of the computer device, and an individual destination IP address; and analyzing a plurality of connection intervals of the source IP address connecting to the individual destination IP address in each individual network log file to determine whether the computer device exhibits connection behavior that indicates infection by a botnet malware.
    Type: Grant
    Filed: July 20, 2016
    Date of Patent: November 6, 2018
    Assignee: ACER INCORPORATED
    Inventors: Ming-Kung Sun, Chiung-Ying Huang, Zong-Cyuan Jhang
  • Publication number: 20180165452
    Abstract: An electronic device and a method for detecting a malicious file are provided. The method includes the following steps: An executable file is searched, and an import table is extracted from the executable file. The import table includes at least a name of a first DDL and a name of a second DDL. A distance between the first DLL and the second DLL is calculated. Whether the distance exceeds a threshold is determined. If the distance exceeds the threshold, then whether a duplicate content of the import table exists in the executable file is checked. The executable file is regarded as a malicious file if the duplicate content of the import table exists in the executable file.
    Type: Application
    Filed: August 15, 2017
    Publication date: June 14, 2018
    Inventors: Ming-Kung Sun, Chiung-Ying Huang, Tung-Lin Tsai, Gu-Hsin Lai, Chia-Mei Chen, Tzu-Ching Chang
  • Publication number: 20170310687
    Abstract: A botnet detection system and method are provided. The method includes the steps of: retrieving a network log file of a computer device; refining the network log file according to a device alive-time record of the computer device and a network white list to obtain a plurality of individual network log files, wherein each individual network log file records time information, a source IP address of the computer device, and an individual destination IP address; and analyzing a plurality of connection intervals of the source IP address connecting to the individual destination IP address in each individual network log file to determine whether the computer device exhibits connection behavior that indicates infection by a botnet malware.
    Type: Application
    Filed: July 20, 2016
    Publication date: October 26, 2017
    Inventors: Ming-Kung SUN, Chiung-Ying HUANG, Zong-Cyuan JHANG
  • Patent number: 8955123
    Abstract: A system for preventing malicious communication includes a safe module set with a specific Internet Protocol address and a Time to Live threshold value of the specific IP address to determine whether a malicious communication exists. If the malicious communication exists, the safe module can re-direct the malicious communication to a recording module of the system for recording the content of the malicious communication.
    Type: Grant
    Filed: August 27, 2008
    Date of Patent: February 10, 2015
    Assignee: Acer Inc.
    Inventor: Chiung-Ying Huang
  • Publication number: 20090320131
    Abstract: A method and a system for preventing malicious communication are disclosed. The system comprises a safe module set with a specific Internet Protocol address and a Time to Live threshold value of the specific IP address to determine whether a malicious communication exists. If the malicious communication exists, the safe module can re-direct the malicious communication to a recording module of the system for recording the content of the malicious communication.
    Type: Application
    Filed: August 27, 2008
    Publication date: December 24, 2009
    Inventor: Chiung-Ying Huang
  • Patent number: 6546376
    Abstract: Disclosed is an electronic payment device and its method using an balanced binary tree for calculating a first data Xk of current consumption or a plurality of root values Rq from an initial value Xn of the amount of money that user purchases. The first data Xk is correspondent to a position value j with a respective relation of j=n−k+1. The first data Xk is generated according to the value of the binary code dm−1dm−2 . . . d1d0 of the position value j being a 0 or 1, by formula Xk=hd0(. . . (hdm−2(hdm−1(Xn)))). If the binary code di=0, i=m−1, m−2, . . . , 1, 0, then the first one-way function h0 is used as an operating function. Otherwise, the second one-way function h1 is operated when the binary code di=1. Moreover, a function operating device for an electronic payment using an balanced binary tree is also disclosed. The present invention requires less calculation than that in the prior art, and thus is more effective.
    Type: Grant
    Filed: June 25, 1999
    Date of Patent: April 8, 2003
    Assignee: Institute for Information Industry
    Inventors: Sung-Ming Yen, Chiung-Ying Huang, Chien-Chung Yuan, Jack G. Lee
  • Patent number: 6499019
    Abstract: An electronic payment device and its method using an unbalanced binary tree are disclosed. The total unit n of the amount of money that user purchases is decomposed first into a Matrix of p rows×q columns. Then, a first one-way function h1 and a second one-way function h2 serve to define the one-way function operation of the first row and each column, respectively. When two numbers of operation times a and b are calculated by their formulas respectively, they are substituted into formula Xk=h2b(h1a(Xpq)). Namely, by the first one-way function h1, a times of operation is performed, and then by the second one-way function h2, b times of operation is performed, thus, a first data Xk of current consumption can be derived rapidly. The present invention has only a few times of operation, thus the calculating efficiency is improved greatly.
    Type: Grant
    Filed: June 25, 1999
    Date of Patent: December 24, 2002
    Inventors: Sung-Ming Yen, Chiung-Ying Huang, Chien-Chung Yuan, Jong-Ming Lee