Patents by Inventor Geon Lyang Kim
Geon Lyang Kim has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9867051Abstract: A system and method of verifying integrity of software for verifying the integrity of software installed on a mobile terminal is provided. The system includes the mobile terminal configured to transmit mobile terminal information including a first software hash value and a software identification (ID) with respect to the software, and an office trust software monitor server configured to transmit the software ID transmitted from the mobile terminal to a software publishing server, receive a second software hash value with respect to the software corresponding to the software ID from the software publishing server, compare the first software hash value and the second software hash value, and verify the integrity of the software.Type: GrantFiled: March 19, 2015Date of Patent: January 9, 2018Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTEInventors: Su Wan Park, Geon Lyang Kim, Kyung Soo Lim, Jae Deok Lim, Jeong Nyeo Kim
-
Publication number: 20170201528Abstract: Disclosed herein are a method for providing trusted services based on a secure area and an apparatus using the method. The method for providing trusted services includes performing first authentication for using a trusted service of the secure area, created to be separate from a general area, based on a gateway application installed in a mobile terminal; creating a first session between the gateway application and the secure area based on a result of the first authentication and executing a security application based on the first session; performing second authentication for using the trusted service based on the security application; and creating a second session between the security application and the secure area based on a result of the second authentication and providing the trusted service based on the second session.Type: ApplicationFiled: July 1, 2016Publication date: July 13, 2017Inventors: Geon-Lyang KIM, Jeong-Nyeo KIM
-
Publication number: 20150326618Abstract: A method of providing an evidence collection tool, and an apparatus and method for collecting digital evidence in a domain separation-based mobile device are disclosed. The apparatus includes a target device information collection module, a collection module, a transmission module, and a control module. The target device information collection module collects the system feature information and user identification information of a domain separation-based mobile device. The collection module collects digital evidence using a received evidence collection tool.Type: ApplicationFiled: May 6, 2015Publication date: November 12, 2015Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTEInventors: Kyung-Soo LIM, Geon-Lyang Kim, Jeong-Nyeo Kim, Jae-Chan Moon, Su-Wan Park, Jae-Deok Lim
-
Publication number: 20150271679Abstract: A system and method of verifying integrity of software for verifying the integrity of software installed on a mobile terminal is provided. The system includes the mobile terminal configured to transmit mobile terminal information including a first software hash value and a software identification (ID) with respect to the software, and an office trust software monitor server configured to transmit the software ID transmitted from the mobile terminal to a software publishing server, receive a second software hash value with respect to the software corresponding to the software ID from the software publishing server, compare the first software hash value and the second software hash value, and verify the integrity of the software.Type: ApplicationFiled: March 19, 2015Publication date: September 24, 2015Inventors: Su Wan PARK, Geon Lyang KIM, Kyung Soo LIM, Jae Deok LIM, Jeong Nyeo KIM
-
Patent number: 8341721Abstract: Provided are a web-based traceback system and method using reverse caching proxy, which can effectively protect a web server against various attacks launched by illegitimate user by acquiring network information and location information of users who attempt to access the web server through an anonymous server, without a requirement of installing any agent program in the users' clients.Type: GrantFiled: May 18, 2009Date of Patent: December 25, 2012Assignee: Electronics and Telecommunications Research InstituteInventors: Jong Hyun Kim, Geon Lyang Kim, Jong Ho Ryu, Chi Yoon Jeong, Seon Gyoung Sohn, Beom Hwan Chang, Jung-Chan Na, Hyun Sook Cho
-
