WO2024063512A1 - Infringement accident determination system using virtual identification information, method thereof, and computer program therefor - Google Patents

Infringement accident determination system using virtual identification information, method thereof, and computer program therefor Download PDF

Info

Publication number
WO2024063512A1
WO2024063512A1 PCT/KR2023/014185 KR2023014185W WO2024063512A1 WO 2024063512 A1 WO2024063512 A1 WO 2024063512A1 KR 2023014185 W KR2023014185 W KR 2023014185W WO 2024063512 A1 WO2024063512 A1 WO 2024063512A1
Authority
WO
WIPO (PCT)
Prior art keywords
server device
infringement
server
created
identification information
Prior art date
Application number
PCT/KR2023/014185
Other languages
French (fr)
Korean (ko)
Inventor
김휘영
Original Assignee
김휘영
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 김휘영 filed Critical 김휘영
Publication of WO2024063512A1 publication Critical patent/WO2024063512A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Definitions

  • the present invention relates to a system and method for determining infringement incidents using virtual identification information, and a computer program therefor. More specifically, it relates to a system and method for determining infringement incidents using virtual identification information that can search for websites where personal information has been leaked using a virtual ID and password, and a computer program therefor.
  • Patent Document 0001 Registered Patent Publication No. 10-0320119
  • the purpose of the present invention is to provide a system and method for determining an infringement incident using virtual identification information that enables rapid response in the event of an infringement incident in which personal information is leaked, and a computer program for the same.
  • the above object is a server device for operating at least one of a website and an application, comprising: a plurality of first server devices having a database storing member information including an ID and a password; Creating and storing a virtual ID and password that are not included in the member information of one of the first server devices, and storing the generated ID and password as member information in a database of another first server device, Infringement accident using virtual identification information, including a second server device that determines that an infringement occurred in the first server device when it is determined that the user has logged in with the created ID in another first server device. This is achieved by a judgment system.
  • the second server device uses at least one of the individual first server devices and the first server devices grouped by preset categories as a node, and stores the nodes and links connecting the nodes in a graph-type database. It can be saved as .
  • the second server device connects the first server device where the virtual ID was first created and stored with the first server device that attempted to log in with the created ID, and the infringement occurs at the same first server device. If it is determined that an accident has occurred again, a search may be performed for the first server device in the order of the connected nodes.
  • the second server device stores the Mac address, IP address, and connection time of the user terminal that attempted to log in with the generated ID, and provides blocking information for blocking network access of the stored Mac address to the plurality of first servers. It can be transmitted to the device.
  • the second server device may request additional authentication for login when it detects that there is another attempt to log in from the user terminal that attempted to log in with the created ID.
  • the second server device is a server device for operating at least one of a website and an application, and has a database storing member information including ID and password. Creating a virtual ID and password that are not included; The second server device storing the generated ID and password as member information in a database of another first server device; And if it is determined that the other first server device has logged in with the generated ID, a step of determining, by the second server device, that an infringement incident has occurred in the first server device.
  • the above purpose is also achieved by the infringement incident determination method of the infringement incident determination system using information.
  • the second server device uses at least one of the individual first server devices and first server devices grouped by preset categories as a node, and stores the nodes and the links connecting the nodes in a database in the form of a graph. Additional steps may be included.
  • the second server device connects the first server device where the virtual ID was first created and stored with the first server device that attempted to log in with the created ID, and the second server device connects the first server device that attempted to log in with the created ID, and detects the infringement at the same first server device. If it is determined that has occurred again, the method may further include performing a search for the first server device in the order of the connected nodes.
  • the second server device storing, by the second server device, the Mac address, IP address, and access time of the user terminal that attempted to log in with the generated ID; and transmitting, by the second server device, blocking information for blocking network access of the stored MAC address to the plurality of first server devices.
  • the second server device may further include requesting additional authentication for login when it is detected that there is another attempt to log in from the user terminal that attempted to log in with the generated ID.
  • FIG. 1 is a block diagram showing the configuration of an infringement incident determination system according to an embodiment of the present invention
  • Figure 2 is a diagram for explaining the operation of the infringement incident determination system according to an embodiment of the present invention.
  • Figure 3 is a flowchart illustrating a method for determining an infringement incident in an infringement incident determination system according to an embodiment of the present invention.
  • Figure 1 is a diagram showing the configuration of an infringement incident determination system according to an embodiment of the present invention.
  • the infringement incident determination system according to an embodiment of the present invention includes a user terminal (C), a plurality of first server devices (1a, 1b, ..., 1n), and a second server device ( 2) Includes.
  • the first server device 1 is a server device for operating at least one of a website and an application, and has a database storing member information including ID and password.
  • the infringement incident determination system according to the present invention can classify and group the first server device 1 into preset categories for quick determination of infringement incidents, and the classified categories can be changed.
  • the second server device 2 generates and stores a virtual ID and password that are not included in the membership information of any one first server device 1a, and sends the generated virtual ID and password to another first server device 1a. It is stored as membership information in the database of (1b, ..., 1n), and if it is determined that the user has logged in with a virtual ID created on the user terminal (C) connected to another first server device (1b, ..., 1n), It is determined that an infringement incident occurred in the first server device 1a.
  • the second server device 2 generates a virtual ID and password that does not exist in any first server device 1a and connects it to at least one other first server other than the first server device 1a.
  • the first It can be determined that an infringement occurred in the first server device (1a) that created and registered the virtual ID.
  • the server device storing the personal information subject to the infringement incident is referred to as the first server device 1a
  • the server device connected to the user terminal C that attempted to log in using the leaked personal information is referred to as the first server device.
  • the second server device 2 is preferably operated in the form of a CCS (Computing and Communication Services) server.
