KR101663935B1 - System and method for protecting against phishing and pharming - Google Patents
System and method for protecting against phishing and pharming Download PDFInfo
- Publication number
- KR101663935B1 KR101663935B1 KR1020160073349A KR20160073349A KR101663935B1 KR 101663935 B1 KR101663935 B1 KR 101663935B1 KR 1020160073349 A KR1020160073349 A KR 1020160073349A KR 20160073349 A KR20160073349 A KR 20160073349A KR 101663935 B1 KR101663935 B1 KR 101663935B1
- Authority
- KR
- South Korea
- Prior art keywords
- site
- user
- hash value
- access
- information
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
Description
The present invention relates to a phishing and pharming prevention system and method, and more particularly, to a system and method for preventing phishing and pharming by comparing user's actual input operation information with site access information, Such as malicious programs, such as phishing and pharming.
Recently, phishing and pharming have been used as crimes through the Internet. Among them, phishing is disguised as a mail sent from a website of a financial institution or the like to extract personal identification number, credit card number and account information This is a fraudulent method of illegal use. And when Phamming steals personal information after stealing a user's legally owned domain or by inducing users to connect to a fake site that has misidentified a real site by tampering with the Domain Name System (DNS) or proxy server address A new computer crime trick.
In this case, the pharming is a new Internet fraud method following phishing. Even if the user attempts to access the Internet by correctly inputting the address of the web site to which the user intends to access, the computer of the user infected with the malicious code (or malicious program) It is a crime trick that causes more serious damage by moving traffic and showing the user the fake site.
Moreover, in the case of phishing, the user can easily notice by checking the address information of the access site easily, but in the case of pharming, even if the user carefully looks at the domain address or the URL address, it is easy to cheat. That is, pharming is more likely to be harmed than phishing by easily knowing only the sites that users use and accessing without any suspicion, easily revealing personal IDs, passwords, and financial information.
In order to prevent damage caused by phishing and pharming in the past, a vaccine or a malicious code removal program has been installed in a user's computer. However, only the malicious code (or malicious program) before the update can be detected, In case of infection with malicious code of a new farming site, it was difficult to detect and respond.
BACKGROUND ART [0002] The background art of the present invention is disclosed in Korean Patent No. 10-1244649 (registered on March 13, 2013, Farming Defense Method).
According to an aspect of the present invention, there is provided a method for preventing unauthorized access to a harmful site by comparing user's actual input operation information with site access information, It is an object of the present invention to provide a phishing and pharming prevention system and method that can prevent a computer from being controlled by malicious programs such as phishing and pharming.
According to an aspect of the present invention, there is provided a phishing and pharming prevention system comprising: an agent installed in a user's computer; And an external device communicating with the agent outside the user computer to perform anti-phishing and anti-pharming operations, wherein the agent uses an HTML document of a specific site displayed through a web browser of the user computer, and outputs a hash value to the external device, and outputs a harmful site connection warning on the screen according to a control signal output from the external device. When the external device attempts to access the site through the user computer, Whether the connection attempt is a normal site connection attempt intended by the user and whether the site connected by the site connection attempt is a normal site or a harmful site is monitored and based on the monitoring result, , And registration of the harmful site list Characterized in that for performing.
In the present invention, the external device may be formed so that at least one computer can be connected to the front end or the rear end of the router that allows one Internet line to be shared with the Internet, or is additionally included in the router And the function of the router is simultaneously performed.
In the present invention, the external device may include an input device monitoring unit for monitoring an input operation through an input device including a keyboard and a mouse to determine whether a site connection attempt is a normal site connection attempt intended by the user; And a monitoring unit operating as a control unit in the external device determines that there is a normal connection attempt if there is a user connection attempt for a specific site connection through the input device as a means for preventing a DDos attack, If there is a connection attempt for connection to the specific site without passing through the input device, it is determined that there is an abnormal connection attempt including a DDos attack, and the connection request is blocked and the user is notified.
