Patents by Inventor Seon Gyoung Sohn

Seon Gyoung Sohn has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20220286433
    Abstract: Disclosed are an apparatus and a method for Internet of Things (IoT) device security. The method includes unifying a port in a first IoT device for communication, receiving, by the first IoT device, a packet from a second IoT device through the port, identifying whether the packet in the first IoT device is in a preset packet form, verifying content of the packet in the first IoT device when the packet is in the preset packet form, and opening the port for providing a service in the first IoT device when the verifying of the packet content is successful.
    Type: Application
    Filed: November 1, 2021
    Publication date: September 8, 2022
    Applicant: Electronics and Telecommunications Research Institute
    Inventors: Yun-Kyung Lee, Kyeong Tae Kim, Young Ho Kim, Jeong Nyeo Kim, Seon-Gyoung Sohn, Jae Deok Lim
  • Publication number: 20220210164
    Abstract: Disclosed herein are an apparatus and method for managing remote attestation. The apparatus includes one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program may request a gateway to verify the integrity of devices connected with the gateway, receive a verification result about whether the integrity of the devices is damaged from the gateway, identify a device, the integrity of which is damaged, using the verification result, perform detailed integrity verification on the device, the integrity of which is damaged, in order to identify an object, the integrity of which is damaged, and perform an operation for responding to the object, the integrity of which is damaged.
    Type: Application
    Filed: May 28, 2021
    Publication date: June 30, 2022
    Applicant: Electronics and Telecommunications Research Institute
    Inventors: Jae-Deok LIM, Kyeong-Tae KIM, Young-Ho KIM, Jeong-Nyeo KIM, Seon-Gyoung SOHN, Yun-Kyung LEE
  • Publication number: 20220070179
    Abstract: Disclosed herein are a dynamic segmentation apparatus and method for preventing a spread of a security threat. The dynamic segmentation apparatus includes one or more processors and execution memory for storing at least one program executed by the processors, wherein the program is configured to register feature information of a first device, which is a target for which a security threat is to be managed, generate a first segment from the feature information of the first device, receive security threat information from an external system, extract feature information of a second device, in which a security threat has occurred, from the security threat information, perform clustering on the feature information of the second device using at least one clustering algorithm, generate at least one segment set by identifying segments from clustering results, and determine a security threat segment based on an inclusion relationship between segments in the segment set.
    Type: Application
    Filed: May 26, 2021
    Publication date: March 3, 2022
    Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Seon-Gyoung SOHN, Kyeong-Tae KIM, Young-Ho KIM, Jeong-Nyeo KIM, Yun-Kyung LEE, Jae-Deok LIM
  • Publication number: 20210365434
    Abstract: Disclosed herein are an apparatus and method for providing sensor data in a sensor device based on a blockchain. A method for providing sensor data in a sensor device based on a blockchain may include creating a device record using encrypted device identification information, registering the device record in the blockchain, creating an event record using event information collected from a sensor, registering the header of the event record, including information about a link to the device record, in the blockchain, and distributing the body of the event record, the body being linked to the header of the event record.
    Type: Application
    Filed: April 13, 2021
    Publication date: November 25, 2021
    Applicant: Electronics and Telecommunications Research Institute
    Inventors: Young-Ho KIM, Kyeong-Tae KIM, Jeong-Nyeo KIM, Seon-Gyoung SOHN, Yun-Kyung LEE, Jae-Deok LIM
  • Patent number: 10999891
    Abstract: A communication method and an IoT device in a multi-MAC (Media Access Control)-operating environment. The communication method in the multi-MAC-operating environment, including synchronous MAC and asynchronous MAC, includes periodically transmitting, by the IoT device included in the multi-MAC-operating environment, a first message to a first device; determining, by the IoT device, whether to transmit a second message; transmitting, by the IoT device, a preamble packet to a second device, to which the second message is to be transmitted, when the second message is determined to be transmitted; and transmitting, by the IoT device, the second message to the second device.
