WO2018088680A1 - Système de sécurité et procédé de traitement de demande d'accès à un site bloqué - Google Patents

Système de sécurité et procédé de traitement de demande d'accès à un site bloqué Download PDF

Info

Publication number
WO2018088680A1
WO2018088680A1 PCT/KR2017/008937 KR2017008937W WO2018088680A1 WO 2018088680 A1 WO2018088680 A1 WO 2018088680A1 KR 2017008937 W KR2017008937 W KR 2017008937W WO 2018088680 A1 WO2018088680 A1 WO 2018088680A1
Authority
WO
WIPO (PCT)
Prior art keywords
destination address
blocked
security server
client terminal
access
Prior art date
Application number
PCT/KR2017/008937
Other languages
English (en)
Korean (ko)
Inventor
박형배
강경태
Original Assignee
주식회사 수산아이앤티
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 수산아이앤티 filed Critical 주식회사 수산아이앤티
Publication of WO2018088680A1 publication Critical patent/WO2018088680A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/40Support for services or applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes

Definitions

  • One embodiment of the present invention relates to a security system and a method for blocking a malicious site, and a technique for processing a request for access to a blocked site after blocking a site including malicious code.
  • the site contains malicious code, but even if you have to access the site inevitably due to important tasks, there is a problem that can not be accessed due to blocking.
  • the present invention was derived to solve the problems of the prior art, and an object of the present invention is to provide a security system and method for processing a request for access to a blocked site after blocking a site containing malicious code.
  • the present invention relates to a security system and a method for processing an access request to a blocked site, and upon detecting that the client terminal transmits a packet to the blocked site, a blocking message including an access permission button to the client terminal.
  • the purpose of the present invention is to provide a method capable of reflecting the user's intention by informing the user that the blocked site is generated by transmitting and generating the message and allowing the user to connect to the blocked site when requesting the connection.
  • a method for processing an access request from a security server to a blocked site mirroring the packet through the network equipment connected to the client terminal in the security server Doing; Extracting a destination address from the packet at the security server; Confirming, by the security server, whether the destination address is a blocked address; And if the destination address is a blocked address at the security server, generating a blocking message including an access permission button and transmitting the generated blocking message to the client terminal.
  • the blocking message may further include at least one of a reason for blocking, a blocked time, and a time remaining until the blocking is released.
  • the determining whether the destination address is a blocked address in the security server may include determining that the destination address is a blocked address when the destination address is blocked and does not pass a predetermined period.
  • the access permission button may be a button for transmitting the URL information including the information to confirm that the request to ignore the blocking to the URL of the destination address and the information of the client terminal to the security server.
  • the method for processing a request for access to a blocked site may further include the step of not blocking a packet transmitted by the client terminal to the destination address for a preset period when it detects that the access permission button is input. have.
  • the method for processing a request for access to a blocked site may include: re-checking whether a malicious code exists in the destination address when detecting that the access permission button is input; And if the malicious code does not exist as a result of the re-scan may further comprise the step of releasing the block.
  • the method for processing a request for access to a blocked site includes: generating a second blocking message including the access permission button and transmitting the generated second blocking message to the security server if a malicious code exists as a result of re-examination; And detecting that the access permission button included in the secondary blocking message is input, the client terminal not blocking a packet transmitted to the destination address for a preset period of time.
  • the method for processing a request for access to a blocked site may further include releasing the blocking of the destination address when a predetermined time elapses since the destination address is set to the blocked address.
  • the mirroring unit for mirroring the packet (packet) through the network equipment connected to the client terminal;
  • a blocking processing unit which extracts a destination address from the packet, checks whether the destination address is a blocked address, and if the destination address is a blocked address, generates a blocking message including an access permission button and transmits the blocking message to the client terminal.
  • the access permission button may be a button for transmitting the URL information including the information to confirm that the request to ignore the blocking to the URL of the destination address and the information of the client terminal to the security server.
  • the security server may further include an access request processing unit that does not block the packet transmitted by the client terminal to the destination address for a preset period when it detects that the access permission button is input.
  • the security server may further include an access request processing unit for re-checking whether or not a malicious code exists in the destination address, and releasing the block if no malicious code exists as a result of the re-scanning.
