P
USRE45381EExpiredUtilityPatentIndex 51

Network correction security system and method

Assignee: LEE SEUNG-MINPriority: Oct 9, 2003Filed: Nov 24, 2010Granted: Feb 17, 2015
Est. expiryOct 9, 2023(expired)· nominal 20-yr term from priority
Inventors:LEE SEUNG MINNAM TAEK-YONGSOHN SUNG WONPARK CHEE HANG
H04L 63/1458H04L 12/22
51
PatentIndex Score
0
Cited by
12
References
17
Claims

Abstract

A network correction security system. The network correction security system connected between a network node and a security-related external system, detects attacks on the network node, corrects weak parts of the performance of the network node, collects information for improving the security performance of the network node from a security-related external system, analyzes the information, monitors principal resources of the network node to detect a fault, and removes the fault according to a measure corresponding to a grade of the fault. The network correction security system carries out a recovery process when the fault has not been corrected, and recovers the functions of the network node according to a recovery mechanism when the fault has not been removed after the recovery process.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A network correction security system that is connected between a network node router and a security-related external system, detects an external attack on the network node router, and corrects a weak part of the performance vulnerability of the network node router, comprising:
 a correction agent that removes processor connected to the router, wherein the correction agent processor is configured to remove a fault generated in the network node router according to a measure corresponding to a level of the fault to correct the fault, and when it is confirmed that the fault has not been completely corrected, repeats repeat a recovery process of reallocating and dividing resources of the network node router; and 
 a correction manager that processor connected to the correction agent processor and the security-related external system, wherein the correction manager processor is configured to continuously collects collect information for improving the a security performance of the network node router from the security-related external system and analyzes, analyze the collected information to control the improvement of the security performance of the network node router, and in response to the analyzing of the collected information, allocate additional resources from another network excluding the router to improve the security of the router while the fault is being recovered, wherein 
 the correction manager processor recovers functions of the router and corrects the vulnerability of the router, which vulnerability is subject to an external attack, based on the information for improving the security performance of the router that is received from the security-related external system. 
 
     
     
       2. The network correction security system as claimed in  claim 1 , wherein the correction manager processor recovers functions of the network node router according to a mechanism that recovers a part of the network node router or the entire network node router when it is confirmed that the fault has not been completely corrected after the recovery process has been carried out. 
     
     
       3. The network correction security system as claimed in  claim 2 , wherein the correction manager improves a weak part of the performance of the network node, which is vulnerable to an external attack and is detected when the functions of the network node are recovered, based on the information for improving the security performance of the network node that is received from the security-related external system. 
     
     
       4. The network correction security system as claimed in  claim 1 , wherein the correction agent processor comprises:
 a resource/fault monitor that monitors availability of principal resources of the network node router to detect whether a fault is generated in the network node router; 
 a fault assessor that assesses a grade of a fault detected by the resource/fault monitor; and 
 a fault remover that removes the fault according to a measure corresponding to the assessed grade to correct the fault. 
 
     
     
       5. The network correction security system as claimed in  claim 4 , wherein the correction agent processor further comprises a resource controller that carries out a recovery process of reallocating and dividing the resources of the network node router when it is confirmed that the corrected fault has not been completely removed. 
     
     
       6. The network correction security system as claimed in  claim 5 , wherein the correction manager processor comprises:
 a network resource manager that grasps the state of the resources of the network node router when it is confirmed that the generated fault has not been completely removed after the resource controller has carried out the recovery process; and 
 a recovery data manager that carries out a recovery process including additionally allocating and dividing the resources of the network according to the grasped state of the resources. 
 
     
     
       7. The network correction security system as claimed in  claim 6 , wherein the recovery data manager recovers the functions of the network node router according to a recovery mechanism including reconstructing, resetting, and rebooting a specific system of the network node router when it is confirmed that the fault has not been completely removed through the recovery process of the resource controller. 
     
     
       8. The network correction security system as claimed in  claim 6 , wherein the correction manager processor further comprises a function creator that creates at least one new function that improves a part or the entirety of the security performance of the network node router and provides the new function to the correction agent processor. 
     
