Patents by Inventor Yang Seo Choi

Yang Seo Choi has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20230142407
    Abstract: Disclosed herein are an apparatus for analyzing non-informative firmware and a method using the apparatus. The method includes detecting a target instruction for firmware analysis in a memory map in non-informative firmware, generating an analysis list based on memory map information corresponding to the target instruction, and generating a visualized analysis result corresponding to the firmware by grouping the entries of the analysis list by preset reference bytes.
    Type: Application
    Filed: October 25, 2022
    Publication date: May 11, 2023
    Inventors: Dae-Won Kim, Sang-Su Lee, Yong-Je Choi, Byeong-Cheol Choi, Dong-Wook Kang, Yang-Seo Choi
  • Publication number: 20230004680
    Abstract: Disclosed herein are an apparatus and method for verifying the integrity of a hardware board. The apparatus includes one or more processors and execution memory for storing at least one program that is executed by the processors, wherein the program is configured to compare images of components arranged on a verification target board and a source board in a first image, obtained by photographing the verification target board, and in a second image prestored for the source board, as to whether images of the components are identical to each other, and compare first firmware extracted from the verification target board with second firmware of the source board, as to whether first firmware is identical to second firmware and verify integrity of the verification target board based on whether the images are identical to each other and on whether the pieces of firmware are identical to each other.
    Type: Application
    Filed: May 6, 2022
    Publication date: January 5, 2023
    Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Yong-Je CHOI, Dae-Won KIM, Sang-Su LEE, Byeong-Cheol CHOI, Dong-Wook KANG, Ik-Kyun KIM, Yang-Seo CHOI
  • Publication number: 20230004499
    Abstract: Disclosed herein are an apparatus and method for extracting memory map information from firmware. The apparatus includes one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program retrieves memory-related data from firmware, sets a data structure by analyzing binary code based on the memory-related data, and retrieves a memory map structure from the firmware using the data structure.
    Type: Application
    Filed: May 5, 2022
    Publication date: January 5, 2023
    Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Yong-Je CHOI, Dae-Won KIM, Sang-Su LEE, Byeong-Cheol CHOI, Dong-Wook KANG, Yang-Seo CHOI
  • Publication number: 20220374525
    Abstract: Disclosed herein are an apparatus and a method for detecting a vulnerability to a nonvolatile memory attack. The apparatus for detecting a vulnerability to a nonvolatile memory attack includes memory for storing at least one program, and a processor for executing the program, wherein the program includes a fuzzer unit for sending a fuzzing message to fuzzing target software, a nonvolatile memory write control unit for, when a request to write data to a nonvolatile memory is received from the fuzzing target software, transferring nonvolatile memory write data to an attack vulnerability detection unit, and the attack vulnerability detection unit for, when the nonvolatile memory write data is received from the nonvolatile memory write control unit, searching for a vulnerability to a nonvolatile memory attack based on a result of determining whether the nonvolatile memory write data is normal based on a model pre-trained in a normal state.
    Type: Application
    Filed: November 12, 2021
    Publication date: November 24, 2022
    Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: GAE-IL AN, Yang-Seo CHOI
  • Publication number: 20220166702
    Abstract: Disclosed herein are a fuzzing preprocessing apparatus and method for automating smart network fuzzing. The fuzzing preprocessing method includes collecting communication message samples that are sent by a fuzzing target client to a fuzzing target system, comparing the communication message samples with each other, and then identifying sizes and types of fields of a fuzzing target protocol, determining a property of a protocol field value with reference to ASCII code, determining a coverage of a user field based on a response message to a test communication message that has been sent to the fuzzing target system, and storing a fuzzing protocol data model having a field number, a field type, a field size, a field value property, and a field value of the fuzzing target protocol, as elements.
    Type: Application
    Filed: December 28, 2020
    Publication date: May 26, 2022
    Applicant: Electronics and Telecommunications Research Institute
    Inventors: Gae-Il AN, Yang-Seo CHOI
  • Patent number: 11176011
    Abstract: Disclosed herein are an apparatus and method for transmitting fuzzing data. The apparatus may include one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program may collect context information pertaining to a one-way fuzzing target device that uses a one-way protocol, may determine the execution state of the one-way fuzzing target device by analyzing the context information, and may transmit fuzzing data to the one-way fuzzing target device based on the result of determination of the execution state.
    Type: Grant
    Filed: October 22, 2020
    Date of Patent: November 16, 2021
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Gae-Il An, Won-Jun Song, Yang-Seo Choi
  • Patent number: 11175992
    Abstract: Disclosed herein are a method for automated fuzzing for an IoT device based on automated reset and an apparatus using the same. The method includes loading, by the apparatus, a fuzzing agent into an IoT device based on firmware; monitoring, by the apparatus, the status of processing of fuzzing input by the IoT device based on the fuzzing agent; collecting, by the apparatus, fuzzing data corresponding to occurrence of a crash based on hooking using the fuzzing agent when the crash occurs in the IoT device; and resetting, by the apparatus, the IoT device based on the fuzzing agent.