  • the CCS method refers to an endpoint of the XMPP (Extensible Messaging And Presence Protocol) method that maintains a continuous connection with the server and performs asynchronous two-way communication. This allows you to easily monitor whether personal information infringement has occurred.
  • XMPP Extensible Messaging And Presence Protocol
  • the communication method between the user terminal (C) and the first server device (1) and between the first server device (1) and the second server device (2) and the user terminal (C) according to the present invention is wired and/ Alternatively, it may include all communication methods that enable object-to-object networking through a wireless network, and is not limited to wired communication, wireless communication, 3G, 4G, 5G, or other methods.
  • the wired and/or wireless network between the user terminal (C) and the first server device (1) and between the first server device (1) and the second server device (2) is a Local Area Network (LAN). ), MAN (Metropolitan Area Network), GSM (Global System for Mobile Network), EDGE (Enhanced Data GSM Environment), HSDPA (High Speed Downlink Packet Access), W-CDMA (Wideband Code Division Multiple Access), CDMA (Code Division) Multiple Access), TDMA (Time Division Multiple Access), Bluetooth, Zigbee, Wi-Fi, VoIP (Voice over Internet Protocol), LTE Advanced, IEEE802.16m, WirelessMAN-Advanced, HSPA+, 3GPP Long Term Evolution(LTE), Mobile WiMAX (IEEE 802.16e), UMB (formerly EV-DO Rev.
  • LAN Local Area Network
  • MAN Metropolitan Area Network
  • GSM Global System for Mobile Network
  • EDGE Enhanced Data GSM Environment
  • HSDPA High Speed Downlink Packet Access
  • W-CDMA Wideband Code Division Multiple Access
  • Flash-OFDM Flash-OFDM
  • iBurst and MBWA (IEEE 802.20) systems Flash-OFDM
  • iBurst and MBWA (IEEE 802.20) systems HIPERMAN
  • Beam-Division Multiple Access It may refer to a communication network using one or more communication methods selected from the group consisting of BDMA), Wi-MAX (World Interoperability for Microwave Access), and ultrasonic communication, but is not limited thereto.
  • the second server device (2) uses each of the plurality of first server devices (1) as nodes to easily determine the infringement incident, and establishes a connection between the nodes. You can connect it with a link and save it as a database in the form of a graph.
  • the second server device 2 connects the first server device 1a, where the virtual ID was first created and stored, with the first server device 1b, which attempted to log in with the created ID, thereby If it is determined that an infringement incident has occurred again on the site of the server device (1a), it is possible to quickly check which first server device (1b) attempted to log in using the above graph database.
  • the first server device 1a there may be only one first server device 1 stored as a node, or it is also possible for a plurality of grouped first server devices 1 to be stored as one node.
  • the second server device (2) stores the Mac address, IP address, and connection time of the user terminal (C) connected to the first server device (1b) that attempted to log in with the created ID. And, blocking information for blocking network access of the stored MAC address can be transmitted to a plurality of first server devices 1. As a result, it is possible to prevent the same infringement incident from occurring again by a user attempting to infringe on personal information.
  • the second server device 2 may request additional authentication for login when it detects that there is another attempt to log in from the user terminal C that attempted to log in with the created ID. there is.
  • the second server device (2) compares the login time in the first server device (1a) using the generated ID and password with the login time in the other first server device (1b), and determines the time point. As the difference increases, the number of searchable first server devices 1 and/or the number of categories to which the first server device 1 belongs can be expanded.
  • the infringement incident determination system first includes a plurality of first server devices in which the second server device 2 has a database storing member information including IDs and passwords. Create a virtual ID and password that are not included in the member information of any one of (1a, ..., 1n) (1a) (S10).
  • the second server device 2 stores the generated ID and password as member information in the database of the other first server device 1 (S20).
  • the second server device (2) determines that an infringement incident has occurred in the first server device (1a) (S30).
  • the second server device (2) can easily determine which site of the server device (1) the infringement occurred by checking which ID was logged in, making it possible to respond quickly in the event of an infringement that results in personal information being leaked. .
  • the infringement incident determination method of the infringement incident determination system using virtual identification information is that the second server device 2 is divided into individual first server devices 1 and preset categories.
  • the method may further include setting at least one of the grouped first server devices 1 as a node and storing the node and the links connecting the nodes as a database in the form of a graph.
  • the second server device (2) uses the first server device (1a), where the virtual ID was first created and stored, and the first server device (1b), which attempted to log in with the created ID, as each node.
  • a step of connecting in a graph form and performing a search for the first server device 1 in the order of connected nodes may be further included if it is determined that an infringement incident has occurred again in the same first server device.
  • the second server device 2 matches and stores the number of login attempts with the first server device 1b that attempted to log in, and it is also possible to connect the first server device in the order of the number of attempts.
  • the infringement incident determination method of the infringement incident determination system using virtual identification information is that the second server device (2) uses the user terminal (C) that attempted to log in with the ID created in step S10.
  • the operation of the infringement incident determination method according to the embodiments described above may be at least partially implemented as a computer program and recorded on a computer-readable recording medium.
  • a computer-readable recording medium on which a program for implementing the operation of the infringement incident determination method of the infringement incident determination system using virtual identification information according to the embodiments is recorded is any computer-readable recording medium in which data that can be read by a computer is stored. Includes various types of recording devices. Examples of computer-readable recording media include ROM, RAM, CD-ROM, magnetic tape, floppy disk, and optical data storage devices. Additionally, computer-readable recording media may be distributed across computer systems connected to a network, and computer-readable codes may be stored and executed in a distributed manner. Additionally, functional programs, codes, and code segments for implementing this embodiment can be easily understood by those skilled in the art to which this embodiment belongs.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The present invention relates to an infringement accident determination system using virtual identification information, a method thereof, and a computer program therefor. The infringement accident determination system using virtual identification information according to the present invention comprises: a plurality of first server devices for operating at least one of a web site or an application, each of the first server devices having a database in which subscriber information including IDs and passwords is stored; and a second server device that generates and stores virtual IDs and passwords not included in the subscriber information in one of the first server devices, stores the generated IDs and passwords in the database of another one of first server devices, and determines that an infringement accident has occurred in the first server device if a log-in from the other first server device using the generated ID is determined to have occurred. Accordingly, it is possible to quickly handle an infringement accident in which personal information is leaked.

