• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.871-879
• /
• 2020

Perceptual Ad-Blocking is a new advertising blocking technique that detects online advertising by using an artificial intelligence-based advertising image classification model. A recent study has shown that these Perceptual Ad-Blocking models are vulnerable to adversarial attacks using adversarial examples to add noise to images that cause them to be misclassified. In this paper, we prove that existing perceptual Ad-Blocking technique has a weakness for several adversarial example and that Defense-GAN and MagNet who performed well for MNIST dataset and CIFAR-10 dataset are good to advertising dataset. Through this, using Defense-GAN and MagNet techniques, it presents a robust new advertising image classification model for adversarial attacks. According to the results of experiments using various existing adversarial attack techniques, the techniques proposed in this paper were able to secure the accuracy and performance through the robust image classification techniques, and furthermore, they were able to defend a certain level against white-box attacks by attackers who knew the details of defense techniques.

• Annual Conference of KIPS
• /
• 2008.11a
• /
• pp.1496-1499
• /
• 2008

DoS/DDoS로 대표되는 트래픽 폭주 공격은 대상 시스템뿐만 아니라 네트워크 대역폭 및 시스템 자원 등을 고갈시킴으로써 네트워크에 심각한 장애를 유발하기 때문에, 신속한 공격 탐지와 공격유형별 분류는 안정적인 서비스 제공 및 시스템 운영에 필수요건이다. 본 논문에서는 1) 데이터마이닝의 대표적인 분류 모델인 C4.5 알고리즘을 기반으로 SNMP MIB 정보를 사용하여 트래픽 폭주공격을 탐지하고 각 공격유형별 분류를 수행하는 시스템을 설계 및 구현하였다; 2) C4.5에서 추가적으로 제공하는 동작원리에 관한 규칙들을 상세히 분석함으로써 공격탐지 및 공격유형별 분류에 관한 시스템의 의미론적 해석을 시도하였다; 3) C4.5는 주어진 SNMP MIB의 속성들의 정보이익 값을 이용하여 예측모형을 구축하는 알고리즘으로, 특징선택 및 축소의 효과를 추가적으로 얻었다. 따라서 시스템의 운용 시, 제안된 모델은 전체 13개의 MIB 정보 중 5개의 MIB 정보만을 사용하여 보다 신속하고, 정확하며, 또한 가벼운 공격탐지 및 공격유형별 분류를 수행함으로써 네트워크 시스템의 자원관리와 효율적인 시스템 운영에 기여하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.997-1008
• /
• 2022

Today, AI(Artificial Intelligence) technology is being extensively researched in various fields, including the field of malware detection. To introduce AI systems into roles that protect important decisions and resources, it must be a reliable AI model. AI model that dependent on training dataset should be verified to be robust against new attacks. Rather than generating new malware detection, attackers find malware detection that succeed in attacking by mass-producing strains of previously detected malware detection. Most of the attacks, such as adversarial attacks, that lead to misclassification of AI models, are made by slightly modifying past attacks. Robust models that can be defended against these variants is needed, and the Robustness level of the model cannot be evaluated with accuracy and recall, which are widely used as AI evaluation indicators. In this paper, we experiment a framework to evaluate robustness level by generating an adversarial sample based on one of the adversarial attacks, C&W attack, and to improve robustness level through adversarial training. Through experiments based on malware dataset in this study, the limitations and possibilities of the proposed method in the field of malware detection were confirmed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.1099-1110
• /
• 2023

The recognition system of autonomous driving and robot navigation performs vision work such as object recognition, tracking, and lane detection after multi-sensor fusion to improve performance. Currently, research on a deep learning model based on the fusion of a camera and a lidar sensor is being actively conducted. However, deep learning models are vulnerable to adversarial attacks through modulation of input data. Attacks on the existing multi-sensor-based autonomous driving recognition system are focused on inducing obstacle detection by lowering the confidence score of the object recognition model.However, there is a limitation that an attack is possible only in the target model. In the case of attacks on the sensor fusion stage, errors in vision work after fusion can be cascaded, and this risk needs to be considered. In addition, an attack on LIDAR's point cloud data, which is difficult to judge visually, makes it difficult to determine whether it is an attack. In this study, image scaling-based camera-lidar We propose an attack method that reduces the accuracy of LCCNet, a fusion model (camera-LiDAR calibration model). The proposed method is to perform a scaling attack on the point of the input lidar. As a result of conducting an attack performance experiment by size with a scaling algorithm, an average of more than 77% of fusion errors were caused.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.1021-1030
• /
• 2021

This paper proposes S-CAFG(Stage-based Cyber Attack Flow Graph), a model for effectively describing training scenarios that simulate modern complex cyber attacks. On top of existing graph and tree models, we add a stage node to model more complex scenarios. In order to evaluate the proposed model, we create a complicated scenario and compare how the previous models and S-CAFG express the scenario. As a result, we confirm that S-CAFG can effectively describe various attack scenarios such as simultaneous attacks, additional attacks, and bypass path selection.

