发明名称 |
INSIDER THREAT DETECTION DEVICE AND METHOD |
摘要 |
<p>PURPOSE: A device for detecting the threat of an insider and a method thereof are provided to extract the patterns of insiders from the stored information and analyze time-space association compared to other insider patterns. CONSTITUTION: An information collecting unit(101) collects information related to insiders. The information collecting unit converts the format of the collected information into a normalized format. A knowledge base(102) stores information converted by the information collecting unit. A pattern extracting unit(103) generates a pattern by insider from the information stored in the knowledge base. An association analysis unit(104) detects a suspicious insider by comparing the patterns generated by the pattern extracting unit. [Reference numerals] (101) Information collecting unit; (102) Knowledge base; (103) Pattern extracting unit; (104) Association analysis unit;</p> |
申请公布号 |
KR20130039175(A) |
申请公布日期 |
2013.04.19 |
申请号 |
KR20110103671 |
申请日期 |
2011.10.11 |
申请人 |
ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE |
发明人 |
SOHN, SEON GYOUNG |
分类号 |
H04L12/26;G06F21/00;H04L12/22 |
主分类号 |
H04L12/26 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|