• The Journal of the Korean bone and joint tumor society
• /
• v.9 no.1
• /
• pp.101-104
• /
• 2003

Folope et al(1999) reported soft tissue giant cell tumor which was similar to malignant giant cell tumor in clinical, pathologic, and immunohistological aspect but represented low malignancy. We reported a 30-year-old female suffered from pain and palpable mass on the anterolateral aspect of the right knee for one year. Excisional biopsy from the lesion revealed some giant cells and polymorphous cells containing eosinophilic cytoplasm and vacuolated nucleus. Histopathologic findings of the lesion were consistent with soft tissue giant cell tumor of low malignant potential. Hereby, we report a case of soft tissue giant cell tumor of low malignant potential with a review of the literature.

• Annual Conference of KIPS
• /
• 2016.10a
• /
• pp.193-195
• /
• 2016

오늘날의 백신은 일반적으로 시그니처 기반 탐지법을 이용한다. 시그니처 탐지기법은 악성코드의 특정한 패턴을 비교하여 효율적이고 오탐율이 낮은 기법이다. 하지만 알려지지 않은 악성코드와 난독화 기법이 적용된 악성코드를 분석하는데 한계가 있다. 악성코드를 실행하여 나타나는 행위를 분석하는 동적분석 방법은 특정한 조건에서만 악성행위를 나타내는 은닉형 악성코드(Evasive Malware)를 탐지하는 데 한계를 지닌다. 본 논문에서는 은닉형 악성코드에 적용된 기법에 관하여 소개하고 나아가 이를 탐지하기 위한 방법에 관한 기술동향을 소개한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.549-555
• /
• 2019

According to a recent report by anti-virus vendors, the number of new and modified malware increased exponentially. Therefore, malware analysis research using machine learning has been actively researched in order to replace passive analysis method which has low analysis speed. However, when using supervised learning based machine learning, many studies use low-reliability malware family name provided by the antivirus vendor as the label. In order to solve the problem of low-reliability of malware label, this paper introduces a new labeling technique, "Unified Labeling", and further verifies the malicious behavior similarity through the feature analysis of the fine-grained method. To verify this study, various clustering algorithms were used and compared with existing labeling techniques.

• Annual Conference of KIPS
• /
• 2022.05a
• /
• pp.432-435
• /
• 2022

최근 IT 산업의 지속적인 발전으로 사용자들을 위협하는 악성코드, 피싱, 랜섬웨어와 같은 사이버 공격 또한 계속해서 발전하고 더 지능화되고 있으며 변종 악성코드도 기하급수적으로 늘어나고 있다. 지금까지의 시그니처 패턴 기반의 탐지법으로는 이러한 방대한 양의 알려지지 않은 악성코드를 탐지할 수 없다. 따라서 CNN(Convolutional Neural Network)을 활용하여 악성코드를 탐지하는 기법들이 제안되고 있다. 이에 본 논문에서는 CNN 모델 중 낮은 인식 오류율을 지닌 모델을 선정하여 정확도(Accuracy)와 F1-score 평가 지표를 통해 비교하고자 한다. 두 가지의 악성코드 이미지화 방법을 사용하였으며, 2015 년 이후 ILSVRC 에서 우승을 차지한 모델들과, 추가로 2019 년에 발표된 EfficientNet 을 사용하여 악성코드 이미지를 분류하였다. 그 결과 2 바이트를 한 쌍의 좌표로 변환하여 생성한 256 * 256 크기의 악성코드 이미지를 ResNet-152 모델을 이용해 분류하는 것이 우수한 성능을 보임을 실험적으로 확인하였다.

• Smart Media Journal
• /
• v.8 no.4
• /
• pp.25-32
• /
• 2019

While the development of the Internet has made information more accessible, this also has provided a variety of intrusion paths for malicious programs. Traditional Signature-based malware-detectors cannot identify new malware. Although Dynamic Analysis may analyze new malware that the Signature cannot do, it still is inefficient for detecting variants while most of the behaviors are similar. In this paper, we propose a detection method using behavioral similarity with existing malicious codes, assuming that they have parallel patterns. The proposed method is to extract the behavior targets common to variants and detect programs that have similar targets. Here, we verified behavioral similarities between variants through the conducted experiments with 1,000 malicious codes.

• Journal of the Korean Society of Radiology
• /
• v.83 no.1
• /
• pp.173-177
• /
• 2022

Multilocular cystic renal neoplasm of low malignant potential (MCRNLMP) is a rare subtype of renal cell carcinoma that has a favorable outcome. Most cases of MCRNLMP usually present as distinct multilocular cystic lesions; however, they may appear as small complicated cysts with hemorrhagic components. Herein, we present a case of MCRNLMP and provide a review of the literature.

• Journal of Korean Academy of Oral and Maxillofacial Radiology
• /
• v.23 no.2
• /
• pp.347-355
• /
• 1993

In the pigmented tumors, the diagnosis of malignant melanoma is not alway easy. Primary mucosal melanoma arising in the nose and paranasal sinuses is a rare disease with a generally poor prognosis. Melanoma in these area is frequently silent at the onset and produces insufficient symptoms to force the patient to the physician in the early stages of the disease. The importance of early recognition of melanoma by the physician is emphasized. We have an experience a case of primary malignant melanoma of the nose and paranasal sinuses in a 36-year-old female and present this case with a brief review of literatures.

