METHOD AND APPARATUS FOR DETECTION OF ANOMALY ON COMPUTER SYSTEM
According to one embodiment of the present invention, provided is an apparatus for detecting abnormal behavior of a computer system, which comprises: a log collection unit collecting a call sequence log including a name of a system call used in a computer system and order information in which the sy...
Gespeichert in:
| Hauptverfasser: | , , , , , , , , , , |
|---|---|
| Format: | Patent |
| Sprache: | eng ; kor |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | YUN HOSANG HEO SEONDONG PARK KYOUNGCHAN JANG MYEONGJUN LEE HWASEONG KIM KISU KIM CZANG YEOB YOON YEOJEONG JUNG YUJIN KANG PILSUNG SEO SEUNGWAN |
| description | According to one embodiment of the present invention, provided is an apparatus for detecting abnormal behavior of a computer system, which comprises: a log collection unit collecting a call sequence log including a name of a system call used in a computer system and order information in which the system call is used; and an abnormal behavior detection unit applying the call sequence log to a machine learning algorithm learned to determine abnormal behavior of the computer system to detect the abnormal behavior of the computer system related to the call sequence log.
본 발명의 일 실시예에 따른 컴퓨터 시스템의 이상 행위 탐지 장치는, 컴퓨터 시스템에서 이용되는 시스템 콜의 명칭 및 상기 시스템 콜이 이용되는 순서 정보를 포함하는 콜 시퀀스 로그를 수집하는 로그 수집부와, 컴퓨터 시스템의 이상 행위를 판별하도록 학습된 기계학습 알고리즘에 상기 콜 시퀀스 로그를 적용하여 상기 콜 시퀀스 로그와 관련된 컴퓨터 시스템의 이상 행위를 탐지하는 이상 행위 탐지부를 포함할 수 있다. |
| format | Patent |
| fullrecord | <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_KR102088509BB1</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>KR102088509BB1</sourcerecordid><originalsourceid>FETCH-epo_espacenet_KR102088509BB13</originalsourceid><addsrcrecordid>eNrjZHDwdQ3x8HdRcPQD4oAAxyDHkNBgBTf_IAUX1xBX5xBPfz8FfzegtL-vo0-kApDn7O8bEBriGqQQHBkc4urLw8CalphTnMoLpbkZlN1cQ5w9dFML8uNTiwsSk1PzUkvivYMMDYwMLCxMDSydnAyNiVMFAFJvK68</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>METHOD AND APPARATUS FOR DETECTION OF ANOMALY ON COMPUTER SYSTEM</title><source>esp@cenet</source><creator>YUN HOSANG ; HEO SEONDONG ; PARK KYOUNGCHAN ; JANG MYEONGJUN ; LEE HWASEONG ; KIM KISU ; KIM CZANG YEOB ; YOON YEOJEONG ; JUNG YUJIN ; KANG PILSUNG ; SEO SEUNGWAN</creator><creatorcontrib>YUN HOSANG ; HEO SEONDONG ; PARK KYOUNGCHAN ; JANG MYEONGJUN ; LEE HWASEONG ; KIM KISU ; KIM CZANG YEOB ; YOON YEOJEONG ; JUNG YUJIN ; KANG PILSUNG ; SEO SEUNGWAN</creatorcontrib><description>According to one embodiment of the present invention, provided is an apparatus for detecting abnormal behavior of a computer system, which comprises: a log collection unit collecting a call sequence log including a name of a system call used in a computer system and order information in which the system call is used; and an abnormal behavior detection unit applying the call sequence log to a machine learning algorithm learned to determine abnormal behavior of the computer system to detect the abnormal behavior of the computer system related to the call sequence log.
본 발명의 일 실시예에 따른 컴퓨터 시스템의 이상 행위 탐지 장치는, 컴퓨터 시스템에서 이용되는 시스템 콜의 명칭 및 상기 시스템 콜이 이용되는 순서 정보를 포함하는 콜 시퀀스 로그를 수집하는 로그 수집부와, 컴퓨터 시스템의 이상 행위를 판별하도록 학습된 기계학습 알고리즘에 상기 콜 시퀀스 로그를 적용하여 상기 콜 시퀀스 로그와 관련된 컴퓨터 시스템의 이상 행위를 탐지하는 이상 행위 탐지부를 포함할 수 있다.</description><language>eng ; kor</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC DIGITAL DATA PROCESSING ; PHYSICS</subject><creationdate>2020</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20200312&DB=EPODOC&CC=KR&NR=102088509B1$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,780,885,25564,76547</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20200312&DB=EPODOC&CC=KR&NR=102088509B1$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>YUN HOSANG</creatorcontrib><creatorcontrib>HEO SEONDONG</creatorcontrib><creatorcontrib>PARK KYOUNGCHAN</creatorcontrib><creatorcontrib>JANG MYEONGJUN</creatorcontrib><creatorcontrib>LEE HWASEONG</creatorcontrib><creatorcontrib>KIM KISU</creatorcontrib><creatorcontrib>KIM CZANG YEOB</creatorcontrib><creatorcontrib>YOON YEOJEONG</creatorcontrib><creatorcontrib>JUNG YUJIN</creatorcontrib><creatorcontrib>KANG PILSUNG</creatorcontrib><creatorcontrib>SEO SEUNGWAN</creatorcontrib><title>METHOD AND APPARATUS FOR DETECTION OF ANOMALY ON COMPUTER SYSTEM</title><description>According to one embodiment of the present invention, provided is an apparatus for detecting abnormal behavior of a computer system, which comprises: a log collection unit collecting a call sequence log including a name of a system call used in a computer system and order information in which the system call is used; and an abnormal behavior detection unit applying the call sequence log to a machine learning algorithm learned to determine abnormal behavior of the computer system to detect the abnormal behavior of the computer system related to the call sequence log.