Description

가상의 식별정보를 이용한 침해사고 판단 시스템 및 그 방법과 이를 위한 컴퓨터 프로그램Infringement incident determination system and method using virtual identification information, and computer program therefor
본 발명은 가상의 식별정보를 이용한 침해사고 판단 시스템 및 그 방법과 이를 위한 컴퓨터 프로그램에 관한 것이다. 보다 상세하게는, 가상의 아이디와 패스워드를 이용하여 개인정보가 유출된 웹사이트를 검색할 수 있는 가상의 식별정보를 이용한 침해사고 판단 시스템 및 그 방법과 이를 위한 컴퓨터 프로그램에 관한 것이다.The present invention relates to a system and method for determining infringement incidents using virtual identification information, and a computer program therefor. More specifically, it relates to a system and method for determining infringement incidents using virtual identification information that can search for websites where personal information has been leaked using a virtual ID and password, and a computer program therefor.
하드웨어와 네트워크 관련 기술의 발달에 따라 장치 간에 전송되는 정보의 종류와 양이 급격하게 증가하고 있으며, 온라인을 이용한 전자상거래를 위한 거래형태와 거래량도 크게 증가하고 있다.With the development of hardware and network-related technologies, the type and amount of information transmitted between devices is rapidly increasing, and transaction types and transaction volumes for online e-commerce are also increasing significantly.
그런데 이와 같이 정보가 송수신되거나 온라인 상에서 금융거래가 이루어지는 과정에서 개인 정보가 외부로 유출되는 사고가 빈번하게 발생되고 있다.However, accidents in which personal information is leaked to the outside occur frequently during the process of sending and receiving information or making financial transactions online.
이를 위해 다양한 정보 보호 방법이 개발되었지만, 정보를 탈취하기 위한 사이버 공격의 종류 역시 다양해지고 있으며, 이 중에서도 사용자의 계정을 탈취하여 공격하는 유형 중의 하나로서 어느 한 곳에서 유출된 로그인 정보를 다른 웹사이트나 애플리케이션에 무작위로 대입하여 타인의 정보를 유출하는 크리덴셜 스터핑(Credential Stuffing)은 쉬운 공격방법이지만 치명적인 피해가 야기되는 문제가 있다.For this purpose, various information protection methods have been developed, but the types of cyber attacks to steal information are also becoming more diverse. Among these, one type of attack is to steal user accounts and transfer login information leaked from one place to another website. Credential stuffing, which leaks someone else's information by randomly entering an application, is an easy attack method, but it has the problem of causing fatal damage.
[선행기술문헌] [Prior art literature]
[특허문헌] [Patent Document]
(특허문헌 0001) 등록특허공보 제10-0320119호(Patent Document 0001) Registered Patent Publication No. 10-0320119
따라서 본 발명은 개인정보가 유출되는 침해사고 발생시 신속한 대응이 가능한 가상의 식별정보를 이용한 침해사고 판단 시스템 및 그 방법과 이를 위한 컴퓨터 프로그램을 제공하는 것을 목적으로 한다.Therefore, the purpose of the present invention is to provide a system and method for determining an infringement incident using virtual identification information that enables rapid response in the event of an infringement incident in which personal information is leaked, and a computer program for the same.
상기 목적은, 웹사이트와 애플리케이션 중 적어도 어느 하나의 운영을 위한 서버 장치로서, 아이디와 패스워드를 포함하는 회원정보가 저장된 데이터베이스를 가지는 복수 개의 제1 서버 장치와; 어느 하나의 상기 제1 서버 장치의 상기 회원정보에 포함되어 있지 않은 가상의 아이디와 패스워드를 생성하여 저장하고, 상기 생성된 아이디와 패스워드를 다른 제1 서버 장치의 데이터베이스에 회원정보로 저장하며, 상기 다른 제1 서버 장치에서 상기 생성된 아이디로 로그인된 것으로 판단되는 경우, 상기 제1 서버 장치에서 침해사고가 발생한 것으로 판단하는 제2 서버 장치를 포함하는 것을 특징으로 하는 가상의 식별정보를 이용한 침해사고 판단 시스템에 의해 달성된다.The above object is a server device for operating at least one of a website and an application, comprising: a plurality of first server devices having a database storing member information including an ID and a password; Creating and storing a virtual ID and password that are not included in the member information of one of the first server devices, and storing the generated ID and password as member information in a database of another first server device, Infringement accident using virtual identification information, including a second server device that determines that an infringement occurred in the first server device when it is determined that the user has logged in with the created ID in another first server device. This is achieved by a judgment system.
상기 제2 서버 장치는, 개별의 상기 제1 서버 장치와, 기설정된 카테고리별로 그룹화된 상기 제1 서버 장치 중 적어도 어느 하나를 노드로 하고, 상기 노드 및 상기 노드를 연결하는 링크를 그래프 형태의 데이터베이스로 저장할 수 있다.The second server device uses at least one of the individual first server devices and the first server devices grouped by preset categories as a node, and stores the nodes and links connecting the nodes in a graph-type database. It can be saved as .
상기 제2 서버 장치는, 상기 침해사고가 발생한 경우 가상의 아이디가 최초로 생성되어 저장된 제1 서버 장치와 생성된 아이디로 로그인을 시도한 제1 서버 장치를 연결하고, 동일한 상기 제1 서버 장치에서 상기 침해사고가 다시 발생한 것으로 판단되는 경우 상기 연결된 노드 순서대로 상기 제1 서버 장치에 대해 탐색을 수행할 수 있다.When the infringement incident occurs, the second server device connects the first server device where the virtual ID was first created and stored with the first server device that attempted to log in with the created ID, and the infringement occurs at the same first server device. If it is determined that an accident has occurred again, a search may be performed for the first server device in the order of the connected nodes.
상기 제2 서버 장치는, 상기 생성된 아이디로 로그인을 시도한 사용자 단말의 맥어드레스와 IP주소 및 접속시간을 저장하고, 상기 저장된 맥어드레스의 네트워크 접속을 차단을 위한 차단정보를 상기 복수 개의 제1 서버 장치로 전송할 수 있다.The second server device stores the Mac address, IP address, and connection time of the user terminal that attempted to log in with the generated ID, and provides blocking information for blocking network access of the stored Mac address to the plurality of first servers. It can be transmitted to the device.
상기 제2 서버 장치는, 상기 생성된 아이디로 로그인을 시도한 사용자 단말에서 로그인을 위한 다른 시도가 있는 것으로 감지되는 경우, 로그인을 위한 추가 인증을 요청할 수 있다.The second server device may request additional authentication for login when it detects that there is another attempt to log in from the user terminal that attempted to log in with the created ID.
한편, 제2 서버 장치가 웹사이트와 애플리케이션 중 적어도 어느 하나의 운영을 위한 서버 장치로서, 아이디와 패스워드를 포함하는 회원정보가 저장된 데이터베이스를 가지는 복수 개의 제1 서버 장치 중 어느 하나의 상기 회원정보에 포함되어 있지 않은 가상의 아이디와 패스워드를 생성하는 단계; 상기 제2 서버 장치가 상기 생성된 아이디와 패스워드를 다른 제1 서버 장치의 데이터베이스에 회원정보로 저장하는 단계; 및 상기 다른 제1 서버 장치에서 상기 생성된 아이디로 로그인된 것으로 판단되는 경우, 상기 제2 서버 장치가 상기 제1 서버 장치에서 침해사고가 발생한 것으로 판단하는 단계를 포함하는 것을 특징으로 하는 가상의 식별정보를 이용한 침해사고 판단 시스템의 침해 사고 판단 방법에 의해서도 상기 목적은 달성된다.Meanwhile, the second server device is a server device for operating at least one of a website and an application, and has a database storing member information including ID and password. Creating a virtual ID and password that are not included; The second server device storing the generated ID and password as member information in a database of another first server device; And if it is determined that the other first server device has logged in with the generated ID, a step of determining, by the second server device, that an infringement incident has occurred in the first server device. The above purpose is also achieved by the infringement incident determination method of the infringement incident determination system using information.