    Type: Grant
    Filed: December 24, 2020
    Date of Patent: November 16, 2021
    Assignee: Electronics and Telecommunications Research Institute
    Inventors: Yang-Seo Choi, Gae-Il An
  • Publication number: 20210165722
    Abstract: Disclosed herein are an apparatus and method for transmitting fuzzing data. The apparatus may include one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program may collect context information pertaining to a one-way fuzzing target device that uses a one-way protocol, may determine the execution state of the one-way fuzzing target device by analyzing the context information, and may transmit fuzzing data to the one-way fuzzing target device based on the result of determination of the execution state.
    Type: Application
    Filed: October 22, 2020
    Publication date: June 3, 2021
    Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Gae-Il An, Won-Jun Song, Yang-Seo Choi
  • Publication number: 20210160273
    Abstract: Disclosed herein are a method for calculating a risk for an industrial control system and an apparatus for the same. The method includes collecting at least one keyword based on published vulnerabilities in a target industrial control system and generating an attack vector corresponding to the at least one keyword; collecting operating environment characteristics corresponding to the operating environment that is currently being used in the target industrial control system; calculating a targeted risk for the attack vector in consideration of a vulnerability characteristic matching the at least one keyword, among the operating environment characteristics, and a weight applied to the vulnerability characteristic; and providing the targeted risk to the operator module of the target industrial control system.
    Type: Application
    Filed: October 27, 2020
    Publication date: May 27, 2021
    Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Yang-Seo CHOI, Won-Jun SONG, Gae-Il AN
  • Patent number: 10929541
    Abstract: An apparatus and method for assessing cybersecurity vulnerabilities based on a serial port. The apparatus includes a vulnerability DB for storing vulnerability assessment items, a communication unit for configuring an environment for serial communication with an assessment target device and configuring a network environment, a vulnerability scanning unit for selecting a vulnerability assessment item for which cybersecurity vulnerability assessment is to be performed on the assessment target device, and performing scanning for checking the selected vulnerability assessment item on the assessment target device, a response analysis unit for analyzing a response of the assessment target device to the scanning, and setting one or more of an operating system, an application, and a protocol corresponding to the assessment target device, and a vulnerability presence determination unit for determining, using the set one or more of the operating system, application, and protocol, whether a vulnerability is present.
    Type: Grant
    Filed: July 23, 2018
    Date of Patent: February 23, 2021
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventor: Yang-Seo Choi
  • Patent number: 10404782
    Abstract: Disclosed are an apparatus and method for reconstructing a transmitted file with high performance in real time, which select analysis target packets for reconstruction by first checking using hardware whether data file-related information is present in packets transmitted via large-capacity traffic over a broadband network, and which reconstruct a file in real time only from the selected analysis target packets. The file reconstruction apparatus for reconstructing a data file from packets on a network includes a packet monitoring unit for extracting packets on the network, a collected packet selection unit for determining whether, for the extracted packets, each packet is a reconstruction target based on flow information, and selecting a reconstruction target packet, and a file reconstruction unit for performing file reconstruction by extracting data from the reconstruction target packet and by storing the extracted data as data of a reconstructed file in a relevant flow.
    Type: Grant
    Filed: October 21, 2016
    Date of Patent: September 3, 2019
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Yang-Seo Choi, Jong-Hyun Kim, Joo-Young Lee, Sun-Oh Choi, Ik-Kyun Kim, Dae-Sung Moon
  • Publication number: 20190050578
    Abstract: An apparatus and method for assessing cybersecurity vulnerabilities based on a serial port. The apparatus includes a vulnerability DB for storing vulnerability assessment items, a communication unit for configuring an environment for serial communication with an assessment target device and configuring a network environment, a vulnerability scanning unit for selecting a vulnerability assessment item for which cybersecurity vulnerability assessment is to be performed on the assessment target device, and performing scanning for checking the selected vulnerability assessment item on the assessment target device, a response analysis unit for analyzing a response of the assessment target device to the scanning, and setting one or more of an operating system, an application, and a protocol corresponding to the assessment target device, and a vulnerability presence determination unit for determining, using the set one or more of the operating system, application, and protocol, whether a vulnerability is present.
    Type: Application
    Filed: July 23, 2018
    Publication date: February 14, 2019
    Inventor: Yang-Seo CHOI
  • Patent number: 10089460
    Abstract: A behavior-based malicious code detecting apparatus and method using multiple feature vectors is disclosed. A malicious code learning method may include collecting characteristic factor information when a training target process comprising a malicious code is executed, generating a feature vector for malicious code verification based on the collected characteristic factor information, learning the generated feature vector through a plurality of machine learning algorithms to generate a model of representing the malicious code and a model of representing a normal file, and storing the model of representing the malicious code and the model of representing the normal file generated through the learning.