Patent number: 8307441Abstract: There are provided a system and method for tracing back an attacker by using centroid decomposition technique, the system including: a log data input module collecting log data of an intrusion alarm from an intrusion detection system; a centroid node detection module generating a shortest path tree by applying a shortest path algorithm to network router connection information collected by a network administration server, detecting a centroid node by applying centroid decomposition technique removing a leaf-node to the shortest path tree, and generating a centroid tree whose node of each level is the detected centroid node; and a traceback processing module requesting log data of a router matched with the node of each level of the centroid tree, and tracing back a router identical to the log data of the collected intrusion alarm as a router connected to a source of an attacker by comparing the log data of the router with the log data of the collected intrusion alarm.Type: GrantFiled: November 21, 2007Date of Patent: November 6, 2012Assignee: Electronics and Telecommunications Research InstituteInventors: Jong Hyun Kim, Geon Lyang Kim, Seon Gyoung Sohn, Beom Hwan Chang, Chi Yoon Jeong, Jong Ho Ryu, Jung Chan Na, Jong Soo Jang, Sung Won Sohn
-
Publication number: 20120147179Abstract: A system for intelligent access monitoring includes: an access control apparatus for detecting and managing an access of a visitor, the access control apparatus generating a access event information when detecting the access; a video security apparatus for managing an video information and a location information of the visitor; and an access monitoring apparatus for receiving the access event information, the video information and the location information via a network, generating a access monitoring profile information based on the access event information, and generating a mapping information where the access monitoring profile information is mapped with the video information and the location information.Type: ApplicationFiled: December 8, 2011Publication date: June 14, 2012Applicant: Electronics and Telecommunications Research InstituteInventors: Geon Lyang KIM, Beom Hwan CHANG
-
Patent number: 8140671Abstract: There are provided an apparatus and method for sampling a security event based on contents of the security event, the apparatus including: a security event accumulation module collecting security events occurring in a network system and storing the security events for each type according to contents of the security event; a security event analysis module calculating distribution of the security events for each type by analyzing the stored security events; and a security event extraction module sampling the stored security events according to the calculated distribution of the security events for each type. The apparatus and method may improve speed of visualization of a security event and a security event analysis apparatus and may increase accuracy thereof.Type: GrantFiled: November 19, 2007Date of Patent: March 20, 2012Assignee: Electronics and Telecommunications Research InstituteInventors: Chi Yoon Jeong, Beom Hwan Chang, Seon Gyoung Sohn, Geon Lyang Kim, Jong Hyun Kim, Jong Ho Ryu, Jung Chan Na, Jong Soo Jang, Sung Won Sohn
-
Patent number: 8019865Abstract: There are provided a network security state visualization device and method, the device including: a security event collector collecting original security event information from network security apparatuses; a security event analyzer analyzing the original security event information collected by the security event collector and extracting characteristic data corresponding to a security event; and a three-dimensional visualization display unit visualizing a correlation between the characteristic data extracted by the security event analyzer as a three-dimensional screen to be displayed.Type: GrantFiled: October 24, 2007Date of Patent: September 13, 2011Assignee: Electronics and Telecommunications Research InstituteInventors: Beom Hwan Chang, Chi Yoon Jeong, Seon Gyoung Sohn, Soo Hyung Lee, Hyo Chan Bang, Geon Lyang Kim, Hyun Joo Kim, Won Joo Park, Jong Ho Ryu, Jong Hyun Kim, Jung Chan Na, Jong Soo Jang, Sung Won Sohn
-
Patent number: 8014310Abstract: An apparatus and method for visualizing a network condition related to a network security are provided. The apparatus includes a traffic feature extracting unit, a network condition displaying unit, and a traffic abnormal condition determining unit. The traffic feature extracting unit extracts information including source address, source port, destination address, and destination port from network traffics, selects two of the extracted information, and calculates unique dispersion degrees of two unselected information. The network condition displaying unit displays a two-dimensional cube expressed using the calculated unique dispersion degrees for the classified traffics. The traffic abnormal condition determining unit determines whether the traffics are in an abnormal condition or not based on the two-dimensional security cube.Type: GrantFiled: August 23, 2007Date of Patent: September 6, 2011Assignee: Electronics and Telecommunications Research InstituteInventors: Beom-Hwan Chang, Chi-Yoon Jeong, Seon-Gyoung Sohn, Soo-Hyung Lee, Hyo-Chan Bang, Geon-Lyang Kim, Hyun-Joo Kim, Won-Joo Park, Jong-Ho Ryu, Jong-Hyun Kim, Jong-Soo Jang, Sung-Won Sohn, Jung-Chan Na