• Annual Conference of KIPS
• /
• 2022.11a
• /
• pp.803-805
• /
• 2022

자율주행의 시대가 도래함에 따라, 딥러닝 모델에 대한 적대적 공격 위험이 함께 증가하고 있다. 카메라 기반 자율주행차량이 공격받을 경우 보행자나 표지판 등에 대한 오분류로 인해 심각한 사고로 이어질 수 있어, 자율주행 시스템에서의 적대적 공격에 대한 방어 및 보안 기술 연구가 필수적이다. 이에 본 논문에서는 GTSRB 표지판 데이터를 이용하여 각종 공격 및 방어 기법을 개발하고 제안한다. 시간 및 정확도 측면에서 성능을 비교함으로써, 자율주행에 최적인 모델을 탐구하고 더 나아가 해당 모델들의 완전자율주행을 위한 발전 방향을 제안한다.

• Annual Conference of KIPS
• /
• 2024.05a
• /
• pp.302-305
• /
• 2024

딥 러닝 기술의 급속한 발전과 더불어, 이를 활용한 모델들에 대한 보안 위협도 증가하고 있다. 이들 중, 모델의 입출력 데이터를 이용해 내부 구조를 복제하려는 모델 추출 공격은 딥 러닝 모델 훈련에 높은 비용이 필요하다는 점에서 반드시 막아야 할 중요한 위협 중 하나라고 할 수 있다. 본 연구는 다양한 모델 추출 공격 기법과 이를 방어하기 위한 최신 연구 동향을 종합적으로 조사하고 분석하는 것을 목표로 하며, 또한 이를 통해 현재 존재하는 방어 메커니즘의 효과성을 평가하고, 향후 발전 가능성이 있는 새로운 방어 전략에 대한 통찰력을 제공하고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.669-677
• /
• 2020

As the number of Internet users exploded, attacks on the web increased. In addition, the attack patterns have been diversified to bypass existing defense techniques. Traditional web firewalls are difficult to detect attacks of unknown patterns.Therefore, the method of detecting abnormal behavior by artificial intelligence has been studied as an alternative. Specifically, attempts have been made to apply natural language processing techniques because the type of script or query being exploited consists of text. However, because there are many unknown words in scripts and queries, natural language processing requires a different approach. In this paper, we propose a new classification model which uses byte pair encoding (BPE) technology to learn the embedding vector, that is often used for web attack payloads, and uses an attention mechanism-based Bi-GRU neural network to extract a set of tokens that learn their order and importance. For major web attacks such as SQL injection, cross-site scripting, and command injection attacks, the accuracy of the proposed classification method is about 0.9990 and its accuracy outperforms the model suggested in the previous study.

• Annual Conference of KIPS
• /
• 2022.11a
• /
• pp.709-711
• /
• 2022

ICT 기술의 빠른 발전과 함께 Internet of Things (IoT) 환경에서의 Internet Protocol (IP) 카메라의 사용률이 증가하면서, IP 카메라에 대한 개인정보 이슈와 제품의 보안성 검토 관련 소비자의 개인정보 유출 우려가 증가하고 있다. 본 논문에서는, IP 카메라에 대한 4개 종류의 Denial of Service (DoS) 공격을 통해 IP 카메라 이상 반응을 확인했다. 또한, 이 과정에서 수집한 공격 패킷 데이터를 기반으로, DoS 공격을 탐지하는 간단한 피쳐 구성과 머신러닝 모델을 제안하였다. 최종적으로, DoS 공격을 통해 실제 IP 카메라에 대한 가용성 테스트를 수행하였으며 머신러닝 알고리즘 4개 Decision Tree, Random Forest, Multilayer Perceptron, SVM에서의 DoS 공격 탐지 성능을 비교하였다.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.1-13
• /
• 2022

As the information and communication environment develops, the environment of military facilities is also development remarkably. In proportion to this, cyber threats are also increasing, and in particular, APT attacks, which are difficult to prevent with existing signature-based cyber defense systems, are frequently targeting military and national infrastructure. It is important to identify attack groups for appropriate response, but it is very difficult to identify them due to the nature of cyber attacks conducted in secret using methods such as anti-forensics. In the past, after an attack was detected, a security expert had to perform high-level analysis for a long time based on the large amount of evidence collected to get a clue about the attack group. To solve this problem, in this paper, we proposed an automation technique that can classify an attack group within a short time after detection. In case of APT attacks, compared to general cyber attacks, the number of attacks is small, there is not much known data, and it is designed to bypass signature-based cyber defense techniques. As an attack model, we used MITRE ATT&CK® which modeled many parts of cyber attacks. We design an impact score considering the versatility of the attack techniques and proposed a group similarity score based on this. Experimental results show that the proposed method classified the attack group with a 72.62% probability based on Top-5 accuracy.