• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.621-635
• /
• 2012

Although most proposed security schemes have scrutinized their own security models for protecting different types of threats and attacks, this naturally causes a problem as follows-- if a security analysis tool would fit a certain scheme, it may not be proper to other schemes. In order to address this problem, this paper analyzes how security requirements of each paper could be different by comparing with two schemes: Agrawal et al.'s scheme OPES (Order Preserving Encryption Scheme) and Zdonik et al.'s FCE (Fast Comparison Encryption). Zdonik et al. have formally disproved the security of Agrawal et al.'s scheme OPES. Thereafter, some scholars have wondered whether the OPES can guarantee its applicability in a real world for its insecurity or not. However, the analysis by Zdonik et al. does not have valid objectivity because they used the security model INFO-CPA-DB for their scheme FCE to analyze Agrawal et al.'s scheme OPES, in spite of the differences between two schemes. In order to analyze any scheme correctly and apply it to a real world properly, the analysis tool should be comprehensively standardized. We re-analyze Zdonik et al.'s analysis for OPES and then propose general formalizations of security and privacy for all of the encrypted retrieval systems. Finally, we recommend the minimum level of security requirements under our formal definitions. Additional considerations should be also supplemented in accordance with the conditions of each system.

• KIPS Transactions on Software and Data Engineering
• /
• v.12 no.2
• /
• pp.99-110
• /
• 2023

This study proposed a classification of malicious network traffic using the cyber threat framework(Mitre ATT&CK) and machine learning to solve the real-time traffic detection problems faced by current security monitoring systems. We applied a network traffic dataset called UNSW-NB15 to the Mitre ATT&CK framework to transform the label and generate the final dataset through rare class processing. After learning several boosting-based ensemble models using the generated final dataset, we demonstrated how these ensemble models classify network traffic using various performance metrics. Based on the F-1 score, we showed that XGBoost with no rare class processing is the best in the multi-class traffic environment. We recognized that machine learning ensemble models through Mitre ATT&CK label conversion and oversampling processing have differences over existing studies, but have limitations due to (1) the inability to match perfectly when converting between existing datasets and Mitre ATT&CK labels and (2) the presence of excessive sparse classes. Nevertheless, Catboost with B-SMOTE achieved the classification accuracy of 0.9526, which is expected to be able to automatically detect normal/abnormal network traffic.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.4
• /
• pp.83-89
• /
• 2024

After the end of the service of Internet Explorer, the use of ActiveX ended, and the Non-ActiveX policy spread. HTML5 is used as a standard protocol for web pages established based on the Non-ActiveX policy. HTML5, developed in the W3C(World Wide Web Consortium), provides a better web application experience through API, with various elements and properties added to the browser without plug-in. However, new security vulnerabilities have been discovered from newly added technologies, and these vulnerabilities have widened the scope of attacks. There is a lack of research to find possible security vulnerabilities in HTML5-applied websites. This paper proposes a model for detecting tags and attributes with web vulnerabilities by detecting and analyzing security vulnerabilities in web pages of public institutions where plug-ins have been removed within the last five years. If the proposed model is applied to the web page, it can analyze the compliance and vulnerabilities of the web page to date even after the plug-in is removed, providing reliable web services. And it is expected to help prevent financial and physical problems caused by hacking damage.

