• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.43 no.4
• /
• pp.217-228
• /
• 2020

The ROK Army must detect the enemy's location and the type of artillery weapon to respond effectively at wartime. This paper proposes a radar positioning model by applying a scenario-based robust optimization method i.e., binary integer programming. The model consists of the different types of radar, its available quantity and specification. Input data is a combination of target, weapon types and enemy position in enemy's attack scenarios. In this scenario, as the components increase by one unit, the total number increases exponentially, making it difficult to use all scenarios. Therefore, we use partial scenarios to see if they produce results similar to those of the total scenario, and then apply them to case studies. The goal of this model is to deploy an artillery locating radar that maximizes the detection probability at a given candidate site, based on the probability of all possible attack scenarios at an expected enemy artillery position. The results of various experiments including real case study show the appropriateness and practicality of our proposed model. In addition, the validity of the model is reviewed by comparing the case study results with the detection rate of the currently available radar deployment positions of Corps. We are looking forward to enhance Korea Artillery force combat capability through our research.

• International journal of advanced smart convergence
• /
• v.13 no.3
• /
• pp.41-47
• /
• 2024

In this paper, we deal with a game theoretic problem to explore interactions between evasive Artificial Intelligence (AI) malware and detectors in Internet of Things (IoT). Evasive AI malware is defined as malware having capability of eluding detection by exploiting artificial intelligence such as machine learning and deep leaning. Detectors are defined as IoT devices participating in detection of evasive AI malware in IoT. They can be separated into two groups such that one group of detectors can be armed with detection capability powered by AI, the other group cannot be armed with it. Evasive AI malware can take three strategies of Non-attack, Non-AI attack, AI attack. To cope with these strategies of evasive AI malware, detector can adopt three strategies of Non-defense, Non-AI defense, AI defense. We formulate a Bayesian game theoretic model with these strategies employed by evasive AI malware and detector. We derive pure strategy Bayesian Nash Equilibria in a single stage game from the formulated Bayesian game theoretic model. Our devised work is useful in the sense that it can be used as a basic game theoretic model for developing AI malware detection schemes.

• 한국전산유체공학회:학술대회논문집
• /
• 2010.05a
• /
• pp.21-27
• /
• 2010

The flow characteristics on a supersonic inlet with bleeding system by changing angles of attack and channel length conditions are studied by computational 3D turbulent flow analysis. A compressible upwind flux difference splitting Navier-Stokes method with $k-{\omega}$ turbulence model is used to analysis the inlet flowfield. More non-uniform flowfields are shown at the AIP when angle of attack becomes bigger and bigger. These non-uniform flowfield works the performance aggravating factors of the supersonic engine. