Abstract: A system and method for monitoring a leakage of internal information by analyzing encrypted traffic according to the present invention is characterized in that an SSL session is not created directly between an internal computer and an external computer, but a monitoring computer creates SSL sessions with the internal computer and the external computer respectively, and when a data packet is transmitted from the internal computer to the external computer, the monitoring computer first checks whether the data packet contains internal information and then delivers the data packet.

Abstract: A system and method for monitoring a leakage of internal information by analyzing encrypted traffic according to the present invention is characterized in that an SSL session is not created directly between an internal computer and an external computer, but a monitoring computer creates SSL sessions with the internal computer and the external computer respectively, and when a data packet is transmitted from the internal computer to the external computer, the monitoring computer first checks whether the data packet contains internal information and then delivers the data packet.

Abstract: The present invention relates to a password input algorithm, more particularly to a password input system and method using alphanumeric matrices. An aspect of the invention can provide a password input system and method using alphanumeric matrices that can defend against keylogging attacks and shoulder surfing attacks by including a movable second alphanumeric matrix and a fixed first alphanumeric matrix and enabling a user to input a password by moving the password letters of the second alphanumeric matrix to the user-defined value of the first alphanumeric matrix. Another aspect of the invention can provide a password input system and method using alphanumeric matrices that can defend against shoulder surfing attacks by enabling a user to input a password by dividing the password by every two digits and moving the cross-points for the two digits, respectively, to the user-defined value of the first alphanumeric matrix.

Abstract: Provided is a system for detecting a voice over Internet protocol (VoIP) toll fraud attack. The system includes: a database (DB) storing registration information of normal users; a packet reception module receiving a call set-up packet from a network; and a VoIP signaling message forgery/falsification detection module receiving the call set-up packet from the packet reception module and comparing sender address information or header information of the call set-up packet with the registration information stored in the DB to detect whether the call set-up packet is a packet received from one of the normal users.

Abstract: The present invention relates to a password input algorithm, more particularly to a password input system and method using an alphanumeric matrix. An aspect of the invention can provide a password input system and method that can defend against keylogging attacks and shoulder surfing attacks, by having the final password inputted by way of certain alphanumeric matrix letters which are separated by a particular distance from the letters forming the password in the alphanumeric matrix. Also, an aspect of the invention can provide a password input system and method that can further increase the probability of defending against keylogging attacks and shoulder surfing attacks, by having the final password inputted by way of certain alphanumeric matrix letters which are separated by a particular distance from the letters forming the password in the alphanumeric matrix, but with the alphanumeric matrix rotated every time a letter is inputted.

Abstract: The present invention relates to a password input algorithm, more particularly to a password input system and method using alphanumeric matrices. An aspect of the invention can provide a password input system and method using alphanumeric matrices that can defend against keylogging attacks and shoulder surfing attacks by including a movable second alphanumeric matrix and a fixed first alphanumeric matrix and enabling a user to input a password by moving the password letters of the second alphanumeric matrix to the user-defined value of the first alphanumeric matrix. Another aspect of the invention can provide a password input system and method using alphanumeric matrices that can defend against shoulder surfing attacks by enabling a user to input a password by dividing the password by every two digits and moving the cross-points for the two digits, respectively, to the user-defined value of the first alphanumeric matrix.

Abstract: The present invention relates to a method of managing a mobile multicast key using a foreign key. More specifically, the present invention relates to a method of managing a mobile multicast key using a foreign key for secure communication between a mobile terminal and a secure relay server in the region where microwaves from plural access points overlap. A method of managing a mobile multicast key using a foreign key according to the present invention has an advantage that multicast secure relay servers perform delegated authentication in advance in a region where microwaves overlap, thus reducing a delay time for authentication in a mobile terminal and it has an advantage that it can minimize an effect from changes in group keys that user's movement make, by using a primary group key and a foreign key. This results in a reduction of an overhead from update of a group key while moving, and accordingly a reduction of a delay time.

Abstract: The present invention relates to a method of efficiently managing dynamic multicast groups. In the method of efficiently managing dynamic multicast groups a hierarchical structure is used as a network structure for a multicast service. Accordingly, there are advantages in that groups can be merged or divided efficiently and overload depending on group management can be reduced.

Abstract: Disclosed is a system for lawful interception using a trusted third party in secure VoIP communication. A VoIP transmit terminal generates a secure packet using a master key received from a trusted third party and then communicates with a VoIP receive terminal. A collection device having received a lawful interception instruction from a key recovering system collects and transmits the secure packet to the key recovering system. The key recovering system decrypts the secure packet using the master key received from the trusted third party and provides the decrypted secure packet to a lawful interception requester or provides the master key received from the trusted third party and the secure packet to the lawful interception requester. It is possible to provide the perfect lawful interception in the secure VoIP communication environment, and to guarantee a perfect forward secrecy since the master key is changed for each call.

Abstract: Disclosed is a security system of a call signaling message. An object of the invention is to provide a security system and a securing method of a call signaling message, in which even when a call signaling message is leaked out and thus modified in a SIP (Session Initiation Protocol) based VoIP (Voice Over Internet Protocol) service, the modified message is blocked in advance to enable the VoIP service to be provided without an attack effect by the packets. When using the security system and the securing method of a call signaling message according to an embodiment of the invention, it is possible to prevent, in the SIP based VoIP service, a call signaling message from being modified to cause a call failure when requesting a call or during the call, and to block an attack on the call signaling message in advance.

Abstract: Disclosed are a user agent providing secure VoIP communication and a secure communication method using the same. A user agent of the invention has an additional module for providing a secure function as well as a module for providing general communication, thereby supporting the secure communication. In addition, as a secure communication method using the user agent, a signaling security mechanism negotiation method and a media encryption algorithm negotiation method are provided. Hence, it is possible to provide internet telephone users with a secure VoIP communication service.

Abstract: Disclosed is a device for dropping an attack multimedia packet. An object of the invention is to provide a device, a system and a method for dropping an attack multimedia packet, capable of filtering RTP packets received to selectively drop an attack multimedia packet, thereby providing a stable multimedia service. According to the invention, the received RTP packet is filtered to selectively drop an attack multimedia packet, so that it is possible to provide a stable multimedia service.

Abstract: The present invention relates to a delegated authentication method for secure mobile multicasting. More specifically, the present invention relates to a delegated authentication method for secure mobile multicasting in which, when a mobile terminal in a wireless area moves from one network to another, the mobile terminal receives beacon information from an access point (AP) and the multicast secure relay server of the mobile terminal requests the multicast secure relay server controlling the access point to delegated-authenticate the mobile terminal, and after the multicast secure relay server which has received the request makes delegated-authentication, the multicast secure relay server encrypts data using the group key which the mobile terminal used before moving.

Abstract: The present invention relates to a method of managing a mobile multicast key using a foreign key. More specifically, the present invention relates to a method of managing a mobile multicast key using a foreign key for secure communication between a mobile terminal and a secure relay server in the region where microwaves from plural access points overlap. A method of managing a mobile multicast key using a foreign key according to the present invention has an advantage that multicast secure relay servers perform delegated authentication in advance in a region where microwaves overlap, thus reducing a delay time for authentication in a mobile terminal. And it has an advantage that it can minimize an effect from changes in group keys that user's movement make, by using a primary group key and a foreign key. This results in a reduction of an overhead from update of a group key while moving, and accordingly a reduction of a delay time.