In the present invention, the input device monitoring unit monitors information input through the input device, and simultaneously transmits the input information to a keyboard port and a mouse port of the user computer.
In the present invention, the external device includes a monitoring unit that monitors whether the site connection attempt is a normal site connection or a harmful site connection due to a normal site connection attempt intended by the user, A hash value generation unit for generating a hash value (first hash value) using an HTML document of a specific site including a government office; A hash value comparing unit for comparing a hash value generated by the hash value generating unit with a hash value (second hash value) generated from an HTML document of a site currently accessed through the agent of the user's computer; A URL inquiry analyzer for inquiring and analyzing whether the URL address of the site to which the connection is attempted is a normal site address or a harmful site address; And a blacklist registration unit for registering the harmful site information in the blacklist DB when the connected specific site is a harmful site.
In the present invention, the monitoring unit of the external device monitors whether or not the agent is forcibly terminated by communicating with the agent at a predetermined cycle. If the agent is forcibly terminated, the monitoring unit monitors Or does not transmit the input information of the input device including the keyboard and the mouse to the user computer, thereby making it impossible to control the user computer.
In the present invention, the external device includes a whitelist DB for managing access information of a specific site including a financial institution and a public office; And a blacklist DB for managing connection information of the harmful sites, wherein the monitoring unit in the external device periodically updates access information managed in the whitelist DB and the blacklist DB by communicating with the management server, And the blacklist DB, the access information managed by the whitelist DB and the blacklist DB is transmitted to the server of the relevant organization through the search word, the keyword, the domain An address, an IP address, and a URL address.
A phishing and pharming prevention method according to another aspect of the present invention is a phishing and pharming prevention method comprising an agent installed in a user's computer and an external device communicating with the agent outside the user's computer to perform phishing and anti- A monitoring unit in the external device monitors whether an input through a keyboard and an input device including a mouse is input or not when the user attempts to access a specific site through the user computer, step; Analyzing the URL address or the IP address of the specific site to which the monitoring unit tries to connect with the information stored in advance in the W / L DB and B / L (Black List) DB; The monitoring unit generates a hash value of the HTML document of the currently connected specific site, compares the hash value (second hash value) with the stored hash value (first hash value) generated in advance from the HTML document of the specific site A hash value analysis step; When the connection to the harmful site is detected in at least one of the monitoring of the input device, the analysis of the address, and the analysis of the hash value, the surveillance part blocks the access to the site, the harmful site connection warning, and the harmful site list And performing at least one operation.
In the present invention, the monitoring unit periodically updates the access information managed in the W / L DB and the B / L DB by communicating with the management server, and transmits information of the false site corresponding to the actual site information to a server The W / L DB manages access information of a specific site including a financial institution and a government office, and the B / L DB accesses the access information of the harmful site And the access information managed in the whitelist DB and the blacklist DB includes at least one of a search word, a keyword, a domain address, an IP address, and a URL address, and the W / L DB and the B / L DB And is used as an authentication means using a smart card of a predetermined type for device authentication at the time of updating.
In the monitoring step, in the monitoring step, the monitoring unit may determine that there is a normal connection attempt if the user attempts to connect to the specific site through the input device, and if the user does not access the specific site It is determined that there is an abnormal connection attempt including a DDos attack. In this case, the connection request is blocked and the user is notified. If the monitoring unit is capable of periodic communication with the agent, The monitoring unit outputs a warning through the built-in alarm unit when the agent is terminated and communication is impossible, or the alarm is output through the built-in alarm unit, Or Does not transfer the input information of the output device to the user's computer it characterized in that it can not control the users' computers.
According to an aspect of the present invention, there is provided a method for controlling a malicious web site by comparing a user's actual input operation information with site access information to block access to a malicious site not intended by a user, .
BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is an exemplary diagram showing a schematic configuration of a phishing and pharming prevention system according to a first embodiment of the present invention; FIG.