상기 제2 서버 장치가 개별의 상기 제1 서버 장치와, 기설정된 카테고리별로 그룹화된 제1 서버 장치 중 적어도 어느 하나를 노드로 하고, 상기 노드 및 상기 노드를 연결하는 링크를 그래프 형태의 데이터베이스로 저장하는 단계를 더 포함할 수 있다.The second server device uses at least one of the individual first server devices and first server devices grouped by preset categories as a node, and stores the nodes and the links connecting the nodes in a database in the form of a graph. Additional steps may be included.
상기 제2 서버 장치는 상기 침해사고가 발생한 경우 가상의 아이디가 최초로 생성되어 저장된 제1 서버 장치와 생성된 아이디로 로그인을 시도한 제1 서버 장치를 연결하고, 동일한 상기 제1 서버 장치에서 상기 침해사고가 다시 발생한 것으로 판단되는 경우 상기 연결된 노드 순서대로 상기 제1 서버 장치에 대해 탐색을 수행하는 단계를 더 포함할 수 있다.When the infringement occurs, the second server device connects the first server device where the virtual ID was first created and stored with the first server device that attempted to log in with the created ID, and the second server device connects the first server device that attempted to log in with the created ID, and detects the infringement at the same first server device. If it is determined that has occurred again, the method may further include performing a search for the first server device in the order of the connected nodes.
상기 제2 서버 장치가 상기 생성된 아이디로 로그인을 시도한 사용자 단말의 맥어드레스와 IP주소 및 접속시간을 저장하는 단계; 및 상기 제2 서버 장치가 상기 저장된 맥어드레스의 네트워크 접속을 차단을 위한 차단정보를 상기 복수 개의 제1 서버 장치로 전송하는 단계를 더 포함할 수 있다.storing, by the second server device, the Mac address, IP address, and access time of the user terminal that attempted to log in with the generated ID; and transmitting, by the second server device, blocking information for blocking network access of the stored MAC address to the plurality of first server devices.
상기 제2 서버 장치는, 상기 생성된 아이디로 로그인을 시도한 사용자 단말에서 로그인을 위한 다른 시도가 있는 것으로 감지되는 경우, 로그인을 위한 추가 인증을 요청하는 단계를 더 포함할 수 있다.The second server device may further include requesting additional authentication for login when it is detected that there is another attempt to log in from the user terminal that attempted to log in with the generated ID.
본 발명에 따른 가상의 식별정보를 이용한 침해사고 판단 시스템 및 그 방법과 이를 위한 컴퓨터 프로그램에 의하면, 개인정보가 유출되는 침해사고 발생시 신속한 대응이 가능하다.According to the infringement accident determination system and method using virtual identification information according to the present invention, and the computer program for the same, rapid response is possible in the event of an infringement accident in which personal information is leaked.
도 1은 본 발명의 일실시예에 따른 침해사고 판단 시스템의 구성을 도시한 블록도이며,1 is a block diagram showing the configuration of an infringement incident determination system according to an embodiment of the present invention;
도 2는 본 발명의 일실시예에 따른 침해사고 판단 시스템의 동작을 설명하기 위한 도면이며,Figure 2 is a diagram for explaining the operation of the infringement incident determination system according to an embodiment of the present invention;
도 3은 본 발명의 일실시예에 따른 침해사고 판단 시스템의 침해사고 판단 방법을 도시한 흐름도이다.Figure 3 is a flowchart illustrating a method for determining an infringement incident in an infringement incident determination system according to an embodiment of the present invention.
이하, 첨부된 도면을 참조하여 본 발명의 실시예들에 따른 가상의 식별정보를 이용한 침해사고 판단 시스템 및 그 방법과 이를 위한 컴퓨터 프로그램에 대해 상세하게 설명한다.Hereinafter, with reference to the attached drawings, a system and method for determining an infringement accident using virtual identification information according to embodiments of the present invention and a computer program therefor will be described in detail.
도 1은 본 발명의 일실시예에 따른 침해사고 판단 시스템의 구성을 도시한 도면이다. 도 1에 도시된 바와 같이, 본 발명의 일실시예에 따른 침해사고 판단 시스템은 사용자 단말(C)과, 복수의 제1 서버 장치(1a, 1b, …, 1n)와, 제2 서버 장치(2)를 포함한다.Figure 1 is a diagram showing the configuration of an infringement incident determination system according to an embodiment of the present invention. As shown in Figure 1, the infringement incident determination system according to an embodiment of the present invention includes a user terminal (C), a plurality of first server devices (1a, 1b, ..., 1n), and a second server device ( 2) Includes.
제1 서버 장치(1)는 웹사이트와 애플리케이션 중 적어도 어느 하나의 운영을 위한 서버 장치로서, 아이디와 패스워드를 포함하는 회원정보가 저장된 데이터베이스를 가진다. 본 발명에 따른 침해사고 판단 시스템은 신속한 침해사고의 판단을 위해 제1 서버 장치(1)를 기설정된 카테고리에 의해 분류하여 그룹화할 수 있으며, 분류된 카테고리는 변경될 수 있다.The first server device 1 is a server device for operating at least one of a website and an application, and has a database storing member information including ID and password. The infringement incident determination system according to the present invention can classify and group the first server device 1 into preset categories for quick determination of infringement incidents, and the classified categories can be changed.
제2 서버 장치(2)는 어느 하나의 제1 서버 장치(1a)의 회원정보에 포함되어 있지 않은 가상의 아이디와 패스워드를 생성하여 저장하고, 생성된 가상의 아이디와 패스워드를 다른 제1 서버 장치(1b, …, 1n)의 데이터베이스에 회원정보로 저장하며, 다른 제1 서버 장치(1b, …, 1n)에 접속한 사용자 단말(C)에서 생성된 가상의 아이디로 로그인된 것으로 판단되는 경우, 제1 서버 장치(1a)에서 침해사고가 발생한 것으로 판단한다.The second server device 2 generates and stores a virtual ID and password that are not included in the membership information of any one first server device 1a, and sends the generated virtual ID and password to another first server device 1a. It is stored as membership information in the database of (1b, ..., 1n), and if it is determined that the user has logged in with a virtual ID created on the user terminal (C) connected to another first server device (1b, ..., 1n), It is determined that an infringement incident occurred in the first server device 1a.
즉, 본 발명에 따른 제2 서버 장치(2)는 어느 제1 서버 장치(1a)에 존재하지 않는 가상의 아이디와 패스워드를 생성하여 제1 서버 장치(1a)가 아닌 적어도 하나의 다른 제1 서버 장치(1b, …, 1n)의 데이터베이스에 등록하고, 개인정보의 침해에 의해 제1 서버 장치(1b, …, 1n)에 접속한 사용자 단말(C)에서 가상의 아이디로 로그인이 이루어지는 경우 처음으로 가상의 아이디를 생성하여 등록한 제1 서버 장치(1a)에서 침해사고가 있었던 것으로 판단할 수 있다.That is, the second server device 2 according to the present invention generates a virtual ID and password that does not exist in any first server device 1a and connects it to at least one other first server other than the first server device 1a. When registering in the database of the device (1b, ..., 1n) and logging in with a virtual ID from the user terminal (C) connected to the first server device (1b, ..., 1n) due to an infringement of personal information, the first It can be determined that an infringement occurred in the first server device (1a) that created and registered the virtual ID.
이하에서는, 침해사고의 대상이 되는 개인정보가 저장된 서버 장치를 제1 서버 장치(1a)로, 유출된 개인정보를 이용하여 로그인을 시도한 사용자 단말(C)이 접속한 서버 장치를 제1 서버 장치(1b)로 하여 본 발명의 실시예에 대해 설명하기로 한다.Hereinafter, the server device storing the personal information subject to the infringement incident is referred to as the first server device 1a, and the server device connected to the user terminal C that attempted to log in using the leaked personal information is referred to as the first server device. Let us describe an embodiment of the present invention in (1b).