-
Publication number: 20110122132Abstract: Provided are an apparatus and method of managing objects and events for easily enabling intuitive management and the recognition of cases in linkage with geographic information. The apparatus links objects and events to geographic information with a vector-based GIS to display them on a vector-based digital map, thereby providing an intuitive and realistic interface to a manager. Accordingly, the apparatus can display a more accurate location than an image-based map, and can select a kind of map information that is desired by a user to configure a map screen.Type: ApplicationFiled: May 19, 2010Publication date: May 26, 2011Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTEInventors: Geon Lyang KIM, Beom Hwan Chang, Chi Yoon Jeong
-
Publication number: 20110016525Abstract: An apparatus for detecting a network attack includes a traffic image generator for generating a traffic image using traffic information and additional IP information extracted from the traffic information; a network attack detector for comparing similarities between the traffic image and a previously generated traffic image based on a predetermined similarity threshold to detect the presence of the network attack; and a network attack analyzer for analyzing the traffic image at a time when the network attack is detected to detect network attack information and pattern information of the network attack. A representation unit for visualizing the network attack information and the pattern information of the network attack.Type: ApplicationFiled: December 3, 2009Publication date: January 20, 2011Inventors: Chi Yoon Jeong, Beom-Hwan Chang, Seon-Gyoung Sohn, Johg Ho Ryu, Geon Lyang Kim, Jonghyun Kim, Jung-Chan Na, Hyun sook Cho
-
Publication number: 20110016208Abstract: There are provided an apparatus and method for sampling a security event based on contents of the security event, the apparatus including: a security event accumulation module collecting security events occurring in a network system and storing the security events for each type according to contents of the security event; a security event analysis module calculating distribution of the security events for each type by analyzing the stored security events; and a security event extraction module sampling the stored security events according to the calculated distribution of the security events for each type. The apparatus and method may improve speed of visualization of a security event and a security event analysis apparatus and may increase accuracy thereof.Type: ApplicationFiled: November 19, 2007Publication date: January 20, 2011Applicant: Electronics and Telecommunications Research InstituteInventors: Chi Yoon Jeong, Beom Hwan Chang, Seon Gyoung Sohn, Geon Lyang Kim, Jong Hyun Kim, Jong Ho Ryu, Jung Chan Na, Jong Soo Jang, Sung Won Sohn
-
Patent number: 7849187Abstract: A network status display device using a traffic pattern map is provided.Type: GrantFiled: September 26, 2006Date of Patent: December 7, 2010Assignee: Electronics and Telecommunications Research InstituteInventors: Beom Hwan Chang, Jung Chan Na, Geon Lyang Kim, Dong Young Kim, Jin Oh Kim, Hyun Joo Kim, Hyo Chan Bang, Soo Hyung Lee, Seon Gyoung Shon, Jong Soo Jang, Sung Won Sohn
-
Patent number: 7787394Abstract: A network status display device using a traffic flow-radar is provided.Type: GrantFiled: November 15, 2006Date of Patent: August 31, 2010Assignee: Electronics and Telecommunications Research InstituteInventors: Beom Hwan Chang, Jung Chan Na, Geon Lyang Kim, Dong Young Kim, Jin Oh Kim, Hyun Joo Kim, Hyo Chan Bang, Soo Hyung Lee, Seon Gyoung Sohn, Jong Soo Jang, Sung Won Sohn
-
Publication number: 20100212013Abstract: There are provided a system and method for tracing back an attacker by using centroid decomposition technique, the system including: a log data input module collecting log data of an intrusion alarm from an intrusion detection system; a centroid node detection module generating a shortest path tree by applying a shortest path algorithm to network router connection information collected by a network administration server, detecting a centroid node by applying centroid decomposition technique removing a leaf-node to the shortest path tree, and generating a centroid tree whose node of each level is the detected centroid node; and a traceback processing module requesting log data of a router matched with the node of each level of the centroid tree, and tracing back a router identical to the log data of the collected intrusion alarm as a router connected to a source of an attacker by comparing the log data of the router with the log data of the collected intrusion alarm.Type: ApplicationFiled: November 21, 2007Publication date: August 19, 2010Applicant: Electronics and Telecommunications Research InstitInventors: Jong Hyun Kim, Geon Lyang Kim, Seon Gyoung Sohn, Beom Hwan Chang, Chi Yoon Jeong, Jong Ho Ryu, Jung Chan Na, Jong Soo Jang, Sung Won Sohn
