• Journal of Software Assessment and Valuation
• /
• v.15 no.2
• /
• pp.121-128
• /
• 2019

Computing systems have various vulnerabilities to cyber attacks. In particular, various cyber attacks that are intelligent in the information society have caused serious social problems and economic losses. Traditional security systems are based on misuse-based technology, which requires the continuous updating of new attack patterns and the real-time analysis of vast amounts of data generated by numerous security devices in order to accurately detect. However, traditional security systems are unable to respond through detection and analysis in real time, which can delay the recognition of intrusions and cause a lot of damage. Therefore, there is a need for a new security system that can quickly detect, analyze, and predict the ever-increasing cyber security threats based on machine learning and big data analysis models. In this paper, we present a IDS model that combines machine learning and big data technology.

• Proceedings of the Korean Institute of Intelligent Systems Conference
• /
• 2002.05a
• /
• pp.23-27
• /
• 2002

본 논문에서는 정보보호에서 지능형 침입탐지시스템(Intrusion Detection System :IDS) 의한 모델을 제안한다. 이 모델은 데이터 마이닝 분야와 정보보호 분야의 결합된 방법을 이용한다. 즉, 계산환경을 격상하거나 새로운 공격 방법들 때문에 내장된 IDS를 보완 할 필요가 종종 있다. 현재 사용하고 있는 많은 IDS들은 전문적인 지식을 손으로 작성했기 때문에 IDS들의 변환은 가격이 매우 비싸며, 속도가 느리다는 단점이 있다. 이에 본 모델은 침입탐지 모델을 적응 적으로 구축하는데 데이터 마이닝 구조를 활용한다. 데이터 마이닝(Data Mining : DM)의 기술인 연관 규칙, 순차 패턴, 분류, 군집화, 유전자 알고리즘 기법(GA)인 Selection, Crossover, Mutation, Evaluation, Fitness Function의 기능을 접목하여 단점을 보안하고 처리 성능을 최대로 하는 즉, 보다 안전한 지능형 침입 탐지 시스템(IDS) 모델을 제안한다.

• Proceedings of the Korea Technology Innovation Society Conference
• /
• 2000.05a
• /
• pp.321-337
• /
• 2000

인터넷 비지니스가 중요한 경쟁요소로 발돋음하고 있는 현재의 시점에서 인터넷 비즈니스 모델에 특허권을 부여한다는 것은 비슷한 성격을 가진 타 경쟁업체의 경쟁력을 약화시키고 이를 포기하도록 의도하는 독점적 전략의 일종이다. 미국에서는 Statestreet 사건을 비롯한 일련의 BM 특허에 관한 소송이 제기되어 이미 BM 특허를 인정하고 있는 상황이며 이를 기점으로 BM 특허권을 인정하는 것이 대세로 되고 있다. 기존의 특허와 다른 양상을 갖고 있는 BM 특허는 새로운 아이디어를 중심으로 그 사업성을 인정받는 영업 모델 특허인데 이는 현재 독점과 관련한 부정적인 인식으로 그 특허의 타당성과 특허보호기간 적용문제가 논란이 되고 있다. 외국의 특허로부터 국내 인터넷 사업을 보호하기 위하여 정부차원에서의 특허 인정 노력이 필요하지만 인터넷 사업의 경쟁력 있는 활성화를 위해서는 특허보호기간이 현행 20년보다 축소해야 한다는 반발도 만만치 않다. 인터넷 비지니스 후발주자인 한국은 서두르지 않으면 치열한 인터넷 경쟁에서 뒤쳐질 위험을 안고 있다. 선발주자들의 경쟁우위 전략을 따라잡기 위해서는 인터넷 비즈니스 전반에 대한 경쟁력 확보와 함께 BM 특허에 관한 준비와 활성화 계획을 철저히 마련하는 것이 중요하다. 그리하여 우리 나라의 인터넷 비즈니스 모델이 cyber market에서 공격성과 방어성을 모두 갖춘 우수한 모델로 키워나가야 한다.

• Annual Conference of KIPS
• /
• 2021.05a
• /
• pp.132-135
• /
• 2021

최근 네트워크의 확장으로 인한 공격 벡터의 증가로 외부자뿐 아니라 내부자를 경계해야 할 필요성이 증가함에 따라, 이를 다룬 보안 모델인 제로트러스트 모델이 주목받고 있다. 이 논문에서는 reverse proxy 와 사용자 패턴 인식 AI 를 이용한 제로트러스트 아키텍처를 제시하며 제로트러스트의 구현 가능성을 보이고, 새롭고 효율적인 전처리 과정을 통해 효과적으로 사용자를 인증할 수 있음을 제시한다. 이를 위해 사용자별로 마우스 사용 패턴, 리소스 사용 패턴을 인식하는 딥러닝 모델을 설계하였다. 끝으로 제로트러스트 모델에서 사용자 패턴 인식의 활용 가능성과 확장성을 보인다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.679-691
• /
• 2016

As vehicle started to contain many different communication devices, collecting external information became possible in IoT environment. In such environment, remotely controling vehicle is possible when vehicle information is obtained by looking in to vehicle network through smart device. However, android based smart device applications are vulnerable to malicious modulation and redistribution. Modulated android application can lead to vehicle information disclosure that could bring about vehicle control accident which becomes threat to drivers. furthermore, since vehicles today does not contain security methods to protect it, they are very vulnerable to security threats which can cause serious damage to users and properties. In this paper, many different vehicle management android applications that are sold in Google Play has been analyzed. With this information, possible threats that could happen in vehicle management applications are being analysed to prove the risks. the experiment is done on actual vehicle to prove the risks. Also, access control method to protect the vehicle against malicious actions that could happen through external network in IoT environment is suggested in the paper.