여기서 본 발명의 일실시예에 따른 제2 서버 장치(2)는 CCS(Computing and Communication Services) 서버 형태로 운영되는 것이 바람직하다. CCS 방식은 서버와 지속적인 커넥션을 유지하며 비동기 양방향 통신을 하는 XMPP(Extensible Messaging And Presence Protocol) 방식의 엔드포인트를 의미하며, 이에 의해 개인정보의 침해 발생여부를 손쉽게 모니터링할 수 있다.Here, the second server device 2 according to an embodiment of the present invention is preferably operated in the form of a CCS (Computing and Communication Services) server. The CCS method refers to an endpoint of the XMPP (Extensible Messaging And Presence Protocol) method that maintains a continuous connection with the server and performs asynchronous two-way communication. This allows you to easily monitor whether personal information infringement has occurred.
본 발명에 따른 사용자 단말(C)과, 제1 서버 장치(1) 사이, 그리고 제1 서버 장치(1)와 제2 서버 장치(2) 및 사용자 단말(C) 사이의 통신 방법은 유선 및/또는 무선 네트워크를 통하여 객체와 객체가 네트워킹 할 수 있는 모든 통신 방법을 포함할 수 있으며, 유선 통신, 무선 통신, 3G, 4G, 5G 혹은 그 이외의 방법으로 제한되지 않는다.The communication method between the user terminal (C) and the first server device (1) and between the first server device (1) and the second server device (2) and the user terminal (C) according to the present invention is wired and/ Alternatively, it may include all communication methods that enable object-to-object networking through a wireless network, and is not limited to wired communication, wireless communication, 3G, 4G, 5G, or other methods.
예를 들어, 사용자 단말(C)과, 제1 서버 장치(1) 사이, 그리고 제1 서버 장치(1) 및 제2 서버 장치(2) 사이의 유선 및/또는 무선 네트워크는 LAN(Local Area Network), MAN(Metropolitan Area Network), GSM(Global System for Mobile Network), EDGE(Enhanced Data GSM Environment), HSDPA(High Speed Downlink Packet Access), W-CDMA(Wideband Code Division Multiple Access), CDMA(Code Division Multiple Access), TDMA(Time Division Multiple Access), 블루투스(Bluetooth), 지그비(Zigbee), 와이-파이(Wi-Fi), VoIP(Voice over Internet Protocol), LTE Advanced, IEEE802.16m, WirelessMAN-Advanced, HSPA+, 3GPP Long Term Evolution(LTE), Mobile WiMAX (IEEE 802.16e), UMB (formerly EV-DO Rev. C), Flash-OFDM, iBurst and MBWA (IEEE 802.20) systems, HIPERMAN, Beam-Division Multiple Access (BDMA), Wi-MAX(World Interoperability for Microwave Access) 및 초음파 활용 통신으로 이루어진 군으로부터 선택되는 하나 이상의 통신 방법에 의한 통신 네트워크를 지칭할 수 있으나, 이에 한정되는 것은 아니다.For example, the wired and/or wireless network between the user terminal (C) and the first server device (1) and between the first server device (1) and the second server device (2) is a Local Area Network (LAN). ), MAN (Metropolitan Area Network), GSM (Global System for Mobile Network), EDGE (Enhanced Data GSM Environment), HSDPA (High Speed Downlink Packet Access), W-CDMA (Wideband Code Division Multiple Access), CDMA (Code Division) Multiple Access), TDMA (Time Division Multiple Access), Bluetooth, Zigbee, Wi-Fi, VoIP (Voice over Internet Protocol), LTE Advanced, IEEE802.16m, WirelessMAN-Advanced, HSPA+, 3GPP Long Term Evolution(LTE), Mobile WiMAX (IEEE 802.16e), UMB (formerly EV-DO Rev. C), Flash-OFDM, iBurst and MBWA (IEEE 802.20) systems, HIPERMAN, Beam-Division Multiple Access ( It may refer to a communication network using one or more communication methods selected from the group consisting of BDMA), Wi-MAX (World Interoperability for Microwave Access), and ultrasonic communication, but is not limited thereto.
한편, 본 발명의 일실시예에 따른 침해사고 판단 시스템은 제2 서버 장치(2)는 침해사고를 손쉽게 판단하기 위해 복수 개의 제1 서버 장치(1) 각각을 노드로 하고, 노드와 노드 사이를 링크로 연결하여 그래프 형태의 데이터베이스로 저장할 수 있다.Meanwhile, in the infringement incident determination system according to an embodiment of the present invention, the second server device (2) uses each of the plurality of first server devices (1) as nodes to easily determine the infringement incident, and establishes a connection between the nodes. You can connect it with a link and save it as a database in the form of a graph.
제2 서버 장치(2)는 침해사고가 발생한 경우 가상의 아이디가 최초로 생성되어 저장된 제1 서버 장치(1a)와 생성된 아이디로 로그인을 시도한 제1 서버 장치(1b)를 연결함으로써, 동일한 제1 서버 장치(1a)의 사이트에서 침해사고가 다시 발생한 것으로 판단되는 경우, 위와 같은 그래프 데이터베이스를 이용하여 로그인을 시도한 제1 서버 장치(1b)가 무엇인지 신속하게 확인할 수 있다. 물론, 노드로 저장되는 제1 서버 장치(1)는 하나일 수도 있고, 그룹화된 복수 개의 제1 서버 장치(1)가 하나의 노드로 저장되는 것도 가능하다.When an infringement incident occurs, the second server device 2 connects the first server device 1a, where the virtual ID was first created and stored, with the first server device 1b, which attempted to log in with the created ID, thereby If it is determined that an infringement incident has occurred again on the site of the server device (1a), it is possible to quickly check which first server device (1b) attempted to log in using the above graph database. Of course, there may be only one first server device 1 stored as a node, or it is also possible for a plurality of grouped first server devices 1 to be stored as one node.
그리고 본 발명의 일실시예에 따른 제2 서버 장치(2)는 생성된 아이디로 로그인을 시도한 제1 서버 장치(1b)에 접속한 사용자 단말(C)의 맥어드레스와 IP주소 및 접속시간을 저장하고, 저장된 맥어드레스의 네트워크 접속을 차단을 위한 차단정보를 복수 개의 제1 서버 장치(1)로 전송할 수 있다. 이로써, 개인정보를 침해하고자 하는 사용자에 의해 동일한 침해사고가 다시 발생되는 것을 방지할 수 있다.And the second server device (2) according to an embodiment of the present invention stores the Mac address, IP address, and connection time of the user terminal (C) connected to the first server device (1b) that attempted to log in with the created ID. And, blocking information for blocking network access of the stored MAC address can be transmitted to a plurality of first server devices 1. As a result, it is possible to prevent the same infringement incident from occurring again by a user attempting to infringe on personal information.
또한 본 발명의 일실시예에 따른 제2 서버 장치(2)는 생성된 아이디로 로그인을 시도한 사용자 단말(C)에서 로그인을 위한 다른 시도가 있는 것으로 감지되는 경우, 로그인을 위한 추가 인증을 요청할 수 있다.In addition, the second server device 2 according to an embodiment of the present invention may request additional authentication for login when it detects that there is another attempt to log in from the user terminal C that attempted to log in with the created ID. there is.
그리고 본 발명에 따른 제2 서버 장치(2)는 생성된 아이디와 패스워드에 의한 제1 서버 장치(1a)에서의 로그인 시점과 다른 제1 서버 장치(1b)에서의 로그인 시점을 비교하고, 시점의 차이가 커질수록 탐색 대상이 되는 제1 서버 장치(1)의 개수 및/또는 제1 서버 장치(1)가 속하는 카테고리의 개수를 확장할 수 있다.And the second server device (2) according to the present invention compares the login time in the first server device (1a) using the generated ID and password with the login time in the other first server device (1b), and determines the time point. As the difference increases, the number of searchable first server devices 1 and/or the number of categories to which the first server device 1 belongs can be expanded.
이하, 도 2 및 도 3을 참조하여 본 발명의 일실시예에 따른 침해사고 판단 시스템의 동작을 설명한다. 도 2에 도시된 바와 같이, 본 발명의 일실시예에 따른 침해사고 판단 시스템은 먼저, 제2 서버 장치(2)가 아이디와 패스워드를 포함하는 회원정보가 저장된 데이터베이스를 가지는 복수 개의 제1 서버 장치(1a, …, 1n) 중 어느 하나(1a)의 회원정보에 포함되어 있지 않은 가상의 아이디와 패스워드를 생성한다(S10).Hereinafter, the operation of the infringement incident determination system according to an embodiment of the present invention will be described with reference to FIGS. 2 and 3. As shown in Figure 2, the infringement incident determination system according to an embodiment of the present invention first includes a plurality of first server devices in which the second server device 2 has a database storing member information including IDs and passwords. Create a virtual ID and password that are not included in the member information of any one of (1a, ..., 1n) (1a) (S10).