• The Journal of the Korean dental association
• /
• v.37 no.7 s.362
• /
• pp.517-529
• /
• 1999

본 연구는 태령 19일된 백서 태자 두 개관에서 분리한 골모세포유사세포에 화학발암물질인 7,12-Dimethylbenz(a)anthracene (DMBA: 0.5 ㎍/ml) 및 tumor promotor인 12-O-tetradecanoyl-phorbol-13-acetate (TPA; 1.0 ㎍/ml)를 단독 혹은 복합 처리하여 PTRCC-DMBA, RCC-DMBA 및 RCC-DMBA-TPA 세포주를 확립시키고, 각 세포의 세포형태, 세포성장곡선, alkaline phosphatase와 acid phosphatase 활성 및 in vitro tumorigenicity를 연구하였다. 또한 c-myc, c-랜, c-jun, p53 및 Rb 유전자의 발현변화와 항암단백질인 p53 및 pRb 단백질의 발현변화를 관찰하여 골모세포유사세포가 악성형질전환되는 분자기전의 일단을 연구하고자 시행하였다. 본 실험에 사용한 모든 세포군에서 높은 aikaline phosphatase 활성과 낮은 acid phosphatase/alkaline phosphatase ratio를 보여 골모세포의 특성을 나타내었다. RCC-DMBA와 RCC-DMBA-TPA 세포는 정상세포나 PTRCC-DMBA에 비해 빠른 성장속도를 보였으며, 또한 SOFT AGAR상에서 colony를 형성하여 anchorage-independent growth를 나타내었다. 화학발암 물질로 악성변형된 세포들은 정상세포나 PTRCC-DMBA 세포에 비해 c-myc 유전자의 과발현이 관찰되었다. 정상세포에서 p53 유전자의 발현은 1.9 kb의 message만이 발현되었다. 그러나 화학발암물질로 형질전환된 세포에서는 1.9 kb message외에도 1.6 kb의 message가 더 발현되었으며, message의 양도 현저히 증가되었다. p53 단백질의 발현은 RCC-DMBA-TPA 세포에서 정상세포에 비해 현저히 감소하였으나, RCC-DMBA 세포에서는 유사한 경향을 보였다. Rb 유전자의 발현은 RCC-DMBA-TPA 세포에서만 현저히 감소하였으나, Rb 단백질의 발현은 정상세포에 비해 형질전환된 세포들에서 모두 현저히 감소되었고, 특히 RCC-DMBA-TPA 세포에서는 거의 발현되지 않았다. 이상의 결과에서 백서 태자 두 개관에서 분리한 골모세포유사세포는 화학발암물질인 DMBA에 의해 악성형질전환이 유도되었으며, c-myc의 과발현 및 p53과 Rb 단백질의 발현감소가 정상 골모세포유사세포의 악성변형과정에 밀접히 연관되어 있음을 시사한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.785-796
• /
• 2012

In this paper, we propose an effective Behavior-based detection technique using the frequency of system calls to detect malicious code, when the number of training data is fewer than the number of properties on system calls. In this study, we collect the Native APIs which are Windows kernel data generated by running program code. Then we adopt the normalized freqeuncy of Native APIs as the basic properties. In addition, the basic properties are transformed to new properties by GLDA(Generalized Linear Discriminant Analysis) that is an effective method to discriminate between malicious code and normal code, although the number of training data is fewer than the number of properties. To detect the malicious code, kNN(k-Nearest Neighbor) classification, one of the bayesian classification technique, was used in this paper. We compared the proposed detection method with the other methods on collected Native APIs to verify efficiency of proposed method. It is presented that proposed detection method has a lower false positive rate than other methods on the threshold value when detection rate is 100%.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.9
• /
• pp.634-642
• /
• 2020

With the proliferation of Internet of Things (IoT) devices, using the Linux operating system in various architectures has increased. Also, security threats against Linux-based IoT devices are increasing, and malware variants based on existing malware are constantly appearing. In this paper, we propose a system where the binary data of a visualized Executable and Linkable Format (ELF) file is applied to Local Binary Pattern (LBP) image processing techniques and a median filter to classify malware in a Convolutional Neural Network (CNN). As a result, the original image showed the highest accuracy and F1-score at 98.77%, and reproducibility also showed the highest score at 98.55%. For the median filter, the highest precision was 99.19%, and the lowest false positive rate was 0.008%. Using the LBP technique confirmed that the overall result was lower than putting the original ELF file through the median filter. When the results of putting the original file through image processing techniques were classified by majority, it was confirmed that the accuracy, precision, F1-score, and false positive rate were better than putting the original file through the median filter. In the future, the proposed system will be used to classify malware families or add other image processing techniques to improve the accuracy of majority vote classification. Or maybe we mean "the use of Linux O/S distributions for various architectures has increased" instead? If not, please rephrase as intended.