• The Journal of the Convergence on Culture Technology
• /
• v.4 no.2
• /
• pp.197-204
• /
• 2018

One of the hottest issues in our 21st century is AI. Just as the automation of manual labor has been achieved through the Industrial Revolution in the agricultural society, the intelligence information society has come through the SW Revolution in the information society. With the advent of Google 'Alpha Go', the computer has learned and predicted its own machine learning, and now the time has come for the computer to surpass the human, even to the world of Baduk, in other words, the computer. Machine learning ML (machine learning) is a field of artificial intelligence. Machine learning ML (machine learning) is a field of artificial intelligence, which means that AI technology is developed to allow the computer to learn by itself. The time has come when computers are beyond human beings. Many companies use machine learning, for example, to keep learning images on Facebook, and then telling them who they are. We also used a neural network to build an efficient energy usage model for Google's data center optimization. As another example, Microsoft's real-time interpretation model is a more sophisticated translation model as the language-related input data increases through translation learning. As machine learning has been increasingly used in many fields, we have to jump into the AI industry to move forward in our 21st century society.

• Review of KIISC
• /
• v.28 no.2
• /
• pp.33-42
• /
• 2018

머신러닝 및 인공지능 기술의 발전은 다양한 분야 활용되고 있고, 이는 보안 분야에서도 마찬가지로 로그 분석이나, 악성코드 탐지, 취약점 탐색 및 대응 등 다양한 분야에서 자동화를 위한 연구가 진행되고 있다. 특히 취약점 탐색 및 대응 분야의 경우 2016년 데프콘에서 진행된 CGC를 필두로 바이너리나 소스코드 내의 취약점을 정확하게 탐색하고 패치하기 위해 다양한 연구가 시도되고 있다. 이에 본 논문에서는 취약점을 탐색 및 대응하기 위해 각 연구 별 탐색 기술과 대응 기술을 분류 및 분석한다.

• Smart Media Journal
• /
• v.11 no.11
• /
• pp.75-83
• /
• 2022

NIST in the United States has developed SCAP, a protocol that enables automated inspection and management of security vulnerability using existing standards such as CVE and CPE. SCAP operates by creating a checklist using the XCCDF and OVAL languages and running the prepared checklist with the SCAP tool such as the SCAP Workbench made by OpenSCAP to return the check result. SCAP checklist files for various operating systems are shared through the NCP community, and the checklist files include ID, title, description, and inspection method for each item. However, since the inspection items are simply listed in the order in which they are written, so it is necessary to classify and manage the items by type so that the security manager can systematically manage them using the SCAP checklist file. In this study, we propose a method of extracting the description of each inspection item from the SCAP checklist file written in OVAL language, classifying the categories through a machine learning model, and outputting the SCAP check results for each classified item.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.193-200
• /
• 2022

Unknown cryptographic communication protocols may have advantage of guaranteeing personal and data privacy, but when used for malicious purposes, it is almost impossible to identify and respond to using existing network security equipment. In particular, there is a limit to manually analyzing a huge amount of traffic in real time. Therefore, in this paper, we attempt to identify packets of unknown cryptographic communication protocols and separate fields comprising a packet by using machine learning techniques. Using sequential patterns analysis, hierarchical clustering, and Pearson's correlation coefficient, we found that the structure of packets can be automatically analyzed even for an unknown cryptographic communication protocol.

• Annual Conference of KIPS
• /
• 2021.11a
• /
• pp.391-392
• /
• 2021

해마다 실내 냉방기 냉매누설 문제가 고질적으로 반복되며 소비자들의 피해도 커져가고 있다. 특히 제조사와 설치 업체가 다른 경우 냉매 누수의 원인이 제품인지, 설치하자인지 책임소재를 두고 갈등을 빚는 경우가 빈번하다. 이에 더 이상 소비자들의 피해를 막기 위해 냉매누설 검출 방안 마련이 필요해 보인다. 본 연구에서는 실내 냉방기 설치 후 냉매누설 검출을 위한 별도의 하드웨어 장치 추가 없이 냉방기의 운영을 위해 설치된 센서들의 값을 이용하여 냉매누설의 유무를 판단할 수 있는 방안을 제안하는 것을 목적으로 한다. 데이터 분석을 위하여 제조사의 제품 출하 전 현장 테스트 단계에서 측정한 온도값, 전류값, 습도값을 취합하여 데이터 셋을 구축하였다. 이때 자동화된 머신러닝(AutoML)을 이용하여 데이터의 80%를 훈련 데이터로 20%를 테스트 데이터로 사용하여 냉매량 80%는 1, 그 이하는 0으로 훈련시켰다. 구축한 데이터 셋을 이용하여 훈련시킨 결과 99% 정확도로 냉매누설 검출을 분별할 수 있었다. 또한 냉매누설과 관련성이 높은 중요 특징 4개를 추출할 수 있었다. 본 연구를 통하여 별도의 하드웨어 장치 추가 없이 소프트웨어적인 접근 방법으로 문제를 해결할 수 있는 feasibility를 확인할 수 있었다.