FIG. 2 is an exemplary diagram showing a schematic configuration of a phishing and pharming prevention system according to a second embodiment of the present invention; FIG.
FIG. 3 is an exemplary view showing a schematic configuration of a phishing and pharming prevention system according to a third embodiment of the present invention; FIG.
4 is a flow chart for explaining a phishing and pharming prevention method according to an embodiment of the present invention;
5 is a flowchart illustrating a method of registering with a management server for updating data of a phishing and anti-pharming apparatus according to an embodiment of the present invention.
Hereinafter, an embodiment of a phishing and pharming prevention system and method according to the present invention will be described with reference to the accompanying drawings.
In this process, the thicknesses of the lines and the sizes of the components shown in the drawings may be exaggerated for clarity and convenience of explanation. In addition, the terms described below are defined in consideration of the functions of the present invention, which may vary depending on the intention or custom of the user, the operator. Therefore, definitions of these terms should be made based on the contents throughout this specification.
FIG. 1 is an exemplary view showing a schematic configuration of a phishing and pharming prevention system according to a first embodiment of the present invention.
1, the phishing and
As shown in FIG. 1, the phishing and
1, the phishing and
The
In other words, the input
The information input from the input device (e.g., a keyboard or a mousse) to the input
For reference, the IP address is an address of a server on the Internet, and is represented by four numbers separated by a period, for example, 123.45.6.78. In addition, the domain address is an address in which the IP address is replaced with an address that can be easily read by a human. For example, a domain of naver.com is replaced with an IP address of 220.95.233.172, For example, http://kin.naver.com/qna/detail.nhm?dlid=1&dirId=106&docId=162743750.
The
The
If the
The
The
In addition, the
At this time, the
Meanwhile, the
As described above, the phishing and
The above three monitoring operations will be described in more detail.
First, the first surveillance operation is performed by attempting to access a specific site (e.g., a financial institution, a government office, etc.) desired by the user through the user PC 100 (e.g., inputting a keyword through a portal site, The
Next, the second monitoring operation is to generate a hash value (first hash value) of the HTML document of the page displayed when the actual site is connected to the inside of the phishing and
The third monitoring operation is performed in such a manner that the phishing and
For example, at least one input from a mouse click input, an enter input, a keyword input, a keyword input, a URL address input, and an IP address input in the case of a normal site connection attempt according to the user's intention (or intention). If there is an attempt to access the site without inputting the input device, it can be judged that the access attempt is a malicious program (or a malicious code).
Particularly, the third monitoring operation prevents the user's
The Distributed Denial of Service attack is a malicious program capable of flooding a large number of PCs with packets. Distributed Denial of Service (DDoS) attacks are distributed and installed so that they can be transmitted to a user's request Refers to a technique that overflows a data packet for a target system (network) in a situation where there is no connection attempt (connection attempt), causing a performance degradation or system paralysis of the target system (network).
Therefore, in the present embodiment, when a user continuously sends a connection request to a specific IP even though there is no keyboard input or mouse input, a warning message is output to the user by monitoring the packet type, IP address, So that the DDoS attack can be prevented at the source.
FIG. 2 is a view showing a schematic configuration of a phishing and pharming prevention system according to a second embodiment of the present invention, and FIG. 3 shows a schematic configuration of a phishing and pharming prevention system according to a third embodiment of the present invention As an example, the apparatus for preventing phishing and pharming according to the present embodiment may be implemented in the
Therefore, the basic configuration of the phishing and anti-pharming device according to the second and third embodiments shown in Figs. 2 and 3 is not so different from that described with reference to Fig. Therefore, description of the same components will be omitted for convenience of explanation. But may not include the
In this embodiment, it is assumed that the
4 is a flowchart illustrating a method for preventing phishing and pharming according to an embodiment of the present invention.
