Abstract: An access pointer for interconnecting a power line communication (PLC) network of a home network and a wireless network and a method therefor are provided. When data is received from the PLC network through media access control of a data link layer, data on upper layers above a network layer in the received data is converted into a format suitable to a wireless network layer. The converted data is transmitted to the wireless network through the media access control of the data link layer. Accordingly, the PLC network and the wireless network are easily interconnected.

Abstract: A method and apparatus for pattern matching using packet reassembly are provided. The pattern matching method using packet reassembly includes: extracting serial information in relation to a current input packet; determining whether or not pattern matching result information in relation to one or more previous packets and/or subsequent packets on the basis of the serial number of the current input packet is already stored; loading the pattern matching result information in relation to the previous packets and/or subsequent packets; and reassembling the loaded pattern matching result information in relation to the previous packets and/or subsequent packets and the current input packet and performing pattern matching with attack patterns which are already stored.

Abstract: A liquid crystal display apparatus includes a plurality of pixels having first and second subpixels, a plurality of gate lines connected to the first and second subpixels to transmit gate signals, a plurality of first data lines intersecting the gate lines and connected to the first subpixels to transmit first data voltages, and a plurality of second data lines intersecting the gate lines and connected to the second subpixels to transmit second data voltages. The first and second data voltages have different sizes and are obtained from single image information. Each pixel is divided into a pair of subpixels, and different data voltages are applied to the subpixels through two different data lines, so that it is possible to secure a wide viewing angle and improve side visibility.

Abstract: A prefiltering method and apparatus for prefiltering a data stream for pattern matching are provided. The prefiltering method includes: receiving a data stream; loading previously stored filtering policies; filtering the data stream according to the loaded filtering policies and generating additional filtering information regarding the filtered data stream; determining whether to transmit the data stream to a search engine apparatus that performs pattern matching based on the additional filtering information; and transmitting the data stream to the search engine apparatus if the data stream is determined as requiring transmission. Therefore, it is possible to provide a high-performance pattern matching system that can achieve a high precision of pattern matching.

Abstract: Provided is an apparatus for detecting a network attack situation. The apparatus includes an alarm receiver receiving a plurality of alarms raised in a network to which the alarm receiver is connected, converting the alarms into predetermined alarm data, and outputting the alarm data; an alarm processor analyzing an attack situation in the network based on attributes of the alarm data and a number of times that the alarm data is generated; a memory storing basic data needed to analyze the state of the network and providing the basic data to the alarm processor; and an interface transmitting the result of the analysis by the alarm processor to an external device, receiving a predetermined critical value from the external device, which is a basis for determining the occurrence of the attack situation, and outputting the critical value to the alarm processor such that the alarm processor can store the critical value in the memory.

Abstract: The present invention relates to a real-time network attack pattern detection system and a method thereof in which a common pattern is detected in real time from packets, which are suspected to be a network attack such as Worm, to effectively block the attack.

Abstract: The present invention relates to a system for managing user identity information via the Internet and a method of providing a service using the same. The identity information managing system including: an electronic identification certificate issuing device for issuing an electronic identification certificate to authenticate and secure a user identity on the Internet; a service providing device for preparing an electronic contract with a user on the basis of the electronic identification certificate of the user, and providing a service to the user; and a user-side server receiving the service from the service providing device with which the electronic contract with the user is prepared.

Abstract: Provided is an apparatus for detecting and visualizing anomalies in network traffic which includes a traffic information storing portion storing information on network traffic, a traffic state display portion presenting a status of the network traffic generated for a predetermined threshold time based on the information on network traffic on an orthogonal coordinates system in a form of a graph connecting at least one point data as a coordinate value, and a traffic anomalies determination portion determining an existence of anomalies in the network traffic based on a shape of the graph.

Abstract: Provided are a method and an apparatus for managing online and offline documents using RFID technology. The method includes: pre-registering online and offline documents using radio frequency identification tag information stored in at least one of the online and offline documents to be output; determining whether the pre-registered online and offline documents are authorized to be output; and if it is determined that the pre-registered online and offline documents are authorized to be output, generating documents of the online and offline documents to be output and storing new radio frequency identification tag information in radio frequency identification tags attached to the documents to be output.

Abstract: The present invention relates to a network intrusion detection and prevention system. The system includes: a signature based detecting device; an anomaly behavior based detecting device; and a new signature creating and verifying device disposed between the signature based detecting device and the anomaly behavior based detecting device, wherein if the anomaly behavior based detecting device detects network-attack-suspicious packets, the new signature creating and verifying device collects and searches the detected suspicious packets for common information, and then creates a new signature on the basis of the searched common information and at the same time, verifies whether or not the created new signature is applicable to the signature based detecting device, and then registers the created new signature to the signature based detecting device if it is determined that the created new signature is applicable.

Abstract: A display device includes first and second substrates, and first and second alignment keys. The first and second substrates have first and second display regions and first and second peripheral regions, respectively. The first alignment key is disposed in the first peripheral region of the first substrate. The first alignment key includes a first pattern and a second pattern. The second alignment key is disposed in the second peripheral region of the second substrate such that the second alignment key faces the first alignment key. As a result, first alignment key may be formed through a procedure of forming the pixel electrode. Therefore, there exists no deviation between the first alignment key and the pixel electrode and the first alignment key may be easily detected because of the first pattern that is opaque, so that misalignment is prevented.