  • the access request processing unit if a malicious code exists as a result of re-examination, generates a secondary block message including the access permission button and transmits it to the security server, and the access permission button included in the secondary block message is inputted. If it is detected that the client terminal does not block the packet transmitted to the destination address for a predetermined period.
  • the present invention relates to a security system and a method for processing an access request to a blocked site.
  • the client terminal detects that a packet is transmitted to a blocked site, the present invention generates and transmits a blocking message including an access permission button to the client terminal.
  • the user of the client terminal can be accessed when the user of the client terminal continues to request the connection while notifying the user that the site is blocked.
  • FIG. 1 is a view showing a schematic configuration of a security system according to an embodiment of the present invention.
  • FIG. 2 is a diagram illustrating a configuration of a security server of a security system according to an embodiment of the present invention.
  • FIG. 3 is a flowchart illustrating an example of a process of processing an access request to a blocked site in a security server according to an embodiment of the present invention.
  • FIG. 4 is a flowchart illustrating another example of a process of processing an access request to a blocked site in a security server according to an embodiment of the present invention.
  • FIG. 5 is a flowchart illustrating still another example of a process of processing an access request to a blocked site in a security server according to an embodiment of the present invention.
  • FIG. 6 is a diagram illustrating an example of a blocking message generated by a security server according to an embodiment of the present invention.
  • Embodiments according to the inventive concept may be variously modified and have various forms, so embodiments are illustrated in the drawings and described in detail herein. However, this is not intended to limit the embodiments in accordance with the concept of the present invention to specific embodiments, and includes modifications, equivalents, or substitutes included in the spirit and scope of the present invention.
  • first or second may be used to describe various components, but the components should not be limited by the terms. The terms are only for the purpose of distinguishing one component from another component, for example, without departing from the scope of the rights according to the inventive concept, the first component may be called a second component, Similarly, the second component may also be referred to as the first component.
  • FIGS. 1 to 6 a security system and a method for processing an access request to a blocked site according to an embodiment of the present invention will be described in detail with reference to FIGS. 1 to 6.
  • FIG. 1 is a view showing a schematic configuration of a security system according to an embodiment of the present invention.
  • the security server 130 may be connected to a network device to which the client terminal 110 is connected through a tap (TAP) 120 to mirror a DNS query packet through the network device.
  • the security server 130 may store a list of uniform resource locators (URLs) of sites to be blocked.
  • the client terminal 110 may have at least one client connected to the Internet 100.
  • the client may be a terminal such as a PC or a smart phone.
  • the security server 130 mirrors a packet through a network device to which the client terminal 110 is connected, extracts a destination address from the packet, checks whether the destination address is a blocked address, and if the destination address is a blocked address, A blocking message including a connection permission button may be generated and transmitted to the client terminal 110.
  • FIG. 2 is a diagram illustrating a configuration of a security server of a security system according to an embodiment of the present invention.
  • the security server 130 of the present invention includes a control unit 210, a mirroring unit 212, a blocking processing unit 214, a connection request processing unit 216, a communication unit 220, and a storage unit 230. Can be used to handle access requests to blocked sites.
  • the communication unit 220 is a communication interface device including a receiver and a transmitter to transmit and receive data by wire or wirelessly.
  • the communication unit 220 may receive a mirrored packet transmitted and received between the client terminal 110 and the Internet 100 through a tap (TAP) 120 and transmit the blocking message to the client terminal 110. You may.
  • TAP tap
  • the storage unit 230 stores an operating system, an application, and storage data for controlling the overall operation of the security server 130.
  • the storage unit 230 may manage the information of the blocked site according to the present invention.
  • the blocked site information may include an address (eg, a URL) of the blocked site, and may further include information such as a reason for blocking, a blocked time, and a time remaining until the blocking is released. .
  • the mirroring unit 212 may control the communication unit 220 to mirror the packet through the network equipment to which the client terminal 110 is connected and provide the packet to the blocking processing unit 214.
  • the blocking processing unit 214 extracts the destination address from the received packet by mirroring, checks whether the destination address is a blocked address, and if the destination address is a blocked address, a blocking including an access permission button as shown in the example of FIG. 6 below. A message can be generated and sent to the client terminal. In this case, the blocking processing unit 214 may determine that the blocked address when the destination address is blocked and does not pass the preset period.