4, when there is an access attempt (for example, an access attempt through a packet output through a communication network) of a specific site (e.g., a financial institution, a government office, or the like) (YES in S101) , An input through an input device (e.g., a keyboard, a mouse, or the like) (or a site access attempt) (S102).
Also, the
The
It should be noted that although the above three processes (S102, S103, and S104) are illustrated as being sequentially performed in series in the present embodiment, they may be performed as separate processes in parallel according to the embodiment.
Therefore, when connection to the harmful site is detected in at least one of the three processes (S102, S103, and S104), that is, when connection to the normal site is attempted in a normal manner (YES in S105) (S106).
However, if the unsuccessful attempt is made to access a site or a connection attempt is made to a harmful site (or a fake site) that is not a normal site (NO in S105), the monitoring unit 31 displays a screen (e.g., a monitor screen, a web browser screen, (S107) at least one of outputting an alarm window (for example, an alert window indicating that the user has accessed the harmful site), disconnecting the connection, reporting to an affiliated institution, or registering with a B / L.
Meanwhile, as described above, the anti-phishing and anti-pharming apparatus according to the present embodiment stores white lists (W / L) and black list (B / L) data for URL inquiry and analysis in a DB, 430 and performs an update on the data (W / L, B / L). At this time, a symmetric encryption algorithm AES (Advanced Encryption Standard Algorithm) and a public key algorithm elliptic curve cryptography can be used to securely update the data (W / L, B / L).
5 is a flowchart illustrating a method of registering with a management server for updating data of a phishing and pharming prevention apparatus according to an embodiment of the present invention.
5, the
The
Accordingly, the device 300 (actually, the monitoring unit of the device) decrypts the digital signature of the server using the secret key of the device and stores it therein (S205).
The
Although not shown in the drawing, when the device is registered in the
As described above, the
As described above, this embodiment compares the actual input operation information of the user for the site connection with the site access information, thereby blocking the connection of the harmful site that the user does not intend to allow the user computer to control by malicious programs such as phishing and pharming And also prevents the user's PC from being used in a distributed denial of service (DDoS) attack.
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed embodiments, but, on the contrary, I will understand the point. Accordingly, the technical scope of the present invention should be defined by the following claims.
100: user PC 110: web browser
120: Agent 130: keyboard port
140: mouse port 200: router
300: Phishing and pharming prevention apparatus 310: Monitoring section
311: hash value generating unit 312: hash value comparing unit
313: URL inquiry analyzing unit 314: B / L registration unit
315: input device monitoring section 316: keyboard port
317: Mouse port 320: W / L DB
330: B / L DB 410: financial institution site
420: KISA site 430: management server
Claims (10)
And an external device communicating with the agent outside the user computer to perform phishing and anti-pharming operations,
The agent generates a hash value using an HTML document of a specific site displayed through a web browser of the user computer and transmits the generated hash value to the external device, On the screen,
The external device monitors whether the connection attempt is a normal site connection attempt intended by the user and whether the site connected by the site connection attempt is a normal site or a harmful site when the user attempts to access the site through the user computer And performs at least one of a site access blocking, a harmful site access warning, and a harmful site list registration based on the monitoring result,
Wherein the external device includes an input device monitoring unit for monitoring an input operation through an input device including a keyboard and a mouse to determine whether a site connection attempt is a normal site connection attempt intended by the user; And a monitoring unit operating as a control unit,
Wherein,
A DDoS (Distributed Denial of Service) attack is detected if there is an attempt to connect to a specific site through the input device, and if there is an attempt to access the specific site without going through the input device And the user is notified of the connection request and informs the user of the connection request.
At least one computer may be connected to a front end or a rear end of a router that shares one Internet line and is capable of accessing the Internet at the same time, or may be additionally provided inside the router so as to perform functions of the router at the same time Wherein the phishing and pharming prevention system comprises:
Wherein the information input through the input device is monitored while simultaneously transmitting the input information to a keyboard port and a mouse port of the user computer.
