• 디지털산업정보학회논문지
• /
• 제13권3호
• /
• pp.19-25
• /
• 2017

Nowadays, networked computer systems play an increasingly important role in our society and its economy. They have become the targets of a wide array of malicious attacks that invariably turn into actual intrusions. This is the reason computer security has become an essential concern for network administrators. Recently, a number of Detection/Prevention System schemes have been proposed based on various technologies. However, the techniques, which have been applied in many systems, are useful only for the existing patterns of intrusion. Therefore, probe detection has become a major security protection technology to detection potential attacks. Probe detection needs to take into account a variety of factors ant the relationship between the various factors to reduce false negative & positive error. It is necessary to develop new technology of probe detection that can find new pattern of probe. In this paper, we propose an hybrid probe detection using Fuzzy Cognitive Map(FCM) and Self Adaptive Module(SAM) in dynamic environment such as Cloud and IoT. Also, in order to verify the proposed method, experiments about measuring detection rate in dynamic environments and possibility of countermeasure against intrusion were performed. From experimental results, decrease of false detection and the possibilities of countermeasures against intrusions were confirmed.

• 한국치위생학회지
• /
• 제6권3호
• /
• pp.243-261
• /
• 2006

Priority setting in national health insurances in major advanced countries and the nation was investigated to draw the criteria for priority setting and suggest the most rational criteria for dental insurance so as to help secure the efficiency of medicare financing and individual's health right and also elevate medical consumers' satisfaction with health insurance. 1. Priorities in national health insurance are different from country to country, depending on the medical security systems, priority introducing conditions, and social environment, but have many common factors. 2. The priority setting criteria for national health insurance in those countries include the following in common: the efficiency, equity, and cost effect of treatment, emergency of treatment, consumption of expense, efficacy of treatment, patient's receptiveness, patient's demand, severity of disease, and patient's responsibility for the disease. 3. In oral diseases, severe diseases including oral cavity cancer are low in rate, and in-hospital treatments are few. From the above findings, it is suggested that dental insurance should establish discriminative criteria for priority setting by reflecting the aspects of dental diseases and system difference between dental and other health insurances and taking account of efficiency of treatment through prevention, cost effect, prevalence and incidence of generalized diseases, and individual's financing burden.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권4호
• /
• pp.1571-1589
• /
• 2016

Nodes in MANETs are battery powered which makes energy an invaluable resource. In OLSR, MPRs are special nodes that are selected by other nodes to relay their data/control traffic which may lead to high energy consumption of MPR nodes. Therefore, employing energy efficient MPR selection mechanism is imperative to ensure prolonged network lifetime. However, misbehaving MPR nodes tend to preserve their energy by dropping packets of other nodes instead of forwarding them. This leads to huge energy loss and performance degradation of existing energy efficient MPR selection schemes. This paper proposes an energy efficient secure MPR selection (ES-MPR) technique that takes into account both energy and security metrics for MPR selection. It introduces the concept of 'Composite Eligibility Index' (CEI) to examine the eligibility of a node for being selected as an MPR. CEI is used in conjunction with willingness to provide distinct selection parameters for Flooding and Routing MPRs. Simulation studies reveal the efficiency of ES-MPR in selection of energy efficient secure and stable MPRs, in turn, prolonging the network operational lifetime.

• 융합보안논문지
• /
• 제5권1호
• /
• pp.85-92
• /
• 2005

고도로 분산된 컴퓨팅 환경에서 역할 기반 접근제어를 함에 있어서 속성 인증서를 사용한 역할의 효율적 관리 방법을 모색하고자 한다. 역할은 그룹화되며, 속성인증서를 통해 관리된다. 유비쿼터스 컴퓨팅 환경과 같은 고도의 분산 컴퓨팅 환경에서는 광범위한 통제 구조를 가질 수 없으므로 이를 고려한 속성 인증서 관리 기법으로 속성 인증서의 전송 방법, 그룹 키의 관리 방법 등이 고려되어야한다. 본 논문에서는 네트워크 상의 효율적 속성 인증서 관리 기법을 모색하며, 그의 기반이 되는 역할의 그룹화를 논한다. 역할을 그룹화하여 관계구조 트리를 구성하고, 분산된 환경에서 안전하고 효율적인 역할의 갱신과 분배를 달성한다. 규모 확장성을 위해 멀티 캐스팅 패킷을 사용한 속성 인증서 분배를 하며, 그에 따른 네트워크 상의 패킷 손실율을 고려한 성능분석을 하여 역할 그룹을 두어 속성 인증서를 구조화하는 것이 성능을 향상시킴을 정량적으로 보인다.

• Industrial Engineering and Management Systems
• /
• 제15권1호
• /
• pp.63-76
• /
• 2016

Multiperiod portfolio selection problem attracts more and more attentions because it is in accordance with the practical investment decision-making problem. However, the existing literature on this field is almost undertaken by regarding security returns as random variables in the framework of probability theory. Different from these works, we assume that security returns are uncertain variables which may be given by the experts, and take absolute deviation as a risk measure in the framework of uncertainty theory. In this paper, a new multiperiod mean absolute deviation uncertain portfolio selection models is presented by taking transaction costs, borrowing constraints and threshold constraints into account, which an optimal investment policy can be generated to help investors not only achieve an optimal return, but also have a good risk control. Threshold constraints limit the amount of capital to be invested in each stock and prevent very small investments in any stock. Based on uncertain theories, the model is converted to a dynamic optimization problem. Because of the transaction costs, the model is a dynamic optimization problem with path dependence. To solve the new model in general cases, the forward dynamic programming method is presented. In addition, a numerical example is also presented to illustrate the modeling idea and the effectiveness of the designed algorithm.

• 정보보호학회논문지
• /
• 제27권6호
• /
• pp.1385-1395
• /
• 2017

본 논문에서는 정상과 이상 트래픽이 불균형적으로 발생하는 상황에서 기계 학습 기반의 효과적인 침입 탐지 시스템에 관한 연구 결과를 소개한다. 훈련 데이터의 패턴을 학습하여 정상/이상 패킷을 탐지하는 기계 학습 기반의 IDS에서는 훈련 데이터의 클래스 불균형 정도에 따라 탐지 성능이 현저히 차이가 날 수 있으나, IDS 개발 시 이러한 문제에 대한 고려는 부족한 실정이다. 클래스 불균형 데이터가 발생하는 환경에서도 우수한 탐지 성능을 제공하는 기계 학습 알고리즘을 선정하기 위하여, 본 논문에서는 Kyoto 2006+ 데이터셋을 이용하여 정상 대 침입 클래스 비율이 서로 다른 클래스 불균형 훈련 데이터를 구축하고 다양한 기계 학습 알고리즘의 인식 성능을 분석하였다. 실험 결과, 대부분의 지도 학습 알고리즘이 좋은 성능을 보인 가운데, Random Forest 알고리즘이 다양한 실험 환경에서 최고의 성능을 보였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제5권9호
• /
• pp.1684-1697
• /
• 2011

We show that two protocols for RFID mutual authentication in pervasive computing environments, recently proposed by Kang et al, are vulnerable to several attacks. First, we show these protocols do not preserve the privacy of users' location. Once a tag is authenticated successfully, we show several scenarios where legitimate or illegitimate readers can trace the location of that tag without any further information about the tag's identifier or initial private key. Second, since the communication between readers and the database takes place over an insecure communication channel and in the plaintext form, we show scenarios where a compromised tag can gain access to confidential information that the tag is not supposed get access to. Finally, we show that these protocols are also vulnerable to the replay and denial-of-service attacks. While some of these attacks are due to simple flaws and can be easily fixed, others are more fundamental and are due to relaxing widely accepted assumptions in the literature. We examine this issue, apply countermeasures, and re-evaluate the protocols overhead after taking these countermeasures into account and compare them to other work in the literature.

• Journal of Information Processing Systems
• /
• 제13권5호
• /
• pp.1382-1396
• /
• 2017

In this paper, we analyze a recently proposed semi-fragile watermarking scheme based on local binary pattern (LBP) operators, and note that it has a fundamental flaw in the design. In this work, a binary watermark is embedded into image blocks by modifying the neighborhood pixels according to the LBP pattern. However, different image blocks might have the same LBP pattern, which can lead to false detection in watermark extraction process. In other words, one can modify the host image intentionally without affecting its watermark message. In addition, there is no encryption process before watermark embedding, which brings another potential security problem. To illustrate its weakness, two special copy-paste attacks are proposed in this paper, and several experiments are conducted to prove the effectiveness of these attacks. To solve these problems, an improved semi-fragile watermarking based on LBP operators is presented. In watermark embedding process, the central pixel value of each block is taken into account and Arnold transform is adopted to guarantee the security of watermark. Experimental results show that the improved watermarking scheme can overcome the above defects and locate the tampered region effectively.

• 한국산업융합학회 논문집
• /
• 제24권5호
• /
• pp.635-639
• /
• 2021

As times goes by, a ton of electric devices have been developing. Nowadays, there are many personal electric goods that are connected each other and have important private information such as identification, account number, passwords, and so on. As many people own at least one electric device, security of the electric devices became significant. To prevent leakage of the information, study of Chaotic TRNG, "Chaotic True Random Number Generator", protecting the information by generating random numbers that are not able to be expected, is essential. In this paper, A chaotic TRNG is introduced is simulated. The proposed Chaotic TRNG is simulated with Virtuoso &, a circuit design program of Cadence that is a software company. For simulating the mentioned Chaotic TRNG, setting values, 0V low and 3V high on Vpulse, 1.2V on V-ref, 3.3V on VDD, and 0V on VSS, are used.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권10호
• /
• pp.3750-3770
• /
• 2021

This study investigates open-source dynamic XSS filters used as security devices in web applications to account for the effectiveness of filters in protecting against XSS attacks. The experiment involves twelve representative filters, which are examined individually by placing them into the final output function of a custom-built single-input-form web application. To assess the effectiveness of the filters in their tasks of sanitizing XSS payloads and in preserving benign payloads, a black-box testing method is applied using an automated XSS testing framework. The result in working with malicious and benign payloads shows an important trade-off in the filters' tasks. Because the filters that only check for dangerous or safe elements, they seem to neglect to validate their values. As some safe values are mistreated as dangerous elements, their benign payload function is lost in the way. For the filters to be more effective, it is suggested that they should be able to validate the respective values of malicious and benign payloads; thus, minimizing the trade-off. This particular assessment of XSS filters provides important insight regarding the filters that can be used to mitigate threats, including the possible configurations to improve them in handling both malicious and benign payloads.