  • FIG. 6 is a diagram illustrating an example of a blocking message generated by a security server according to an embodiment of the present invention.
  • the blocking message 600 may include an access permission button 610 in addition to a description of a reason for blocking and a problem that may occur when connecting.
  • the access permission button is a button for transmitting the URL information including the information to confirm that the request to ignore the blocking to the URL of the destination address and the information of the client terminal to the security server.
  • a new URL address may be generated to allow the security server 110 to confirm that the request is ignored by inserting a special symbol allowing access to the URL address of an existing malicious site.
  • malware code URL is the address of the malicious site containing the malicious code to be accessed by the client terminal 110, "http: // blocking equipment address / removemalwareurl?" Can be confirmed that the request to ignore the block Corresponds to information.
  • malware code URL is the address of the malicious site including the malicious code to be accessed by the client terminal 110, and "####" corresponds to information that can confirm that the request to ignore the blocking.
  • the blocking message 600 may further include blocked time information indicating when it was blocked or information about the time remaining until the blocking is released.
  • connection request processing unit 216 detects that the access permission button is input, the client terminal 110 does not block the packet transmitted to the destination address during the release period.
  • the access request processing unit 216 may recheck whether the malicious code exists in the destination address, and may release the block if the malicious code does not exist as a result of the rescan.
  • the access request processing unit 216 generates a secondary blocking message including a connection permission button and transmits it to the security server 130 if a malicious code exists as a result of re-inspection, and the access permission button included in the secondary blocking message is input. If it is detected that the client terminal 110 may not block the packet transmitted to the destination address during the release period, which is a predetermined period.
  • connection request processing unit 216 to re-examine the presence of malicious code to prevent the frequent occurrence by the request of the various client terminals to perform the re-examination of the malicious code only when a predetermined inspection period has passed. It may be.
  • the controller 210 may control the overall operation of the security server 130.
  • the controller 210 may perform the functions of the mirroring unit 212, the blocking processing unit 214, and the connection request processing unit 216.
  • the control unit 1210, the mirroring unit 212, the blocking processing unit 214, and the connection request processing unit 216 are illustrated separately to describe each function.
  • the controller 210 may include at least one processor configured to perform functions of the mirroring unit 212, the blocking processing unit 214, and the connection request processing unit 216.
  • the controller 210 may include at least one processor configured to perform some of the functions of the mirroring unit 212, the blocking processing unit 214, and the connection request processing unit 216.
  • the blocking processing unit 214 releases the blocking of the destination address when the blocking release time, which is a preset time after the destination address is set to the blocked address, elapses.
  • the unblocking time is a time expected to have cured the malicious code included in the site, and may be differentially set according to the recognition of the site.
  • a site of a high-recognition site bank can be set to an unblocking time of 1 hour
  • a site of a blog of a low-perception personal blog can be set to a week.
  • FIG. 3 is a flowchart illustrating an example of a process of processing an access request to a blocked site in a security server according to an embodiment of the present invention.
  • the security server 130 mirrors a packet through a network device to which the client terminal 110 is connected (310).
  • the security server 130 extracts a destination address from the mirrored packet (312).
  • the security server 130 checks whether the destination address is a blocked address (314).
  • a blocking message including a connection permission button is generated and the mirrored packet is transmitted to the transmitted client terminal 110 (316).
  • the access permission button may be a button for transmitting the URL information including the information to confirm that the request to ignore the blocking to the URL of the destination address and the information of the client terminal to the security server 130.
  • the client terminal 110 does not block the packet transmitted to the destination address for a predetermined period (320).
  • FIG. 4 is a flowchart illustrating another example of a process of processing an access request to a blocked site in a security server according to an embodiment of the present invention.
  • the security server 130 mirrors a packet through a network device to which the client terminal 110 is connected (410).
  • the security server 130 extracts a destination address from the mirrored packet (412).
  • the security server 130 checks whether the destination address is a blocked address (414).
  • a blocking message including an access permission button is generated and the mirrored packet is transmitted to the transmitted client terminal 110 (416).
  • the access permission button may be a button for transmitting the URL information including the information to confirm that the request to ignore the blocking to the URL of the destination address and the information of the client terminal to the security server 130.