A hash value generation unit that generates a hash value (first hash value) using an HTML document of a specific site including a financial institution and a government office;
A hash value comparing unit for comparing a hash value generated by the hash value generating unit with a hash value (second hash value) generated from an HTML document of a site currently accessed through the agent of the user's computer;
A URL inquiry analyzer for inquiring and analyzing whether the URL address of the site to which the connection is attempted is a normal site address or a harmful site address; And
And a blacklist registering unit for registering the harmful site information in the blacklist DB when the connected specific site is a harmful site.
Communicating with the agent at a predetermined period to monitor whether the agent is forcibly terminated,
If the agent is forcibly terminated, the monitoring unit outputs a warning by itself through built-in alarm means or controls the user's computer by not transmitting input information of an input device including a keyboard and a mouse to the user computer Phishing and anti-pharming system.
A whitelist DB for managing access information of a specific site including financial institutions and government offices; And a blacklist DB for managing access information of the harmful sites,
The monitoring unit in the external device communicates with the management server to periodically update the access information managed in the whitelist DB and the blacklist DB, and communicates the information of the false site corresponding to the actual site information to the server of the related organization, Request the blacklist DB to block access to the site registered in the blacklist DB,
The access information managed in the white list DB and the black list DB is,
A search keyword, a keyword, a domain address, an IP address, and a URL address.
An input device monitoring step of monitoring, when there is an attempt to access a specific site through the user computer, whether the monitoring part in the external device has input through an input device including a keyboard and a mouse;
Analyzing the URL address or the IP address of the specific site to which the monitoring unit tries to connect with the information stored in advance in the W / L DB and B / L (Black List) DB;
The monitoring unit generates a hash value of the HTML document of the currently connected specific site, compares the hash value (second hash value) with the stored hash value (first hash value) generated in advance from the HTML document of the specific site A hash value analysis step; And
When the connection to the harmful site is detected in at least one of the monitoring of the input device, the analysis of the address, and the analysis of the hash value, the surveillance part blocks the access to the site, the harmful site connection warning, and the harmful site list And performing at least one of the steps of: < RTI ID = 0.0 > - < / RTI >
Communicates with the management server to periodically update the access information managed in the W / L DB and the B / L DB, and communicates information of the fake site corresponding to the actual site information to the server of the related institution, Request to block access to the site,
The W / L DB manages access information of a specific site including a financial institution and a government office. The B / L DB manages access information of a harmful site,
The access information managed in the whitelist DB and the blacklist DB includes at least one of a search word, a keyword, a domain address, an IP address, and a URL address,
Wherein the smart card is used as an authentication means using a smart card of a predetermined type for device authentication when updating the W / L DB and the B / L DB.