    Type: Grant
    Filed: August 28, 2019
    Date of Patent: May 4, 2021
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Kyeong-Tae Kim, Jeong-Nyeo Kim, Seon-Gyoung Sohn, Yun-Kyung Lee, Jae-Deok Lim
  • Publication number: 20200296119
    Abstract: Provided is an apparatus and method for security control that is capable of preventing a security threat from spreading on the basis of a security control policy established for each device (or a device group) in a network infrastructure environment, such as IoT. In a network infrastructure including a service server, a gateway, and a device, the apparatus and method for security control, in response to detecting a security threat, such as distributed denial of service (DDoS) attacks, malicious code propagation, or the like, perform a security control and a security control release on a device in which the security threat has occurred and/or a device group having an identical or similar property to the device to prevent the security threat from spreading and block the security threat in an early stage.
    Type: Application
    Filed: March 10, 2020
    Publication date: September 17, 2020
    Inventors: Jae Deok LIM, Kyeong Tae KIM, Jeong Nyeo KIM, Seon Gyoung SOHN, Yun Kyung LEE
  • Publication number: 20200273586
    Abstract: A method for security of an Internet of things (IoT) device includes transmitting, by a server, a key value determined based on a reliability level of a user device and a key identification (ID) of the key value to the user device, encrypting, by the user device, a command representing a service requested by a user by using the key value and transmitting the encrypted command and the key ID to the IoT device, and extracting, by the IoT device, the key value corresponding to the key ID received from the user device from pre-stored key list information, decrypting the encrypted command by using the extracted key value, executing the decrypted command to generate information requested by the user, encrypting the generated information by using the extracted key value, and transmitting the encrypted information to the user device.
    Type: Application
    Filed: February 24, 2020
    Publication date: August 27, 2020
    Inventors: Yun Kyung LEE, Kyeong Tae KIM, Jeong Nyeo KIM, Seon Gyoung SOHN, Jae Deok LIM
  • Publication number: 20200187296
    Abstract: A communication method and an IoT device in a multi-MAC (Media Access Control)-operating environment. The communication method in the multi-MAC-operating environment, including synchronous MAC and asynchronous MAC, includes periodically transmitting, by the IoT device included in the multi-MAC-operating environment, a first message to a first device; determining, by the IoT device, whether to transmit a second message; transmitting, by the IoT device, a preamble packet to a second device, to which the second message is to be transmitted, when the second message is determined to be transmitted; and transmitting, by the IoT device, the second message to the second device.
    Type: Application
    Filed: August 28, 2019
    Publication date: June 11, 2020
    Inventors: Kyeong-Tae KIM, Jeong-Nyeo KIM, Seon-Gyoung SOHN, Yun-Kyung LEE, Jae-Deok LIM
  • Patent number: 10200155
    Abstract: Disclosed herein are a one-way data transmission apparatus, a one-way data reception apparatus, and a one-way data transmission/reception method using the apparatuses. The one-way data transmission/reception method uses a one-way data transmission apparatus and a one-way data reception apparatus, and includes receiving data from a high-security zone through a one-way path, generating tag information of the data, sending a message in which the tag information is added to the data to the one-way data reception apparatus, receiving the message from the one-way data transmission apparatus, checking the tag information of the message, and transmitting the data to a low-security zone.
    Type: Grant
    Filed: July 3, 2017
    Date of Patent: February 5, 2019
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Byoung-Koo Kim, Seon-Gyoung Sohn, Boo-Sun Jeon, Young-Jun Heo, Dong-Ho Kang, Jung-Chan Na, Byeong-Cheol Choi, Jae-Hoon Nah, Seoung-Hyeon Lee
  • Publication number: 20180109356
    Abstract: Disclosed herein are a one-way data transmission apparatus, a one-way data reception apparatus, and a one-way data transmission/reception method using the apparatuses. The one-way data transmission/reception method uses a one-way data transmission apparatus and a one-way data reception apparatus, and includes receiving data from a high-security zone through a one-way path, generating tag information of the data, sending a message in which the tag information is added to the data to the one-way data reception apparatus, receiving the message from the one-way data transmission apparatus, checking the tag information of the message, and transmitting the data to a low-security zone.