• Korean Journal of Social Welfare
• /
• v.51
• /
• pp.29-61
• /
• 2002

This study was designed to find out the determinants of types of bullying behavior, and the effects of types of bullying behavior on the bullies. For this purpose, a hypothetical model which explains the relationships among 6 environmental factors, 5 types of bullying behavior, and 5 outcome variables for the bullies was developed. Using the data collected from 177 junior and high school students who have bullied the other students, the hypothetical model was tested. For data analysis, a path analysis was used, and the best-fitting model was found (df=78, GFI=0.953, CFI=1.00). As a result of analyzing the model, types of bullying behavior were found to be determined by the different environmental factors: Isolation was determined by 2 factors (feeling of isolation from friends, exposure to bullying), social bullying by 2 factors (lack of support from parents, exposure to bullying), verbal bullying by conflicts with parents, physical bullying by 3 factors (lack of support from parents, exposure to isolation and exposure to bullying), and instrumental bullying by lack of support from parents. On the other hand, the pleasure that the bullies feel after bullying behavior was increased by isolation, verbal bullying and physical bullying, while decreased by instrumental bullying. Guilt feeling was decreased by isolation and instrumental bullying, while increased by physical bullying. Isolation increased the tendency of blaming the victim. Isolation and instrumental bullying increased bullies' self-esteem, while social bullying decreased self-esteem. Verbal bullying increased the extent of bullying, while instrumental bullying decreased the extent of bullying. Based on the findings, the intervention strategies to change the bullies' attitudes toward victim, and to increase social support from the significant others as well as the effective ways to reorganize the school environment in order to reduce and prevent bullying behavior were suggested.

• Korean Journal of Social Welfare
• /
• v.55
• /
• pp.255-281
• /
• 2003

This study sought to explore factors affecting the adjustment of children living in shelters for battered women. Specifically, the impact of domestic violence on children's internal and external adjustment was examined using data from two samples: children who were exposed to marital violence and those who did not have violent experience. Likewise, this study identified the variables that distinguished the "resilient" children from the maladjusted group. The pathways by which protective factors considerably affected children's adjustment were also investigated. A total of 72 children in a women's shelter and their mothers and 76 children in nonviolent homes and their mothers were considered. ANOVA, logistic regression models, and path analysis were employed to process the data. Results revealed that children of battered women demonstrated a high frequency of aggressive and delinquent behaviors and had poor academic achievement and depressive mood compared to children coming from nonviolent homes. Likewise, children who were exposed to marital violence and were physically abused themselves were more likely show aggressive or delinquent behaviors compared to those who only witnessed marital violence. In addition, social support was found to be a protective factor in academic achievement. Predictors of delinquent behavior included the mother's education and income as well as the children's age and social support. Factors related to children's self-esteem included the social support and the mother's self-esteem. Moreover, woman battering has a direct effect on children's adjustment as well as indirect effect through children's academic achievement and self-esteem. Finally, woman battering indirectly affected children's academic achievement through the mother's depression or the child's social support. Based on these findings, practical implications of enhancing children's adjustment were discussed.

• Informatization Policy
• /
• v.23 no.4
• /
• pp.76-94
• /
• 2016

Recently in Korea, the importance of information security awareness has been receiving a growing attention. Attacks such as social engineering and ransomware are hard to be prevented because it cannot be solved by information security technology. Also, the profitability of information security industry has been decreasing for years. Therefore, many companies try to find a new growth-engine and an entry to the foreign market. The main purpose of this paper is to draw out some information security issues and to analyze them. Finally, this study identifies issues and suggests how to improve the situation in Korea. For this, topic modeling analysis has been used to find information security issues of each country. Moreover, the score of sentiment analysis has been used to compare them. The study is exploring and explaining what critical issues are and how to improve the situation based on the identified issues of the Korean information security industry. Also, this study is also demonstrating how text mining can be applied to the context of information security awareness. From a pragmatic perspective, the study has the implications for information security enterprises. This study is expected to provide a new and realistic method for analyzing domestic and foreign issues using the analysis of real data of the Twitter API.

• The KIPS Transactions:PartC
• /
• v.18C no.5
• /
• pp.331-338
• /
• 2011

The RFID system includes a section of wireless communication between the readers and the tags. Because of its vulnerability in terms of security, this part is always targeted by attackers and causes various security problems including the leakage of secret and the invasion of privacy. In response to these problems, various protocols have been proposed, but because many of them have been hardly implementable they have been limited to theoretical description and theorem proving without the accurate verification of their safety. Thus, this study tested whether the protocol proposed by Kenji et al. satisfies security requirements, and identified its vulnerabilities such as the exposure of IDs and messages. In addition, we proposed an improved RFID security protocol that reduced the number of public keys and random numbers. As one of its main characteristics, the proposed protocol was designed to avoid unnecessary calculations and to remove vulnerabilities in terms of security. In order to develop and verify a safe protocol, we tested the protocol using Casper and FDR(Failure Divergence Refinements) and confirmed that the proposed protocol is safe in terms of security. Furthermore, the academic contributions of this study are summarized as follows. First, this study tested the safety of a security protocol through model checking, going beyond theorem proving. Second, this study suggested a more effective method for protocol development through verification using FDR.