• The Korean Journal of Applied Statistics
• /
• v.34 no.3
• /
• pp.449-460
• /
• 2021

ASVspoof 2017 deals with detection of replay attacks and aims to classify real human voices and fake voices. The spoofed voice refers to the voice that reproduces the original voice by different types of microphones and speakers. data augmentation research on image data has been actively conducted, and several studies have been conducted to attempt data augmentation on voice. However, there are not many attempts to augment data for voice replay attacks, so this paper explores how audio modification through data augmentation techniques affects the detection of replay attacks. A total of 7 data augmentation techniques were applied, and among them, dynamic value change (DVC) and pitch techniques helped improve performance. DVC and pitch showed an improvement of about 8% of the base model EER, and DVC in particular showed noticeable improvement in accuracy in some environments among 57 replay configurations. The greatest increase was achieved in RC53, and DVC led to an approximately 45% improvement in base model accuracy. The high-end recording and playback devices that were previously difficult to detect were well identified. Based on this study, we found that the DVC and pitch data augmentation techniques are helpful in improving performance in the voice spoofing detection problem.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1215-1225
• /
• 2021

Although Artificial Intelligence (AI) techniques have shown impressive performance in various fields, they are vulnerable to adversarial examples which induce misclassification by adding human-imperceptible perturbations to the input. Previous studies to defend the adversarial examples can be classified into three categories: (1) model retraining methods; (2) input transformation methods; and (3) adversarial examples detection methods. However, even though the defense methods against adversarial examples have constantly been proposed, there is no research to classify the type of adversarial attack. In this paper, we proposed an adversarial attack family classification method based on dimensionality reduction and clustering. Specifically, after extracting adversarial perturbation from adversarial example, we performed Linear Discriminant Analysis (LDA) to reduce the dimensionality of adversarial perturbation and performed K-means algorithm to classify the type of adversarial attack family. From the experimental results using MNIST dataset and CIFAR-10 dataset, we show that the proposed method can efficiently classify five tyeps of adversarial attack(FGSM, BIM, PGD, DeepFool, C&W). We also show that the proposed method provides good classification performance even in a situation where the legitimate input to the adversarial example is unknown.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.873-883
• /
• 2017

As Ransomware spreads, the target of the attack shifted from a single personal to organizations which lead attackers to be more intelligent and systematic. Thus, Ransomware's threats to domestic infrastructure, including the financial industry, have grown to a level that cannot be ignored. As a measure against these security issues, organizations use ISMS, which is an information protection management system. However, it is difficult for management to make decisions on the loss done by the security issues since amount of the damage done can not be calculated with just ISMS. In this paper, through FAIR-based loss measurement model based on scenario's to identify the extent of damage and calculate the reasonable damages which has been considered to be the problem of the ISMS, we identified losses and risks of Ransomeware on the financial industry and method to reduce the loss by applying the current ISMS and ISO 27001 control items rather than modifying the ISMS.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.115-123
• /
• 2020

Cyber Attack have evolved more and more in recent years. One of the best countermeasure to counter this advanced and sophisticated cyber threat is to predict cyber attacks in advance. It requires a lot of information and effort to predict cyber threats. If we use Open Source Intelligence(OSINT), the core of recent information acquisition, we can predict cyber threats more accurately. In order to predict cyber threats using OSINT, it is necessary to establish a Database(DB) for cyber attacks from OSINT and to select factors that can evaluate cyber threats from the established DB. We are based on previous researches that built a cyber attack DB using data mining and analyzed the importance of core factors among accumulated DG factors by AHP technique. In this research, we present a method for quantifying cyber threats and propose a cyber threats prediction model based on artificial neural networks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.945-956
• /
• 2020

The publication of data is essential in order to receive high quality services from many applications. However, if the original data is published as it is, there is a risk that sensitive information (political tendency, disease, ets.) may reveal. Therefore, many research have been proposed, not the original data but the synthetic data generating and publishing to privacy preserve. but, there is a risk of privacy leakage still even if simply generate and publish the synthetic data by various attacks (linkage attack, inference attack, etc.). In this paper, we propose a synthetic data generation algorithm in which privacy preserved by applying differential privacy the latest privacy protection technique to GAN, which is drawing attention as a synthetic data generative model in order to prevent the leakage of such sensitive information. The generative model used CGAN for efficient learning of labeled data, and applied Rényi differential privacy, which is relaxation of differential privacy, considering the utility aspects of the data. And validation of the utility of the generated data is conducted and compared through various classifiers.