    Type: Application
    Filed: July 3, 2017
    Publication date: April 19, 2018
    Inventors: Byoung-Koo KIM, Seon-Gyoung SOHN, Boo-Sun JEON, Young-Jun HEO, Dong-Ho KANG, Jung-Chan NA, Byeong-Cheol CHOI, Jae-Hoon NAH, Seoung-Hyeon LEE
  • Patent number: 9871806
    Abstract: An apparatus and method of displaying a network security situation is provided. The apparatus includes an extraction unit configured to classify a characteristic factor including IP addresses of a transmission node and a reception node from a traffic flow, a network visualization unit configured to generate a domain circle visualizing each of a transmission domain and a reception domain as a circle shape by mapping the IP addresses of the transmission node and the reception node to points on circumference as one to one, arrange the generated domain circle on an axis, and visualize each of a transmission network area and a reception network area as a sphere shape, a session construction unit configured to a session of the visualized transmission network area and reception network visually, and a display unit configured to display the session which is visually constructed.
    Type: Grant
    Filed: June 3, 2015
    Date of Patent: January 16, 2018
    Assignee: Electronics and Telecommunications Research Institute
    Inventors: Seon Gyoung Sohn, Young Jun Heo
  • Patent number: 9699204
    Abstract: An abnormal traffic detection apparatus and method based on Modbus communication pattern learning is provided. The abnormal traffic detection apparatus based on the Modbus communication pattern learning previously detects and responds to abnormal traffic on a Modbus/TCP protocol. According to the present invention, a communication service between control systems can be stably provided by previously detecting the abnormal traffic capable of interfering with a stable operation of the control system. Particularly, since the effective abnormal traffic on the Modbus/TCP protocol can be previously detected, security of the control system can be increased by rapid detection and response with respect to security threats on the Intranet of the control system, and availability can be secured.
    Type: Grant
    Filed: April 29, 2015
    Date of Patent: July 4, 2017
    Assignee: Electronics and Telecommunications Research Institute
    Inventors: Byoung Koo Kim, Dong Ho Kang, Jung Chan Na, Seon Gyoung Sohn, Young Jun Heo
  • Publication number: 20160277547
    Abstract: Provided is a packet monitoring method for a communication packet transmitted and received between a server and a control device including receiving the communication packet transmitted and received between the server and the control device; determining whether the received communication packet is abnormal, based on a history table including control information on communication packets received before the received communication packet and control information on the received communication packet; and performing a security operation according to results of the determination.
    Type: Application
    Filed: March 14, 2016
    Publication date: September 22, 2016
    Inventors: Byoung-Koo KIM, Dong Ho KANG, Jung-Chan NA, Seon-Gyoung SOHN, Youngjun HEO
  • Patent number: 9298175
    Abstract: A method for detecting an abnormal traffic on a control system protocol, includes: checking whether session information exists in a management table; adding a new entry to the management table; checking whether a transaction ID in a table entry is the same as that of the received MODBUS request message; and checking whether data and length thereof of the received MODBUS request message are the same as those in the table entry. Further, the method includes detecting an abnormal traffic; and updating the table entry with packet information of the MODBUS request message.
    Type: Grant
    Filed: July 2, 2013
    Date of Patent: March 29, 2016
    Assignee: Electronics and Telecommunications Research Institute
    Inventors: Byoung-Koo Kim, Dong Ho Kang, Seon-Gyoung Sohn, Youngjun Heo, Jung-Chan Na, Ik Kyun Kim
  • Publication number: 20150381642
    Abstract: An abnormal traffic detection apparatus and method based on Modbus communication pattern learning is provided. The abnormal traffic detection apparatus based on the Modbus communication pattern learning previously detects and responds to abnormal traffic on a Modbus/TCP protocol. According to the present invention, a communication service between control systems can be stably provided by previously detecting the abnormal traffic capable of interfering with a stable operation of the control system. Particularly, since the effective abnormal traffic on the Modbus/TCP protocol can be previously detected, security of the control system can be increased by rapid detection and response with respect to security threats on the Intranet of the control system, and availability can be secured.