In the monitoring step, the monitoring unit determines that there is a normal access attempt if the user attempts to access the specific site through the input device, and if there is an access attempt for the specific site access without going through the input device It is determined that there is an abnormal connection attempt including the DDos attack. In this case, the connection request is blocked and the user is notified,
The monitoring unit monitors the information input through the input device when the periodic communication with the agent is possible, while simultaneously transmitting the input information to the keyboard port and the mouse port of the user computer,
The monitoring unit may output a warning by itself through the built-in alarm unit when the agent is terminated due to the termination of the agent, or may not transmit the input information of the input apparatus to the user computer, Characterized in that the phishing and pharming prevention methods are provided.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020160073349A KR101663935B1 (en) | 2016-06-13 | 2016-06-13 | System and method for protecting against phishing and pharming |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020160073349A KR101663935B1 (en) | 2016-06-13 | 2016-06-13 | System and method for protecting against phishing and pharming |
Publications (1)
Publication Number | Publication Date |
---|---|
KR101663935B1 true KR101663935B1 (en) | 2016-10-07 |
Family
ID=57145401
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020160073349A KR101663935B1 (en) | 2016-06-13 | 2016-06-13 | System and method for protecting against phishing and pharming |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101663935B1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114844678A (en) * | 2022-04-07 | 2022-08-02 | 南京邮电大学 | Browser security query method based on privacy protection |
WO2024049148A1 (en) * | 2022-09-01 | 2024-03-07 | 숭실대학교 산학협력단 | Phishing attack prevention method, and recording media and devices for performing same |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20090053426A (en) * | 2007-11-23 | 2009-05-27 | 주식회사 가자아이 | Method and system for for blocking harmful internet site |
KR100912794B1 (en) * | 2008-11-18 | 2009-08-18 | 주식회사 나우콤 | Web hacking management system and manegement method thereof for real time web server hacking analysis and homepage hacking search |
KR20160027842A (en) * | 2014-09-02 | 2016-03-10 | 주식회사 케이티 | Method for detecting harmful dns and spoofing site, and security system thereof |
-
2016
- 2016-06-13 KR KR1020160073349A patent/KR101663935B1/en active IP Right Grant
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20090053426A (en) * | 2007-11-23 | 2009-05-27 | 주식회사 가자아이 | Method and system for for blocking harmful internet site |
KR100912794B1 (en) * | 2008-11-18 | 2009-08-18 | 주식회사 나우콤 | Web hacking management system and manegement method thereof for real time web server hacking analysis and homepage hacking search |
KR20160027842A (en) * | 2014-09-02 | 2016-03-10 | 주식회사 케이티 | Method for detecting harmful dns and spoofing site, and security system thereof |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114844678A (en) * | 2022-04-07 | 2022-08-02 | 南京邮电大学 | Browser security query method based on privacy protection |
WO2024049148A1 (en) * | 2022-09-01 | 2024-03-07 | 숭실대학교 산학협력단 | Phishing attack prevention method, and recording media and devices for performing same |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10841334B2 (en) | Secure notification on networked devices | |
US11310190B2 (en) | Network anti-tampering system | |
US9979726B2 (en) | System and method for web application security | |
US8661252B2 (en) | Secure network address provisioning | |
US20160036849A1 (en) | Method, Apparatus and System for Detecting and Disabling Computer Disruptive Technologies | |
US20140020067A1 (en) | Apparatus and method for controlling traffic based on captcha | |
KR100835820B1 (en) | Total internet security system and method the same | |
Biju et al. | Cyber attacks and its different types | |
US20100031041A1 (en) | Method and system for securing internet communication from hacking attacks | |
EP3367629B1 (en) | Electronic device verification | |
KR20080020584A (en) | Intelligent network interface controller | |
EP2203860A2 (en) | System and method for detecting security defects in applications | |
US20210112093A1 (en) | Measuring address resolution protocol spoofing success | |
KR101663935B1 (en) | System and method for protecting against phishing and pharming | |
US20150172310A1 (en) | Method and system to identify key logging activities | |
KR101494329B1 (en) | System and Method for detecting malignant process | |
Tsow | Phishing with Consumer Electronics-Malicious Home Routers. | |
Wozak et al. | End-to-end security in telemedical networks–a practical guideline | |
KR20190083498A (en) | packet filtering system for preventing DDoS attack | |
Orucho et al. | Security threats affecting user-data on transit in mobile banking applications: A review | |
KR101639428B1 (en) | System for uni direction protocol control on board | |
Bilski | New challenges in network security | |
Selvaraj et al. | Security Vulnerabilities, Threats, and Attacks in IoT and Big Data: Challenges and Solutions | |
Uddholm | Anonymous Javascript Cryptography and CoverTraffic in Whistleblowing Applications | |
Prabhu et al. | Safeguarding Information Systems: An Analysis of Security Flaws, Attacks, and Techniques |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
E902 | Notification of reason for refusal | ||
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant | ||
FPAY | Annual fee payment |
Payment date: 20190926 Year of fee payment: 4 |