  • the security server 130 detects that the access permission button is input (418), the security server 130 rechecks whether malicious code exists in the destination address (420), and checks whether malicious code exists in the destination address (422).
  • step 422 If the malicious code does not exist in step 422, the security server 130 releases the block to the destination address (424).
  • the security server 130 determines whether the malicious code is present as a result of step 422 or not. If the malicious code is present as a result of step 422, the security server 130 generates a secondary blocking message including a button to allow the connection and transmits to the security server (426).
  • the client terminal 110 does not block the packet transmitted to the destination address for a predetermined period (430). .
  • FIG. 5 is a flowchart illustrating still another example of a process of processing an access request to a blocked site in a security server according to an embodiment of the present invention.
  • the security server 130 mirrors a packet through a network device to which the client terminal 110 is connected (510).
  • the security server 130 extracts a destination address from the mirrored packet (512).
  • the security server 130 checks whether the destination address is a blocked address (514).
  • a blocking message including a connection permission button is generated and the mirrored packet is transmitted to the transmitted client terminal 110 (416).
  • the access permission button may be a button for transmitting the URL information including the information to confirm that the request to ignore the blocking to the URL of the destination address and the information of the client terminal to the security server 130.
  • the security server 130 checks whether a predetermined inspection period has elapsed after checking whether a malicious code exists for a destination address (520).
  • step 520 If the verification period in step 520 does not pass, the security server 130 does not block the packet transmitted by the client terminal 110 to the destination address for a predetermined period of time (522).
  • the security server 130 checks again whether or not the malicious code exists in the destination address (524), and checks whether or not the malicious code exists in the destination address (526).
  • step 526 If the malicious code is present as a result of step 526, the security server 130 returns to step 516 to perform the subsequent process.
  • step 526 the security server 130 releases the block to the destination address (424).
  • the apparatus described above may be implemented as a hardware component, a software component, and / or a combination of hardware components and software components.
  • the apparatus and components described in the embodiments are, for example, a processor, a controller, an arithmetic logic unit (ALU), a digital signal processor, a microcomputer, a field programmable gate array (FPGA), programmable logic (PLU), and the like.
  • unit, microprocessor, or any other device capable of executing and responding to instructions may be implemented using one or more general purpose or special purpose computers.
  • the processing device may execute an operating system (OS) and one or more software applications running on the operating system.
  • the processing device may also access, store, manipulate, process, and generate data in response to the execution of the software.
  • OS operating system
  • the processing device may also access, store, manipulate, process, and generate data in response to the execution of the software.
  • processing device includes a plurality of processing elements and / or a plurality of types of processing elements. It can be seen that it may include.
  • the processing device may include a plurality of processors or one processor and one controller.
  • other processing configurations are possible, such as parallel processors.
  • the software may include a computer program, code, instructions, or a combination of one or more of the above, and configure the processing device to operate as desired, or process it independently or collectively. You can command the device.
  • Software and / or data may be any type of machine, component, physical device, virtual equipment, computer storage medium or device in order to be interpreted by or to provide instructions or data to the processing device. Or may be permanently or temporarily embodied in a signal wave to be transmitted.
  • the software may be distributed over networked computer systems so that they may be stored or executed in a distributed manner.
  • Software and data may be stored on one or more computer readable recording media.
  • Method according to the embodiment is implemented in the form of program instructions that can be executed by various computer means may be recorded on a computer readable medium.
  • the computer readable medium may include program instructions, data files, data structures, etc. alone or in combination.
  • Program instructions recorded on the media may be those specially designed and constructed for the purposes of the present disclosure, or they may be of the kind well-known and available to those having skill in the computer software arts.
  • Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks, and magnetic tape, optical media such as CD-ROMs, DVDs, and magnetic disks, such as floppy disks.
  • Examples of program instructions include not only machine code generated by a compiler, but also high-level language code that can be executed by a computer using an interpreter or the like.
  • the hardware device described above may be configured to operate as one or more software modules to perform the operations of the embodiments, and vice versa.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