Abstract: Provided are an active node, and a system and method of transmitting contents using the active node. When contents to be transmitted from a contents server to a terminal are received, resource information of the terminal is identified, the contents transmitted from the contents server are transformed into a pertinent format to the terminal based on the resource information, information included in a header of the contents is transformed into information about the transformed contents and is transmitted to the terminal, thereby reducing load according to contents transformation of a contents server.

Abstract: A warm hydro-forming device comprises: an upper mold and a lower mold respectively mounted to an upper mold die and a lower mold die; a lifting die installed to the lower mold die through a guide unit, an upper portion of the lifting die being connected to the upper mold die through a lifting unit to cooperatively operate in an upward and downward direction with the upper mold die; a pair of hydraulic pressure cylinders for providing an axial compression force to the tube component and supplying a forming hydraulic fluid into the tube component; an ascending and descending unit for ascending or descending the upper mold die; and a heating unit associated with the lifting die such that the heating unit can move toward or away from the tube component. The heating unit heats the tube component and a forming hydraulic fluid through a high frequency induction heating.

Abstract: An apparatus and method for performing packet header lookup based on sequential lookup is provided. A header analyzer separates a header from a packet received via a network and outputs a lookup sequence. A unit lookup unit looks up matching the header combination rules with each field to be analyzed and input from the header analyzer based on the lookup sequence input from the header analyzer and outputs a match signal and a match address. A rule combination memory stores identification information for the header combination rules. A sequence combination memory stores lookup sequence information and sequence combination information. A rule combination unit generates match results based on the match signal input from the unit lookup unit and data read from the rule combination memory and the sequence combination memory.

Abstract: A method of and an apparatus for sorting data traffic based on a predetermined priority such as a bandwidth and a liveliness is provided. The method includes operations of: receiving the data flows; sorting the data flows based on bandwidth by defining a plurality of bandwidth ranges and classifying the sorted data flows according to the bandwidth ranges to which the bandwidth of each data flow belongs; and sorting the classified data flows based on liveliness representing frequency of occurrence of the data flows. The sorting of the classified data lows determines that the data flow which is recently received has the higher liveliness and sorts the data flows based on the determination. The method and apparatus facilitates selecting data flows which are possible hostile attack attempts from a vast amount of data traffic and allowing selective and intensive monitoring of the selected data flows.

Abstract: Provided is a method of transmitting and receiving a message using an encryption/decryption key, by which each of a sender and a recipient can generate an encryption/decryption key and recover a key used for encryption/decryption while transmitting and receiving the message using an electronic device. The method includes: (a) a user generating his/her own private key and a public key, registering the public key with a key recovery agent (KRA), and setting shared secret information; and (b) a sender transmitting the recovery information necessary for decryption of the transmission message to a recipient, and the recipient generating a key necessary for the decryption from the recovery information and decrypting the transmission message. The method may further include the recipient requesting recovery of the session key to the KRA.

Abstract: Provided is a method for analyzing a network attack situation. The method categorizes network intrusion detection alerts into network attack situations, counts the frequency of same-featured intrusion alert occurrence for each network attack situation using a counting algorithm based on time slots, and analyzes the network attack situation based on the frequency of same-featured intrusion detection alert occurrence, the rate of same-featured intrusion detection alert occurrence, or an AND/OR combination of them. The network attack situation can be correctly detected in real time without relatively being influenced by the size of the network or amount of the occurrence of the intrusion detection alerts.

Abstract: A network apparatus and packet routing method for ubiquitous computing are provided. In the network apparatus, a movement detection unit detects movement from a first network to a second network, and a movement address setting unit generates care-of-address (CoA) information corresponding to prefix information of the second network. A movement registration unit registers a movement address by transmitting a binding update message containing the generated CoA and home address (HoA) mapping information, to a home agent. A resource setting unit registers information on current terminal apparatuses among network terminal apparatuses on the second network. A packet distribution unit distributes the received packet to a current terminal apparatus corresponding to the application characteristic of the packet received from the home agent based on the information on the current terminal apparatuses.

Abstract: A method for electronic commerce using a security token and an apparatus thereof are provided. The electronic commerce method using a security token comprises a transaction approval institution generating a security token based on a security assertion markup language (SAML), using credit information of a purchaser who requests to issue a security token, and transmitting the security token to the purchaser; the purchaser writing an electronic signature on an order and transmitting the order together with the security token to a seller; the seller verifying the received order and security token, and then delivering goods according to the order to the purchaser; and the transaction approval institution performing payment for the seller and the purchaser. The method can solve the problems of personal information leakage and privacy infringement that may happen when a purchaser sends his personal information to a seller for electronic commerce.

Abstract: In a security engine management apparatus in network nodes, a security instruction and library subsystem processes every application program and utility. A policy decision subsystem determines a filtering policy, an intrusion detection policy and an access control policy. An authentication and access control subsystem blocks an unauthorized user to access to a system and allows an authorized user to access thereto according to the access control policy. A policy application subsystem applies the policies. A packet filtering subsystem receives an allowed packet and denies a disallowed packet according to the filtering policy. An intrusion analysis and audit trail subsystem analyzes the intrusion according to the intrusion detection policy. A security management subsystem manages a security engine.