Brent Byunghoon Kang

US Patent:

20120180127, Jul 12, 2012

Filed:

Jan 12, 2012

Appl. No.:

13/349247

Inventors:

Brent ByungHoon KANG - Fairfax VA, US

International Classification:

G06F 21/00

US Classification:

726 22

Abstract:

A technology for preventing network attacks. A service request is intercepted at an unaddressed port of a hidden device from a second device. The service request intended for a visible device is processed by the hidden device. A response may be provided based on the processing and sent to the second device.

US Patent:

20140359183, Dec 4, 2014

Filed:

Apr 25, 2014

Appl. No.:

14/262685

Inventors:

- Seoul, KR
Brent Byunghoon Kang - Fairfax VA, US

Assignee:

SNU R&DB Foundation - Seoul

International Classification:

G06F 12/08
G06F 13/24

US Classification:

710260, 711146

Abstract:

A snoop-based kernel integrity monitoring apparatus and a method thereof are provided. More particularly, provided are a kernel integrity monitoring apparatus which is provided as a hardware device independent of a host system, and snoops traffic occurring in a system bus of the host system and by detecting a write attempt in a kernel immutable region, monitors integrity of the kernel, and a method thereof. According to the apparatus and method, by analyzing traffic of the system bus of the host system, a write attempt in the kernel immutable region is detected. Thus, a transient attack which is difficult for a snapshot method to detect can be detected.