본 발명의 일 실시예에 따른 컴퓨터 시스템의 이상 행위 탐지 장치는, 컴퓨터 시스템에서 이용되는 시스템 콜의 명칭 및 상기 시스템 콜이 이용되는 순서 정보를 포함하는 콜 시퀀스 로그를 수집하는 로그 수집부와, 컴퓨터 시스템의 이상 행위를 판별하도록 학습된 기계학습 알고리즘에 상기 콜 시퀀스 로그를 적용하여 상기 콜 시퀀스 로그와 관련된 컴퓨터 시스템의 이상 행위를 탐지하는 이상 행위 탐지부를 포함할 수 있다.</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>PHYSICS</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2020</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZHDwdQ3x8HdRcPQD4oAAxyDHkNBgBTf_IAUX1xBX5xBPfz8FfzegtL-vo0-kApDn7O8bEBriGqQQHBkc4urLw8CalphTnMoLpbkZlN1cQ5w9dFML8uNTiwsSk1PzUkvivYMMDYwMLCxMDSydnAyNiVMFAFJvK68</recordid><startdate>20200312</startdate><enddate>20200312</enddate><creator>YUN HOSANG</creator><creator>HEO SEONDONG</creator><creator>PARK KYOUNGCHAN</creator><creator>JANG MYEONGJUN</creator><creator>LEE HWASEONG</creator><creator>KIM KISU</creator><creator>KIM CZANG YEOB</creator><creator>YOON YEOJEONG</creator><creator>JUNG YUJIN</creator><creator>KANG PILSUNG</creator><creator>SEO SEUNGWAN</creator><scope>EVB</scope></search><sort><creationdate>20200312</creationdate><title>METHOD AND APPARATUS FOR DETECTION OF ANOMALY ON COMPUTER SYSTEM</title><author>YUN HOSANG ; HEO SEONDONG ; PARK KYOUNGCHAN ; JANG MYEONGJUN ; LEE HWASEONG ; KIM KISU ; KIM CZANG YEOB ; YOON YEOJEONG ; JUNG YUJIN ; KANG PILSUNG ; SEO SEUNGWAN</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_KR102088509BB13</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng ; kor</language><creationdate>2020</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>PHYSICS</topic><toplevel>online_resources</toplevel><creatorcontrib>YUN HOSANG</creatorcontrib><creatorcontrib>HEO SEONDONG</creatorcontrib><creatorcontrib>PARK KYOUNGCHAN</creatorcontrib><creatorcontrib>JANG MYEONGJUN</creatorcontrib><creatorcontrib>LEE HWASEONG</creatorcontrib><creatorcontrib>KIM KISU</creatorcontrib><creatorcontrib>KIM CZANG YEOB</creatorcontrib><creatorcontrib>YOON YEOJEONG</creatorcontrib><creatorcontrib>JUNG YUJIN</creatorcontrib><creatorcontrib>KANG PILSUNG</creatorcontrib><creatorcontrib>SEO SEUNGWAN</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>YUN HOSANG</au><au>HEO SEONDONG</au><au>PARK KYOUNGCHAN</au><au>JANG MYEONGJUN</au><au>LEE HWASEONG</au><au>KIM KISU</au><au>KIM CZANG YEOB</au><au>YOON YEOJEONG</au><au>JUNG YUJIN</au><au>KANG PILSUNG</au><au>SEO SEUNGWAN</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>METHOD AND APPARATUS FOR DETECTION OF ANOMALY ON COMPUTER SYSTEM</title><date>2020-03-12</date><risdate>2020</risdate><abstract>According to one embodiment of the present invention, provided is an apparatus for detecting abnormal behavior of a computer system, which comprises: a log collection unit collecting a call sequence log including a name of a system call used in a computer system and order information in which the system call is used; and an abnormal behavior detection unit applying the call sequence log to a machine learning algorithm learned to determine abnormal behavior of the computer system to detect the abnormal behavior of the computer system related to the call sequence log.
본 발명의 일 실시예에 따른 컴퓨터 시스템의 이상 행위 탐지 장치는, 컴퓨터 시스템에서 이용되는 시스템 콜의 명칭 및 상기 시스템 콜이 이용되는 순서 정보를 포함하는 콜 시퀀스 로그를 수집하는 로그 수집부와, 컴퓨터 시스템의 이상 행위를 판별하도록 학습된 기계학습 알고리즘에 상기 콜 시퀀스 로그를 적용하여 상기 콜 시퀀스 로그와 관련된 컴퓨터 시스템의 이상 행위를 탐지하는 이상 행위 탐지부를 포함할 수 있다.</abstract><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | |
| ispartof | |
| issn | |
| language | eng ; kor |
| recordid | cdi_epo_espacenet_KR102088509BB1 |
| source | esp@cenet |
| subjects | CALCULATING COMPUTING COUNTING ELECTRIC DIGITAL DATA PROCESSING PHYSICS |
| title | METHOD AND APPARATUS FOR DETECTION OF ANOMALY ON COMPUTER SYSTEM |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-19T19%3A30%3A36IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=YUN%20HOSANG&rft.date=2020-03-12&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EKR102088509BB1%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |