• Convergence Security Journal
• /
• v.22 no.3
• /
• pp.101-110
• /
• 2022

As the cases of using artificial intelligence in various fields increase, attempts to solve various issues through artificial intelligence in the intrusion detection field are also increasing. However, the black box basis, which cannot explain or trace the reasons for the predicted results through machine learning, presents difficulties for security professionals who must use it. To solve this problem, research on explainable AI(XAI), which helps interpret and understand decisions in machine learning, is increasing in various fields. Therefore, in this paper, we propose an explanatory AI to enhance the reliability of machine learning-based intrusion detection prediction results. First, the intrusion detection model is implemented through XGBoost, and the description of the model is implemented using SHAP. And it provides reliability for security experts to make decisions by comparing and analyzing the existing feature importance and the results using SHAP. For this experiment, PKDD2007 dataset was used, and the association between existing feature importance and SHAP Value was analyzed, and it was verified that SHAP-based explainable AI was valid to give security experts the reliability of the prediction results of intrusion detection models.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.245-261
• /
• 2024

The COVID-19 pandemic has led to the widespread adoption of contactless transactions, resulting in a noticeable increase in the trend towards fully unmanned stores. In such stores, all operational processes are automated, primarily using artificial intelligence (AI) technology. However, this AI technology has several security vulnerabilities, which can be critical in the environment of fully unmanned stores. This paper analyzes the security vulnerabilities that AI-based fully unmanned stores may face, focusing particularly on the object detection model YOLO, demonstrating that Hiding Attacks and Altering Attacks using adversarial patches are possible. It is confirmed that objects with adversarial patches attached may not be recognized by the detection model or may be incorrectly recognized as other objects. Furthermore, the paper analyzes how Data Augmentation techniques can mitigate security threats by providing a defensive effect against adversarial patch attacks. Based on these results, we emphasize the need for proactive research into defensive measures to address the inherent security threats in AI technology used in fully unmanned stores.

• Review of KIISC
• /
• v.31 no.5
• /
• pp.21-31
• /
• 2021

컴퓨터 기술의 발전에 따라 ML(Machine Learning) 및 AI(Artificial Intelligence)의 도입이 활발히 진행되고 있으며, 정보보호 분야에서도 활용이 증가하고 있는 추세이다. 그러나 이러한 모델들은 black-box 특성을 가지고 있으므로 의사결정 과정을 이해하기 어렵다. 특히, 오탐지 리스크가 큰 정보보호 환경에서 이러한 문제점은 AI 기술을 널리 활용하는데 상당한 장애로 작용한다. 이를 해결하기 위해 XAI(eXplainable Artificial Intelligence) 방법론에 대한 연구가 주목받고 있다. XAI는 예측의 해석이 어려운 AI의 문제점을 보완하기 위해 등장한 방법으로 AI의 학습 과정을 투명하게 보여줄 수 있으며, 예측에 대한 신뢰성을 제공할 수 있다. 본 논문에서는 이러한 XAI 기술의 개념 및 필요성, XAI 방법론의 정보보호 분야 적용 사례에 설명한다. 또한, XAI 평가 방법을 제시하며, XAI 방법론을 보안 시스템에 적용한 경우의 결과도 논의한다. XAI 기술은 AI 판단에 대한 사람 중심의 해석정보를 제공하여, 한정된 인력에 많은 분석데이터를 처리해야 하는 보안담당자들의 분석 및 의사결정 시간을 줄이는데 기여할 수 있을 것으로 예상된다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.3
• /
• pp.527-536
• /
• 2024

In the digital age, the growth of AI and digital technologies brings opportunities and cybersecurity risks. At the forefront of this change are teenagers, referred to as 'digital natives'. However, they may have difficulty using technology safely without proper information security knowledge. This paper highlights the need for information security education for teenagers in South Korea by referring to cases in the UK, Australia, and the US. These countries are already providing education that prepares young people for cyber threats and future societal needs. Reflecting this trend, South Korea should also establish comprehensive information security education for teenagers to equip them for the digital age.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.93-99
• /
• 2017

Recently IoT(Internet of Things) service industry has grown very rapidly. In this paper, we investigated the changes in IoT service industry as well as new direction of human life in future global society. Under these changing market conditions, competition has been also changed into global and ecological competition. But compared to the platform initiatives and ecological strategies of global companies, Korean companies' vision of building ecosystems is still unclear. In addition, there is a need of internetworking between mobile and IoT services. IoT security Protocol has weakness of leaking out information from Gateway which connected wire and wireless communication. As such, we investigate the structure of IoT and AI service ecosystem in order to gain strategic implications and insights for the security industry in this paper.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.411-425
• /
• 2023

Today, AI (Artificial Intelligence) technology is widely used in various fields, performing classification and regression tasks according to the purpose of use, and research is also actively progressing. Especially in the field of security, unexpected threats need to be detected, and unsupervised learning-based anomaly detection techniques that can detect threats without adding known threat information to the model training process are promising methods. However, most of the preceding studies that provide interpretability for AI judgments are designed for supervised learning, so it is difficult to apply them to unsupervised learning models with fundamentally different learning methods. In addition, previously researched vision-centered AI mechanism interpretation studies are not suitable for application to the security field that is not expressed in images. Therefore, In this paper, we use a technique that provides interpretability for detected anomalies by searching for and comparing optimization references, which are the source of intrusion attacks. In this paper, based on reference, we propose additional logic to search for data closest to real data. Based on real data, it aims to provide a more intuitive interpretation of anomalies and to promote effective use of an anomaly detection model in the security field.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.7 no.2
• /
• pp.199-208
• /
• 2017

IoT, Cloud, Bigdata, Mobile, AI, and 3D print, which are called as the main axis of the 4th Industrial Revolution, can be predicted to be changed when the technology is applied to the military. Especially, when I think about the purpose of battle, I think that IoT, Cloud, Bigdata, Mobile, and AI will play many role. Therefore, in this paper, Smart Military is defined as the future military that incorporates these five technologies, and the architecture is established and the appropriate information security model is studied. For this purpose, we studied the existing literature related to IoT, Cloud, Bigdata, Mobile, and AI and found common elements and presented the architecture accordingly. The proposed architecture is divided into strategic information security and tactical information security in the Smart Military environment. In the case of vulnerability, the information security is divided into strategic information security and tactical information security. If a protection system is established, it is expected that the optimum information protection can be constructed within an effective budget range.

• The Journal of the Korea Contents Association
• /
• v.21 no.10
• /
• pp.59-66
• /
• 2021

In this paper, an improved integrated security control procedure is newly proposed by applying artificial intelligence technology to integrated security control and unifying the existing security control and AI security control response procedures. Current cyber security control is highly dependent on the level of human ability. In other words, it is practically unreasonable to analyze various logs generated by people from different types of equipment and analyze and process all of the security events that are rapidly increasing. And, the signature-based security equipment that detects by matching a string and a pattern has insufficient functions to accurately detect advanced and advanced cyberattacks such as APT (Advanced Persistent Threat). As one way to solve these pending problems, the artificial intelligence technology of supervised and unsupervised learning is applied to the detection and analysis of cyber attacks, and through this, the analysis of logs and events that occur innumerable times is automated and intelligent through this. The level of response has been raised in the overall aspect by making it possible to predict and block the continuous occurrence of cyberattacks. And after applying AI security control technology, an improved integrated security control service model was newly proposed by integrating and solving the problem of overlapping detection of AI and SIEM into a unified breach response process(procedure).

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.655-656
• /
• 2021

April 2021, Disaster Safety Communication Network services have been launched, but security functions are weak at the beginning of the service. The current security method for Android-based APP is using Google Protect's technology to detect malware. Malware is difficult to detect directly because there are various types, so by applying malware detection technology that combines AI and Google Protect technology to Disaster Safety Communication Networks, research on how to implement 'AI-based Disaster Satety Communication Network Protect'.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.639-641
• /
• 2022

With the increasing of aging population, a lot of researches on monitoring systems for solitary senior citizens are under study. In general, a monitoring system provides a monitoring service by computing the information of vision, sensors, and measurement values on a server. Design considering data security is essential because a risk of data leakage exists in the structure of the system employing the server. In this paper, we propose a intelligent monitoring system for solitary senior citizens with vision-based security architecture. The proposed system protects privacy by ensuring high security through an architecture that blocks communication between a camera module and a server by employing an edge AI module. The edge AI module was designed with Verilog HDL and verified by implementing on a Field Programmable Gate Array (FPGA). We tested our proposed system on 5,144 frame data and demonstrated that a dangerous detection signal is generated correctly when human motion is not detected for a certain period.