다음으로, 제2 서버 장치(2)가 생성된 아이디와 패스워드를 다른 제1 서버 장치(1)의 데이터베이스에 회원정보로 저장한다(S20).Next, the second server device 2 stores the generated ID and password as member information in the database of the other first server device 1 (S20).
제2 서버 장치(2)는 다른 제1 서버 장치(1b)에서 단계 S10에서 생성된 아이디로 로그인된 것으로 판단되는 경우, 제1 서버 장치(1a)에서 침해사고가 발생한 것으로 판단한다(S30). If it is determined that another first server device (1b) has logged in with the ID created in step S10, the second server device (2) determines that an infringement incident has occurred in the first server device (1a) (S30).
이로써, 제2 서버 장치(2)는 어느 아이디로 로그인되었는지를 확인함으로써, 어느 서버 장치(1)의 사이트에서 침해사고가 발생하였는지 손쉽게 파악할 수 있어 개인정보가 유출되는 침해사고 발생시 신속한 대응이 가능하다.As a result, the second server device (2) can easily determine which site of the server device (1) the infringement occurred by checking which ID was logged in, making it possible to respond quickly in the event of an infringement that results in personal information being leaked. .
한편, 본 발명의 일실시예에 따른 가상의 식별정보를 이용한 침해사고 판단 시스템의 침해 사고 판단 방법은, 제2 서버 장치(2)가 개별의 제1 서버 장치(1)와, 기설정된 카테고리별로 그룹화된 제1 서버 장치(1) 중 적어도 어느 하나를 노드로 하고, 노드 및 노드를 연결하는 링크를 그래프 형태의 데이터베이스로 저장하는 단계를 더 포함할 수 있다.Meanwhile, the infringement incident determination method of the infringement incident determination system using virtual identification information according to an embodiment of the present invention is that the second server device 2 is divided into individual first server devices 1 and preset categories. The method may further include setting at least one of the grouped first server devices 1 as a node and storing the node and the links connecting the nodes as a database in the form of a graph.
그리고 제2 서버 장치(2)는 침해사고가 발생한 경우 가상의 아이디가 최초로 생성되어 저장된 제1 서버 장치(1a)와 생성된 아이디로 로그인을 시도한 제1 서버 장치(1b)를 각각의 노드로 하여 그래프 형태로 연결하고, 동일한 제1 서버 장치에서 침해사고가 다시 발생한 것으로 판단되는 경우 연결된 노드 순서대로 제1 서버 장치(1)에 대해 탐색을 수행하는 단계를 더 포함할 수 있다. 이로써, 침해사고가 발생한 경우 로그인을 시도한 제1 서버 장치(1b)가 무엇인지 신속하게 확인할 수 있다. 이때 제2 서버 장치(2)는 로그인을 시도한 제1 서버 장치(1b) 및 로그인 시도 횟수를 매칭하여 저장하고, 시도 횟수의 순서대도 제1 서버 장치를 연결하는 것도 가능하다.And, when an infringement occurs, the second server device (2) uses the first server device (1a), where the virtual ID was first created and stored, and the first server device (1b), which attempted to log in with the created ID, as each node. A step of connecting in a graph form and performing a search for the first server device 1 in the order of connected nodes may be further included if it is determined that an infringement incident has occurred again in the same first server device. As a result, in the event of an infringement incident, it is possible to quickly confirm the first server device (1b) that attempted to log in. At this time, the second server device 2 matches and stores the number of login attempts with the first server device 1b that attempted to log in, and it is also possible to connect the first server device in the order of the number of attempts.
또한 본 발명의 일실시예에 따른 가상의 식별정보를 이용한 침해사고 판단 시스템의 침해 사고 판단 방법은, 제2 서버 장치(2)가 단계 S10에서 생성된 아이디로 로그인을 시도한 사용자 단말(C)의 맥어드레스와 IP주소 및 접속시간을 저장하는 단계와, 제2 서버 장치(2)가 저장된 맥어드레스의 네트워크 접속을 차단을 위한 차단정보를 복수 개의 제1 서버 장치(1a, …, 1n)로 전송하는 단계를 더 포함할 수 있다. 이로써, 개인정보를 침해하고자 하는 사용자에 의해 동일한 침해사고가 다시 발생되는 것을 방지할 수 있다.In addition, the infringement incident determination method of the infringement incident determination system using virtual identification information according to an embodiment of the present invention is that the second server device (2) uses the user terminal (C) that attempted to log in with the ID created in step S10. A step of storing the Mac address, IP address, and connection time, and transmitting blocking information for blocking network access of the Mac address stored by the second server device 2 to a plurality of first server devices 1a, ..., 1n. Additional steps may be included. As a result, it is possible to prevent the same infringement incident from occurring again by a user attempting to infringe on personal information.
이상에서 설명한 실시예들에 따른 침해 사고 판단 방법에 의한 동작은, 적어도 부분적으로 컴퓨터 프로그램으로 구현되고 컴퓨터로 읽을 수 있는 기록매체에 기록될 수 있다. 실시예들에 따른 가상의 식별정보를 이용한 침해사고 판단 시스템의 침해사고 판단 방법에 의한 동작을 구현하기 위한 프로그램이 기록되고 컴퓨터가 읽을 수 있는 기록매체는 컴퓨터에 의하여 읽혀질 수 있는 데이터가 저장되는 모든 종류의 기록장치를 포함한다. 컴퓨터가 읽을 수 있는 기록매체의 예로는 ROM, RAM, CD-ROM, 자기 테이프, 플로피디스크, 광 데이터 저장장치 등이 있다. 또한 컴퓨터가 읽을 수 있는 기록매체는 네트워크로 연결된 컴퓨터 시스템에 분산되어, 분산 방식으로 컴퓨터가 읽을 수 있는 코드가 저장되고 실행될 수도 있다. 또한, 본 실시예를 구현하기 위한 기능적인 프로그램, 코드 및 코드 세그먼트(segment)들은 본 실시예가 속하는 기술 분야의 통상의 기술자에 의해 용이하게 이해될 수 있을 것이다.The operation of the infringement incident determination method according to the embodiments described above may be at least partially implemented as a computer program and recorded on a computer-readable recording medium. A computer-readable recording medium on which a program for implementing the operation of the infringement incident determination method of the infringement incident determination system using virtual identification information according to the embodiments is recorded is any computer-readable recording medium in which data that can be read by a computer is stored. Includes various types of recording devices. Examples of computer-readable recording media include ROM, RAM, CD-ROM, magnetic tape, floppy disk, and optical data storage devices. Additionally, computer-readable recording media may be distributed across computer systems connected to a network, and computer-readable codes may be stored and executed in a distributed manner. Additionally, functional programs, codes, and code segments for implementing this embodiment can be easily understood by those skilled in the art to which this embodiment belongs.
이상에서 설명한 것은 본 발명에 따른 가상의 식별정보를 이용한 침해사고 판단 시스템 및 그 방법과 이를 위한 컴퓨터 프로그램을 실시하기 위한 실시예에 불과한 것으로서, 본 발명은 상기한 실시예에 한정되지 않고, 이하 청구범위에서 청구하는 본 발명의 요지를 벗어남이 없이 본 발명이 속하는 기술분야에서 통상의 지식을 가진 자라면 누구든지 다양하게 변경하여 실시가능한 범위까지 본 발명의 기술적 정신이 있다고 할 것이다.What has been described above is only an embodiment for implementing the infringement accident determination system and method using virtual identification information and a computer program therefor according to the present invention, and the present invention is not limited to the above-described embodiment, and the claims below It will be said that the technical spirit of the present invention exists to the extent that anyone with ordinary knowledge in the technical field to which the present invention pertains can implement it with various modifications without departing from the gist of the present invention as claimed in the scope.