-
Publication number: 20100169479Abstract: Provided are an apparatus and method for extracting user information using a client-based script in which user information including the internet protocol (IP) addresses of an attacking host and an anonymous proxy server used by the attacking host can be collected using a client-based script that can be automatically executed in the web browser of the attacking host. According to the apparatus and the method, it is possible to detect the location of an attacking host without alerting the attacking host by using a script that can be automatically executed in a web browser of the attacking host without any program installation. In addition, according to the apparatus and the method, it is possible to collect the IP addresses of an attacking host and an anonymous proxy server, if any, used by the attacking host by directly connecting the attacking host and a monitoring server.Type: ApplicationFiled: October 21, 2009Publication date: July 1, 2010Applicant: Electronics and Telecommunications Research InstituteInventors: Chi Yoon JEONG, Beom-Hwan CHANG, Seon-Gyoung SOHN, Geon Lyang KIM, Jong Ho RYU, Jong Hyun KIM, Jung-Chan NA, Hyun Sook CHO, Chae Kyu KIM
-
Publication number: 20100162392Abstract: An apparatus for monitoring the security status of a wireless network is provided. The apparatus includes a radio frequency (RF) signal collection unit which collects at least one piece of RF signal information; a security event information collection unit which collects security event information including at least one of traffic information and alert information; a security event information mapping unit which maps the RF signal information and the security event information based on the correlation between the RF signal information and the security event information; and a security event information display unit which displays the result of the mapping performed by the security event information mapping unit.Type: ApplicationFiled: June 11, 2009Publication date: June 24, 2010Applicant: Electronics and Telecommunications Research InstituteInventors: Chi Yoon JEONG, Beom Hwan CHANG, Seon Gyoung SOHN, Jong Ho RYU, Geon Lyang KIM, Jong Hyun KIM, Jung-Chan NA, Hyun Sook CHO, Chae Kyu KIM
-
Publication number: 20100150008Abstract: There are provided a network state display apparatus and method capable of easily determining a present network security state in real time by analyzing an abnormality and harmful traffic deteriorating performance of a network in software by using a result of combining essential characteristics of traffic, a distinct dispersion, and an entropy and displaying the network state to be intuitionally recognized, the method including selecting and combining three of a source address, a source port, a destination address, and a destination port of collected traffic and calculating a distinct dispersion and an entropy of a residual one therefrom; displaying the calculated distinct dispersion and entropy on a security radar where the distinct dispersion and the entropy are assigned to an angle and a radius; determining whether a network state is abnormal, based on a result displayed on the security radar; and detecting reporting detailed information on abnormal traffic causing the abnormal network state.Type: ApplicationFiled: March 7, 2008Publication date: June 17, 2010Inventors: Seon Gyoung Sohn, Chi Yoon Jeong, Beom Hwan Chang, Soo Hyung Lee, Hyo Chan Bang, Geon Lyang Kim, Hyun Joo Kim, Won Joo Park, Jong Ho Ryu, Jong Hyun Kim, Jung Chan Na, Jong Soo Jang, Sung Won Sohn
-
Publication number: 20100100619Abstract: There are provided a network security state visualization device and method, the device including: a security event collector collecting original security event information from network security apparatuses; a security event analyzer analyzing the original security event information collected by the security event collector and extracting characteristic data corresponding to a security event; and a three-dimensional visualization display unit visualizing a correlation between the characteristic data extracted by the security event analyzer as a three-dimensional screen to be displayed.Type: ApplicationFiled: October 24, 2007Publication date: April 22, 2010Inventors: Beom Hwan Chang, Chi Yoon Jeong, Seon Gyoung Sohn, Soo Hyung Lee, Hyo Chan Bang, Geon Lyang Kim, Hyun Joo Kim, Won Joo Park, Jong Ho Ryu, Jong Hyun Kim, Jung Chan Na, Jong Soo Jang, Sung Won Sohn