La présente invention concerne un système et un procédé de sécurité qui permettent de : reproduire un paquet passant à travers un équipement de réseau auquel un terminal client est connecté ; extraire une adresse de destination du paquet ; vérifier si l'adresse de destination est une adresse bloquée ; et lorsque l'adresse de destination est une adresse bloquée, générer un message de bloc comprenant un bouton d'autorisation d'accès, transmettre celui-ci au terminal client de façon à informer un utilisateur du terminal client que la destination est un site actuellement bloqué, et vérifier si l'utilisateur va néanmoins accéder au site bloqué.
PCT/KR2017/008937 2016-11-09 2017-08-17 Système de sécurité et procédé de traitement de demande d'accès à un site bloqué WO2018088680A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020160148534A KR101925314B1 (ko) 2016-11-09 2016-11-09 차단된 사이트로의 접속 요청을 처리하는 보안 시스템 및 방법
KR10-2016-0148534 2016-11-09

Publications (1)

Publication Number Publication Date
WO2018088680A1 true WO2018088680A1 (fr) 2018-05-17

Family

ID=62109812

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2017/008937 WO2018088680A1 (fr) 2016-11-09 2017-08-17 Système de sécurité et procédé de traitement de demande d'accès à un site bloqué

Country Status (2)

Country Link
KR (1) KR101925314B1 (fr)
WO (1) WO2018088680A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111935095A (zh) * 2020-07-15 2020-11-13 广东电网有限责任公司 一种源代码泄露监控方法、装置及计算机存储介质
WO2023036188A1 (fr) * 2021-09-09 2023-03-16 海尔数字科技(青岛)有限公司 Procédé et appareil de limitation de trafic d'accès, dispositif, support de stockage et produit programme d'ordinateur

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130067473A1 (en) * 2011-09-10 2013-03-14 Jason R. Olson Modes for Applications
US20140181931A1 (en) * 2007-07-27 2014-06-26 White Sky, Inc. Multi-platform user device malicious website protection system
KR20150127511A (ko) * 2014-05-07 2015-11-17 곽정곤 Http 프로토콜 간섭과 dns질의를 이용한 인증대상회선 선정방법 및 그 시스템
US20150341379A1 (en) * 2014-05-22 2015-11-26 Accenture Global Services Limited Network anomaly detection
US9473505B1 (en) * 2014-11-14 2016-10-18 Trend Micro Inc. Management of third party access privileges to web services

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140181931A1 (en) * 2007-07-27 2014-06-26 White Sky, Inc. Multi-platform user device malicious website protection system
US20130067473A1 (en) * 2011-09-10 2013-03-14 Jason R. Olson Modes for Applications
KR20150127511A (ko) * 2014-05-07 2015-11-17 곽정곤 Http 프로토콜 간섭과 dns질의를 이용한 인증대상회선 선정방법 및 그 시스템
US20150341379A1 (en) * 2014-05-22 2015-11-26 Accenture Global Services Limited Network anomaly detection
US9473505B1 (en) * 2014-11-14 2016-10-18 Trend Micro Inc. Management of third party access privileges to web services