Claims (11)

  1. 웹사이트와 애플리케이션 중 적어도 어느 하나의 운영을 위한 서버 장치로서, 아이디와 패스워드를 포함하는 회원정보가 저장된 데이터베이스를 가지는 복수 개의 제1 서버 장치(1)와;A server device for operating at least one of a website and an application, comprising: a plurality of first server devices (1) having a database storing member information including ID and password;
    어느 하나의 상기 제1 서버 장치(1a)의 상기 회원정보에 포함되어 있지 않은 가상의 아이디와 패스워드를 생성하여 저장하고, 상기 생성된 아이디와 패스워드를 다른 제1 서버 장치(1b)의 데이터베이스에 회원정보로 저장하며, 상기 다른 제1 서버 장치(1b)에서 상기 생성된 아이디로 로그인된 것으로 판단되는 경우, 상기 제1 서버 장치(1a)에서 침해사고가 발생한 것으로 판단하는 제2 서버 장치(2)를 포함하는 것을 특징으로 하는 가상의 식별정보를 이용한 침해사고 판단 시스템.Create and store a virtual ID and password that are not included in the membership information of one of the first server devices (1a), and enter the generated ID and password into the database of the other first server device (1b) as a member. A second server device (2) that stores information as information and, when it is determined that a user has logged in with the ID created in the other first server device (1b), determines that an infringement incident has occurred in the first server device (1a). A system for determining infringement incidents using virtual identification information, comprising:
  2. 제1항에 있어서,According to paragraph 1,
    상기 제2 서버 장치(2)는,The second server device 2,
    개별의 상기 제1 서버 장치(1)와, 기설정된 카테고리별로 그룹화된 상기 제1 서버 장치(1) 중 적어도 어느 하나를 노드로 하고, 상기 노드 및 상기 노드를 연결하는 링크를 그래프 형태의 데이터베이스로 저장하는 것을 특징으로 하는 가상의 식별정보를 이용한 침해사고 판단 시스템.At least one of the individual first server devices 1 and the first server devices 1 grouped by preset categories is used as a node, and the nodes and the links connecting the nodes are converted into a database in the form of a graph. A system for determining infringement incidents using virtual identification information, which is characterized by storing.
  3. 제2항에 있어서,According to paragraph 2,
    상기 제2 서버 장치(2)는,The second server device 2,
    상기 침해사고가 발생한 경우 가상의 아이디가 최초로 생성되어 저장된 제1 서버 장치(1a)와 생성된 아이디로 로그인을 시도한 제1 서버 장치(1b)를 연결하고,When the above infringement incident occurs, the first server device (1a), where the virtual ID was first created and stored, is connected to the first server device (1b) that attempted to log in with the created ID,
    동일한 상기 제1 서버 장치(1a)에서 상기 침해사고가 다시 발생한 것으로 판단되는 경우 상기 연결된 노드 순서대로 상기 제1 서버 장치(1)에 대해 탐색을 수행하는 것을 특징으로 하는 가상의 식별정보를 이용한 침해사고 판단 시스템.If it is determined that the infringement incident has occurred again in the same first server device (1a), a search is performed on the first server device (1) in the order of the connected nodes. Infringement using virtual identification information Accident judgment system.
  4. 제1항에 있어서,According to paragraph 1,
    상기 제2 서버 장치(2)는,The second server device 2,
    상기 생성된 아이디로 로그인을 시도한 사용자 단말(C)의 맥어드레스와 IP주소 및 접속시간을 저장하고, 상기 저장된 맥어드레스의 네트워크 접속을 차단을 위한 차단정보를 상기 복수 개의 제1 서버 장치(1)로 전송하는 것을 특징으로 하는 가상의 식별정보를 이용한 침해사고 판단 시스템.The MAC address, IP address, and connection time of the user terminal (C) that attempted to log in with the created ID are stored, and blocking information for blocking network access of the stored Mac address is stored in the plurality of first server devices (1). A system for determining infringement incidents using virtual identification information, which is transmitted to .
  5. 제4항에 있어서,According to paragraph 4,
    상기 제2 서버 장치(2)는,The second server device 2,
    상기 생성된 아이디로 로그인을 시도한 사용자 단말(C)에서 로그인을 위한 다른 시도가 있는 것으로 감지되는 경우, 로그인을 위한 추가 인증을 요청하는 것을 특징으로 하는 가상의 식별정보를 이용한 침해사고 판단 시스템.A system for determining an infringement incident using virtual identification information, characterized in that it requests additional authentication for login when the user terminal (C) attempting to log in with the created ID detects that there is another attempt to log in.
  6. 제2 서버 장치(2)가 웹사이트와 애플리케이션 중 적어도 어느 하나의 운영을 위한 서버 장치로서, 아이디와 패스워드를 포함하는 회원정보가 저장된 데이터베이스를 가지는 복수 개의 제1 서버 장치(1) 중 어느 하나의 상기 제1 서버 장치(1a)의 상기 회원정보에 포함되어 있지 않은 가상의 아이디와 패스워드를 생성하는 단계;The second server device 2 is a server device for operating at least one of a website and an application, and is one of a plurality of first server devices 1 having a database storing member information including ID and password. generating a virtual ID and password that are not included in the member information of the first server device (1a);
    상기 제2 서버 장치(2)가 상기 생성된 아이디와 패스워드를 다른 제1 서버 장치(1b)의 데이터베이스에 회원정보로 저장하는 단계; 및The second server device (2) storing the generated ID and password as member information in the database of another first server device (1b); and
    상기 다른 제1 서버 장치(1b)에서 상기 생성된 아이디로 로그인된 것으로 판단되는 경우, 상기 제2 서버 장치(2)가 상기 제1 서버 장치(1a)에서 침해사고가 발생한 것으로 판단하는 단계를 포함하는 것을 특징으로 하는 가상의 식별정보를 이용한 침해사고 판단 시스템의 침해 사고 판단 방법.When it is determined that the other first server device (1b) has logged in with the created ID, the second server device (2) determines that an infringement incident has occurred in the first server device (1a). A method of determining an infringement incident of an infringement incident determination system using virtual identification information.
  7. 제6항에 있어서,According to clause 6,
    상기 제2 서버 장치(2)가 개별의 상기 제1 서버 장치(1)와, 기설정된 카테고리별로 그룹화된 제1 서버 장치(1) 중 적어도 어느 하나를 노드로 하고, 상기 노드 및 상기 노드를 연결하는 링크를 그래프 형태의 데이터베이스로 저장하는 단계를 더 포함하는 것을 특징으로 하는 가상의 식별정보를 이용한 침해사고 판단 시스템의 침해 사고 판단 방법.The second server device 2 uses at least one of the individual first server devices 1 and the first server devices 1 grouped by preset categories as a node, and connects the nodes. A method of determining an infringement incident in an infringement incident determination system using virtual identification information, further comprising the step of storing the link in a database in the form of a graph.
  8. 제7항에 있어서,In clause 7,
    상기 제2 서버 장치(2)는 상기 침해사고가 발생한 경우 가상의 아이디가 최초로 생성되어 저장된 제1 서버 장치(1a)와 생성된 아이디로 로그인을 시도한 제1 서버 장치(1b)를 연결하고, 동일한 상기 제1 서버 장치(1a)에서 상기 침해사고가 다시 발생한 것으로 판단되는 경우 상기 연결된 노드 순서대로 상기 제1 서버 장치(1)에 대해 탐색을 수행하는 단계를 더 포함하는 것을 특징으로 하는 가상의 식별정보를 이용한 침해사고 판단 시스템의 침해 사고 판단 방법.When the infringement incident occurs, the second server device 2 connects the first server device 1a, where the virtual ID was first created and stored, and the first server device 1b, which attempted to log in with the created ID, and connects the same Virtual identification, further comprising the step of performing a search for the first server device (1) in the order of the connected nodes when it is determined that the infringement incident has occurred again in the first server device (1a). Method for determining infringement incidents in an infringement incident determination system using information.
  9. 제6항에 있어서,According to clause 6,
    상기 제2 서버 장치(2)가 상기 생성된 아이디로 로그인을 시도한 사용자 단말(C)의 맥어드레스와 IP주소 및 접속시간을 저장하는 단계; 및The second server device (2) storing the Mac address, IP address, and connection time of the user terminal (C) that attempted to log in with the created ID; and
    상기 제2 서버 장치(2)가 상기 저장된 맥어드레스의 네트워크 접속을 차단을 위한 차단정보를 상기 복수 개의 제1 서버 장치(1)로 전송하는 단계를 더 포함하는 것을 특징으로 하는 가상의 식별정보를 이용한 침해사고 판단 시스템의 침해 사고 판단 방법.Virtual identification information further comprising the step of the second server device (2) transmitting blocking information for blocking network access of the stored MAC address to the plurality of first server devices (1). Infringement incident determination method of the infringement incident determination system used.
  10. 제9항에 있어서,According to clause 9,
    상기 제2 서버 장치(2)는,The second server device 2,
    상기 생성된 아이디로 로그인을 시도한 사용자 단말(C)에서 로그인을 위한 다른 시도가 있는 것으로 감지되는 경우, 로그인을 위한 추가 인증을 요청하는 단계를 더 포함하는 것을 특징으로 하는 가상의 식별정보를 이용한 침해사고 판단 시스템의 침해 사고 판단 방법.Infringement using virtual identification information, further comprising requesting additional authentication for login when the user terminal (C) attempting to log in with the created ID detects that there is another attempt to log in. Infringement incident determination method of the incident judgment system.
  11. 하드웨어와 결합되어, 제6항 내지 제10항 중 어느 한 항에 따른 침해 사고 판단 방법을 실행하도록 컴퓨터로 판독 가능한 기록매체에 저장된 컴퓨터 프로그램.A computer program combined with hardware and stored in a computer-readable recording medium to execute the method for determining an infringement incident according to any one of claims 6 to 10.
PCT/KR2023/014185 2022-09-20 2023-09-19 Infringement accident determination system using virtual identification information, method thereof, and computer program therefor WO2024063512A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020220118454A KR102605029B1 (en) 2022-09-20 2022-09-20 Intrusion determination system and method thereof using virtual identification information, compuper program for the same
KR10-2022-0118454 2022-09-20