     
       9. A network correction security method that detects an external attack on a network node router and corrects a weak part of the performance vulnerability of the network node router, comprising:
 (a) removing a fault generated in the network node router according to a measure corresponding to a grade of the fault to correct the fault; 
 (b) repeating a recovery process that reallocates and divides resources of the network node router when the fault has not been completely corrected in (a); 
 (c) recovering functions of the network node router according to a mechanism of recovering a part or the entirety of the a security performance of the network node router when the fault has not been completely corrected after the recovery process of (b); and 
 (d) continuously collecting information for improving the security performance of the network node router from a security-related external system and, analyzing the collected information to improve the security performance of the network node router, and in response to the analyzing of the collected information, allocating additional resources from another network excluding the router to improve the security of the router while the fault is being recovered, wherein 
 (d) includes recovering functions of the router and correcting the vulnerability of the router, which vulnerability is subject to an external attack, based on the information for improving the security performance of the router received from the security-related external system. 
 
     
     
       10. The network correction security method as claimed in  claim 9 , wherein (d) includes improving a weak part of the performance of the network node, which is vulnerable to an external attack and is detected when the functions of the network node are recovered, based on the information for improving the security performance of the network node received from the security-related external system. 
     
     
       11. The network correction security method as claimed in  claim 9 , wherein (a) comprises:
 monitoring availability of principal resources of the network node router; 
 detecting whether a fault is generated in the network node router according to the result of the monitoring step; 
 assessing a grade of at least one fault detected; and 
 removing the fault according to a measure corresponding to the assessed grade. 
 
     
     
       12. The network correction security method as claimed in  claim 9 , wherein (b) comprises:
 confirming whether the fault has been completely removed; 
 grasping the state of the resources of the network node router when it is confirmed that the fault has not been completely removed; and 
 carrying out a recovery process including additionally allocating and dividing the resources of the network node router according to the grasped state of the resources. 
 
     
     
       13. The network correction security method as claimed in  claim 9 , wherein (c) comprises:
 confirming whether the fault has been completely corrected after the security performance of the network node router has been recovered; 
 grasping the state of the resources of the network node router again when the fault has not been completely corrected; 
 carrying out a recovery process including additionally allocating and dividing the resources of the network node router according to the grasped state of the resources; and 
 recovering the functions of the network node router according to a recovery mechanism of rebooting a specific system of the network node router when the fault has not been completely corrected even after the recovery process. 
 
     
     
       14. The network correction security method as claimed in  claim 9 , wherein (d) comprises:
 analyzing data mining and correlation of the collected information for improving the security performance of the network node router: and 
 determining whether the performance of the network node router is improved according to the result of the analysis. 
 
     
     
       15. A non-transitory computer-readable recording medium including a network correction security method that detects instructions that when executed by a computer detect an external attack on a network node router and corrects a weak part of the performance correct a vulnerability of the network node router, the network correction security method instructions comprising:
 removing a fault generated in the network node router according to a measure corresponding to a grade of the fault to correct the fault; 
 repeating a recovery process that reallocates and divides resources of the network node router when the fault has not been completely corrected; 
 recovering functions of the network node router according to a mechanism of recovering a part or the entirety of the a security performance of the network node router when the fault has not been completely corrected even after the recovery process; and 
 continuously collecting information required for improving the security performance of the network node router from a security-related external system and, analyzing the collected information to improve the security performance of the network node router and, in response to the analyzing of the collected information, allocating additional resources from another network excluding the router to improve the security of the router while the fault is being recovered, wherein the recording medium is readable by a computer having a program installed therein, wherein 
 improving the security performance of the router includes recovering functions of the router and correcting the vulnerability of the router, which vulnerability is subject to an external attack, based on the information for improving the security performance of the router received from the security-related external system. 
 
     
     
       16. The network correction security system of claim 1, wherein the correction manager processor is configured to allocate other routers excluding the router connected to the correction agent process to provide additional resources. 
     
     
       17. The network correction security system of claim 1, wherein the correction manager processor is configured to allocate additional resources through a network monitoring system (NMS) or an external security manager (ESM).

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.