    Type: Application
    Filed: April 29, 2015
    Publication date: December 31, 2015
    Inventors: Byoung Koo KIM, Dong Ho KANG, Jung Chan NA, Seon Gyoung SOHN, Young Jun HEO
  • Publication number: 20150350242
    Abstract: An apparatus and method of displaying a network security situation is provided. The apparatus includes an extraction unit configured to classify a characteristic factor including IP addresses of a transmission node and a reception node from a traffic flow, a network visualization unit configured to generate a domain circle visualizing each of a transmission domain and a reception domain as a circle shape by mapping the IP addresses of the transmission node and the reception node to points on circumference as one to one, arrange the generated domain circle on an axis, and visualize each of a transmission network area and a reception network area as a sphere shape, a session construction unit configured to a session of the visualized transmission network area and reception network visually, and a display unit configured to display the session which is visually constructed.
    Type: Application
    Filed: June 3, 2015
    Publication date: December 3, 2015
    Inventors: Seon Gyoung SOHN, Young Jun HEO
  • Publication number: 20150341380
    Abstract: Provided are a system and method for detecting an abnormal behavior of a control system by analyzing flows of the control system. Flow information of the control network is collected, and flows are classified according to the collected flow information and a flow group is generated. An abnormal behavior of the control system is detected by analyzing flows of the generate flow group. That is, internal systems of the control network are grouped according to functions, and a situation of a system of a group performing the same function is managed to thus quickly detect an abnormal behavior of the control system.
    Type: Application
    Filed: March 24, 2015
    Publication date: November 26, 2015
    Inventors: Young Jun HEO, Seon Gyoung SOHN, Byoung Koo KIM, Dong Ho KANG, Jung Chan NA
  • Patent number: 9130983
    Abstract: An apparatus for detecting an abnormality sign in a control system, the control system comprising control equipments, network equipments, security equipments or server equipments, the apparatus includes an information collection module configured to collect system information, network information, security event information or transaction information in interworking with a control equipments, network equipments, security equipments or server equipments. The apparatus includes storage module that stores the information collected by the information collection module. The apparatus includes an abnormality detection module configured to analyze a correlation between the collected information and a prescribed security policy to detect whether there is an abnormality sign in the control system.
    Type: Grant
    Filed: June 26, 2013
    Date of Patent: September 8, 2015
    Assignee: Electronics and Telecommunications Research Institute
    Inventors: Youngjun Heo, Seon-Gyoung Sohn, Dong Ho Kang, Byoung-Koo Kim, Jung-Chan Na, Ik Kyun Kim
  • Patent number: 8965823
    Abstract: The present invention relates to an insider threat detection device and method which collects and analyzes a variety of information generated by insiders working for an organization, such as behaviors, events, and states of the insider, and detects an abnormal insider who may become a potential threat. According to the present invention, the insider threat detection method and apparatus analyzes information related to insiders using the correlation analysis method, and previously detects an abnormal sign of an insider who may become a potential threat to an organization, which makes it possible to protect the organization from attacks on systems inside the organization or seizure of important information inside the organization.
    Type: Grant
    Filed: May 18, 2012
    Date of Patent: February 24, 2015
    Assignee: Electronics & Telecommunications Research Institute
    Inventors: Seon Gyoung Sohn, Chi Yoon Jeong, Dong Ho Kang, Jung Chan Na, Ik Kyun Kim, Hyun Sook Cho
  • Publication number: 20140380458
    Abstract: Disclosed is an apparatus for preventing illegal access of industrial control system and a method thereof in accordance with the present invention. The apparatus for preventing illegal access of industrial control system includes: a first interface communicating a packet by interoperating with a management network group that requests a control command; a second interface communicating a packet by interoperating with a control network group that receives a control command from the management network group and processes it; and a control device, which, when a packet flows therein from the management network group or the control network group, checks whether or not at least one filter rule is set and controls the packet flow between the management network group and the control network group using the filter where the rule is set.
    Type: Application
    Filed: April 4, 2014
    Publication date: December 25, 2014
    Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Byoung-Koo KIM, Dong-Ho KANG, Seon-Gyoung SOHN, Young-Jun HEO, Jung-Chan NA