Publications (1)

Publication Number Publication Date
WO2024063512A1 true WO2024063512A1 (en) 2024-03-28

Family

ID=88974389

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2023/014185 WO2024063512A1 (en) 2022-09-20 2023-09-19 Infringement accident determination system using virtual identification information, method thereof, and computer program therefor

Country Status (2)

Country Link
KR (1) KR102605029B1 (en)
WO (1) WO2024063512A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100982254B1 (en) * 2008-06-23 2010-09-15 엘지전자 주식회사 System and method for processing log-in request
KR20140070075A (en) * 2012-11-30 2014-06-10 네이버비즈니스플랫폼 주식회사 System, apparatus, method and computer readable recording medium for detecting and treating illegal access
KR20170090934A (en) * 2016-01-29 2017-08-08 계명대학교 산학협력단 Detecting and tracing method and system for leaked private information
KR102153926B1 (en) * 2017-08-10 2020-09-10 한국전자통신연구원 Apparatus for enhancing network security and method for the same
US20210367934A1 (en) * 2020-05-22 2021-11-25 Vivek Chinar Nair Secure system and method for preventing cross-site credential reuse

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100320119B1 (en) 1999-09-30 2002-01-10 김형태 System and method for monitoring fraudulent use of id and media for storing program source thereof

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100982254B1 (en) * 2008-06-23 2010-09-15 엘지전자 주식회사 System and method for processing log-in request
KR20140070075A (en) * 2012-11-30 2014-06-10 네이버비즈니스플랫폼 주식회사 System, apparatus, method and computer readable recording medium for detecting and treating illegal access
KR20170090934A (en) * 2016-01-29 2017-08-08 계명대학교 산학협력단 Detecting and tracing method and system for leaked private information
KR102153926B1 (en) * 2017-08-10 2020-09-10 한국전자통신연구원 Apparatus for enhancing network security and method for the same
US20210367934A1 (en) * 2020-05-22 2021-11-25 Vivek Chinar Nair Secure system and method for preventing cross-site credential reuse

Also Published As

Publication number Publication date
KR102605029B1 (en) 2023-11-23

Similar Documents

Publication Publication Date Title
US20070064689A1 (en) Method of controlling communication between devices in a network and apparatus for the same
US20060015715A1 (en) Automatically protecting network service from network attack
WO2019178966A1 (en) Network attack defense method and apparatus, and computer device and storage medium
EP3395102B1 (en) Network management
CN104601568A (en) Virtual security isolation method and device
EP2600566B1 (en) Unauthorized access blocking control method
US10397225B2 (en) System and method for network access control
US11716623B2 (en) Zero trust wireless monitoring - system and method for behavior based monitoring of radio frequency environments
BR102019020060A2 (en) method for detecting access point characteristics using machine learning
US20170141984A1 (en) Method and system for detecting client causing network problem using client route control system
CN1411209A (en) Method of detecting and monitoring malicious user host machine attack
JP2024520585A (en) WIRELESS INTRUSION PREVENTION SYSTEM AND METHOD OF OPERATION - Patent application
WO2024063512A1 (en) Infringement accident determination system using virtual identification information, method thereof, and computer program therefor
US20170048258A1 (en) Analyzing network traffic based on a quantity of times a credential was used for transactions originating from multiple source devices
KR101747144B1 (en) Method and system for preventing rogue access point
US20210058414A1 (en) Security management method and security management apparatus
EP3190743B1 (en) Packet processing method, network server and virtual private network system
WO2015080378A1 (en) Method for identifying sharing terminal and system therefor
JP2022007690A (en) Network service system, network management method and computer program
JP2010287932A (en) Quarantine network system, access management device, access management method, and access management program
US11539741B2 (en) Systems and methods for preventing, through machine learning and access filtering, distributed denial of service (“DDoS”) attacks originating from IoT devices
KR101447685B1 (en) Apparatus of detecting and controlling infected mobile terminal based on content information of transmission packet
CN105939372B (en) A kind of pppoe session method for building up and device
CN107579955B (en) Dynamic host configuration protocol monitoring and protecting method and system
US20230141028A1 (en) Traffic control server and method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23868564

Country of ref document: EP

Kind code of ref document: A1