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111935095A (zh) * 2020-07-15 2020-11-13 广东电网有限责任公司 一种源代码泄露监控方法、装置及计算机存储介质
WO2023036188A1 (fr) * 2021-09-09 2023-03-16 海尔数字科技(青岛)有限公司 Procédé et appareil de limitation de trafic d'accès, dispositif, support de stockage et produit programme d'ordinateur

Also Published As

Publication number Publication date
KR20180051781A (ko) 2018-05-17
KR101925314B1 (ko) 2018-12-05

Similar Documents

Publication Publication Date Title
WO2021060853A1 (fr) Système de contrôle d'accès au réseau et procédé associé
WO2018056601A1 (fr) Dispositif et procédé de blocage de rançongiciel à l'aide d'une commande d'accès à un fichier de contenu
WO2017034072A1 (fr) Système de sécurité de réseau et procédé de sécurité
JP6470597B2 (ja) キャプティブポータル対応のvpn通信端末、その通信制御方法及びそのプログラム
WO2017026840A1 (fr) Dispositif de connexion internet, serveur de gestion central, et procédé de connexion internet
WO2018088680A1 (fr) Système de sécurité et procédé de traitement de demande d'accès à un site bloqué
WO2018016830A1 (fr) Appareil et procédé de prévention de chiffrement de fichier
WO2015182873A1 (fr) Bloc de sélection de serveur dns et procédé de modification d'adresse dns utilisant un mandataire
WO2024122924A1 (fr) Système de surveillance de dommages d'hameçonnage et procédé associé
WO2019066099A1 (fr) Système de détection de comportement anormal sur la base d'un modèle d'analyse intégré, et procédé associé
WO2015099287A1 (fr) Procédé pour authentifier un utilisateur par utilisation d'un mot de passe à usage unique, et dispositif correspondant
WO2018056582A1 (fr) Procédé d'inspection de paquet à l'aide d'une communication ssl
WO2013073780A1 (fr) Procédé et serveur pour fournir une fonction de connexion automatique
WO2021225329A1 (fr) Procédé et système pour détecter la falsification d'une application mobile en utilisant un identifiant d'utilisateur et une collecte de signature
WO2016195344A1 (fr) Système de sécurité de réseau et procédé permettant de bloquer le téléchargement à l'improviste d'un logiciel malveillant
WO2017115976A1 (fr) Procédé et dispositif de blocage d'un site nuisible en utilisant un événement d'accessibilité
WO2015190692A1 (fr) Procédé de blocage d'accès à internet à l'aide d'un programme d'agent
WO2021194082A1 (fr) Procédé et dispositif pour fournir une page web à l'aide d'un portail captif
WO2014107028A1 (fr) Système de prévention d'invasion de logiciels malveillants, et procédé d'utilisation dudit système de prévention d'invasion de logiciels malveillants
WO2021075652A1 (fr) Procédé pour détecter automatiquement un programme de dérivation, et système associé
WO2015088195A1 (fr) Procédé de protection d'environnement local et système de protection d'un terminal répondant à un code malveillant dans des informations de liaison
WO2017217814A1 (fr) Dispositif et procédé de sécurisation de courrier par web
WO2015046951A1 (fr) Procédé et dispositif de sécurité de réseau utilisant une adresse ip
WO2015178002A1 (fr) Dispositif de traitement d'informations, système de traitement d'informations et procédé d'analyse d'historique de communications
WO2019235664A1 (fr) Procédé et système de blocage de débogueur pour protection de programme

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17869998

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17869998

Country of ref document: EP

Kind code of ref document: A1