    Type: Grant
    Filed: May 31, 2016
    Date of Patent: October 2, 2018
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Dae Sung Moon, Ik Kyun Kim, Yang Seo Choi
  • Publication number: 20170237680
    Abstract: Disclosed are an apparatus and method for reconstructing a transmitted file with high performance in real time, which select analysis target packets for reconstruction by first checking using hardware whether data file-related information is present in packets transmitted via large-capacity traffic over a broadband network, and which reconstruct a file in real time only from the selected analysis target packets. The file reconstruction apparatus for reconstructing a data file from packets on a network includes a packet monitoring unit for extracting packets on the network, a collected packet selection unit for determining whether, for the extracted packets, each packet is a reconstruction target based on flow information, and selecting a reconstruction target packet, and a file reconstruction unit for performing file reconstruction by extracting data from the reconstruction target packet and by storing the extracted data as data of a reconstructed file in a relevant flow.
    Type: Application
    Filed: October 21, 2016
    Publication date: August 17, 2017
    Inventors: Yang-Seo CHOI, Jong-Hyun KIM, Joo-Young LEE, Sun-Oh CHOI, Ik-Kyun KIM, Dae-Sung MOON
  • Publication number: 20170237716
    Abstract: The present invention relates to a system and method for interlocking intrusion information. An intrusion information interlocking system includes at least one interlocking client which is connected to a client system which collects session information of intrusion in different network domains to transmit the intrusion information collected by the client system to the control system and requests analysis information on the intrusion information in accordance with a request of the client system to provide the analysis information to the client system, and an interlocking server which is connected to a control system which analyzes intrusion information to transmit the intrusion information of different network domains provided from one or more interlocking clients to the control system, stores the intrusion analysis information from the control system, and shares the stored intrusion analysis information with the interlocking client in accordance with the request of the interlocking client.
    Type: Application
    Filed: August 24, 2016
    Publication date: August 17, 2017
    Inventors: Jong Hyun KIM, Ik Kyun KIM, Joo Young LEE, Sun Oh CHOI, Yang Seo CHOI
  • Publication number: 20170235640
    Abstract: Disclosed herein are a network traffic recording apparatus and method. The network traffic recording apparatus includes a data partitioning unit for generating a single data block from original data corresponding to a certain unit and partitioning the single data block into preset units, a data integrity verification information generation unit for generating data integrity verification information for each data block, and a data redundancy elimination encoding unit for performing redundancy elimination on data, which is a target of redundancy elimination, for each data block.
    Type: Application
    Filed: November 23, 2016
    Publication date: August 17, 2017
    Inventors: Joo-Young LEE, Ik-Kyun KIM, Jong-Hyun KIM, Sun-Oh CHOI, Yang-Seo CHOI
  • Publication number: 20170193225
    Abstract: A behavior-based malicious code detecting apparatus and method using multiple feature vectors is disclosed. A malicious code learning method may include collecting characteristic factor information when a training target process comprising a malicious code is executed, generating a feature vector for malicious code verification based on the collected characteristic factor information, learning the generated feature vector through a plurality of machine learning algorithms to generate a model of representing the malicious code and a model of representing a normal file, and storing the model of representing the malicious code and the model of representing the normal file generated through the learning.
    Type: Application
    Filed: May 31, 2016
    Publication date: July 6, 2017
    Inventors: Dae Sung MOON, Ik Kyun KIM, Yang Seo CHOI
  • Patent number: 9537887
    Abstract: Disclosed are provided a method and a system for network connection chain traceback by using network flow data in order to trace an attack source site for cyber hacking attacks that goes by way of various sites without addition of new equipment of a network or modification a standard protocol when the cyber hacking attack occurs in the Internet and an internal network.
    Type: Grant
    Filed: March 2, 2015
    Date of Patent: January 3, 2017
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Yang Seo Choi, Ik Kyun Kim, Min Ho Han, Jung Tae Kim, Jong Hyun Kim
  • Publication number: 20160156643
    Abstract: An apparatus and method for generating a process activity profile are provided.
    Type: Application
    Filed: July 17, 2015
    Publication date: June 2, 2016
    Inventor: Yang Seo CHOI
  • Publication number: 20150256555
    Abstract: Disclosed are provided a method and a system for network connection chain traceback by using network flow data in order to trace an attack source site for cyber hacking attacks that goes by way of various sites without addition of new equipment of a network or modification a standard protocol when the cyber hacking attack occurs in the Internet and an internal network.
    Type: Application
    Filed: March 2, 2015
    Publication date: September 10, 2015
    Inventors: Yang Seo CHOI, Ik Kyun KIM, Min Ho HAN, Jung Tae KIM, Jong Hyun KIM