• The Journal of Society for e-Business Studies
• /
• v.26 no.3
• /
• pp.1-20
• /
• 2021

As the Great Reset is discussed at the World Economic Forum due to the COVID-19 pandemic, artificial intelligence, the driving force of the 4th industrial revolution, is also in the spotlight. However, corporate research in the field of artificial intelligence is still scarce. Since 2000, related research has focused on how to create value by applying artificial intelligence to existing companies, and research on how startups seize opportunities and enter among existing businesses to create new value can hardly be found. Therefore, this study analyzed the cases of startups using the comprehensive framework of the multi-level perspective with the research question of how artificial intelligence based startups, a sub-industry of software, have different innovation patterns from the existing software industry. The target firms are gazelle firms that have been certified as venture firms in South Korea, as start-ups within 7 years of age, specializing in machine learning modeling purposively sampled in the medical, finance, marketing/advertising, e-commerce, and manufacturing fields. As a result of the analysis, existing software companies have achieved process innovation from an enterprise-wide integration perspective, in contrast machine learning technology based startups identified unit processes that were difficult to automate or create value by dismantling existing processes, and automate and optimize those processes based on data. The contribution of this study is to analyse the birth of artificial intelligence-based startups and their innovation patterns while validating the framework of an integrated multi-level perspective. In addition, since innovation is driven based on data, the ability to respond to data-related regulations is emphasized even for start-ups, and the government needs to eliminate the uncertainty in related systems to create a predictable and flexible business environment.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.21 no.4
• /
• pp.64-80
• /
• 2018

In Korea, citizens can only know general information about crime. Thus it is difficult to know how much they are exposed to crime. If the police can predict the crime risky area, it will be possible to cope with the crime efficiently even though insufficient police and enforcement resources. However, there is no prediction system in Korea and the related researches are very much poor. From these backgrounds, the final goal of this study is to develop an automated crime prediction system. However, for the first step, we build a big data set which consists of local real crime information and urban physical or non-physical data. Then, we developed a crime prediction model through machine learning method. Finally, we assumed several possible scenarios and calculated the probability of crime and visualized the results in a map so as to increase the people's understanding. Among the factors affecting the crime occurrence revealed in previous and case studies, data was processed in the form of a big data for machine learning: real crime information, weather information (temperature, rainfall, wind speed, humidity, sunshine, insolation, snowfall, cloud cover) and local information (average building coverage, average floor area ratio, average building height, number of buildings, average appraised land value, average area of residential building, average number of ground floor). Among the supervised machine learning algorithms, the decision tree model, the random forest model, and the SVM model, which are known to be powerful and accurate in various fields were utilized to construct crime prevention model. As a result, decision tree model with the lowest RMSE was selected as an optimal prediction model. Based on this model, several scenarios were set for theft and violence cases which are the most frequent in the case city J, and the probability of crime was estimated by $250{\times}250m$ grid. As a result, we could find that the high crime risky area is occurring in three patterns in case city J. The probability of crime was divided into three classes and visualized in map by $250{\times}250m$ grid. Finally, we could develop a crime prediction model using machine learning algorithm and visualized the crime risky areas in a map which can recalculate the model and visualize the result simultaneously as time and urban conditions change.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.587-596
• /
• 2024

Cyber Attack and Cyber Threat are getting confused and evolved. Therefore, using AI(Artificial Intelligence), which is the most important technology in Fourth Industry Revolution, to build a Cyber Threat Detection System is getting important. Especially, Government's SOC(Security Operation Center) is highly interested in using AI to build SOAR(Security Orchestration, Automation and Response) Solution to predict and build CTI(Cyber Threat Intelligence). In this thesis, We introduce the Cyber Threat Detection System by analyzing Network Traffic and Web Application Firewall(WAF) Log data. Additionally, we apply the well-known TF-IDF(Term Frequency-Inverse Document Frequency) method and AutoML technology to classify Web traffic attack type.

• Annual Conference of KIPS
• /
• 2022.05a
• /
• pp.448-451
• /
• 2022

주식과 암호화폐 거래는 매매방식에 있어서 유사한 점이 있지만 기업의 사업분야, 자본금, 순이익 등의 경영현황과 미래가치에 영향을 많이 받는 주식과는 다르게 암호화폐는 실물 실체가 없으며 탈중앙화, 전산화된 데이터를 기반으로 하며 심리적인 요소가 크게 작용하여 단기적인 변동이 클 수 있다. 본 연구에서는 이러한 암호화폐 거래의 특성을 활용하여 특정 암호화폐에 관련된 뉴스기사들을 수집하고 그 암호화폐의 가격 변화 데이터와 연관되어 가격예측 딥러닝 모델을 생성하고 해당 암호화폐에 대한 신규 뉴스기사가 발생되었을 때 이를 이용하여 매수, 매도, 관망 등과 같은 매매 정보를 예측 적용할 수 있게 하였다. 첫째, 뉴스 기사에서 언급한 암호화폐를 매수, 매도, 관망 중 어느 편이 좋을 것인지 추천하는 알고리즘을 구현하였고, 둘째, 매수 이후 매매 차익을 위한 매도 시점이나 매도 이후 저가매수에 유리한 시점을 제안하는 알고리즘을 구현하였다. 또한, 실시간 뉴스기사 수집 및 예측한 매매 판단에 따라 매매 자동화 시스템을 구현하여 수익률을 직접 확인함으로써 그 유효성을 검증하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.31-40
• /
• 2024

Recently, static analysis-based signature and pattern detection technologies have limitations due to the advanced IT technologies. Moreover, It is a compatibility problem of multiple architectures and an inherent problem of signature and pattern detection. Malicious codes use obfuscation and packing techniques to hide their identity, and they also avoid existing static analysis-based signature and pattern detection techniques such as code rearrangement, register modification, and branching statement addition. In this paper, We propose an LLVM IR image-based automated static analysis of malicious code technology using machine learning to solve the problems mentioned above. Whether binary is obfuscated or packed, it's decompiled into LLVM IR, which is an intermediate representation dedicated to static analysis and optimization. "Therefore, the LLVM IR code is converted into an image before being fed to the CNN-based transfer learning algorithm ResNet50v2 supported by Keras". As a result, we present a model for image-based detection of malicious code.