• Journal of Life Science
• /
• v.20 no.9
• /
• pp.1294-1298
• /
• 2010

White spot syndrome virus (WSSV) is one of the most virulent viral agents threatening the penaeid shrimp culture industry. This study was carried out to evaluate the susceptibility of the sand shrimp, Crangon affinis, to WSSV as an alternative experimental model. WSSV caused 100% mortality in C. affinis within 7 days after experimental infection by immersion. Based on challenge studies, it was confirmed that C. affinis could be a potential host in WSSV transmission. Also, the neutralization of WSSV was carried out using an antiserum raised against recombinant envelop protein rVP466 to evaluate the WSSV infection mechanism. A constant amount of WSSV (at $1{\times}10^4$ diluted stocks) was incubated with various amounts of antiserum and then mixed to 20 l reservoir for the immersion challenge of C. affinis for neutralization. At 5 days post challenge, the shrimp in the positive control immersed in the immersion reservoir containing WSSV stock showed 100% mortality. The shrimps challenged with the 3 different mixtures of WSSV and rVP466 antiserum (1:0.1, 1:0.5 and 1:1) showed 100%, 68.8% and 68.8% mortality at 14 days post challenge, respectively. These results indicated that the antiserum raised against rVP466 could block WSSV infection in C. affinis. Therefore, this study confirmed that C. affinis can be naturally infected by WSSV as another potential host and that C. affinis can be used as an alternative experimental animal instead of penaeid shrimps.

• Journal of Internet Computing and Services
• /
• v.21 no.1
• /
• pp.17-31
• /
• 2020

With the rapid development of block chain technology, attempts have been made to put the block chain technology into practical use in various fields such as finance and logistics, and also in the public sector where data integrity is very important. Defense Operations In addition, strengthening security and ensuring complete integrity of the command communication network is crucial for operational operation under the network-centered operational environment (NCOE). For this purpose, it is necessary to construct a command communication network applying the block chain network. However, the block chain technology up to now can not solve the security issues such as the 51% attack. In particular, the Practical Byzantine fault tolerance (PBFT) algorithm which is now widely used in blockchain, does not have a penalty factor for nodes that behave maliciously, and there is a problem of failure to make a consensus even if malicious nodes are more than 33% of all nodes. In this paper, we propose a Adaptive Consensus Bound PBFT (ACB-PBFT) algorithm that incorporates a penalty mechanism for anomalous behavior by combining the Trust model to improve the security of the PBFT, which is the main agreement algorithm of the blockchain.

• Journal of Life Science
• /
• v.14 no.2
• /
• pp.280-285
• /
• 2004

The ovarian hormone-deficiency induced ovariectomy rat is widely used as an aging model due to its practicality, convenience, and cost effectiveness. The surgically ovariectomized rat induces reactive oxygen species (ROS) generation like aging phenomena. Free oxygen radicals have been proposed as important causative agents of aging. The purpose of this study was to investigate the effect of chondroitin sulfate (CS) to prevent ovariectomy (OVX)-induced oxidative stress. The OVX rats were given intraperitoneally CS at doses of 100 mg/kg and 200 mg/kg daily for fifteen weeks. Malondialdehyde (MDA) levels were determined as well as the activities of superoxide dismutase (SOD), catalase (CAT), reduced-glutathione (GSH), oxidized-glutathione (GSSG), glutathione peroxidase (GPx) in the liver. The liver antioxidative enzyme activity was elevated while MDA concentration decreased in all CS treated animals. The results demonstrated that CS reduced oxidative stress in a dose dependent manner. These results suggest that CS might be a useful candidate for antioxidative reagent.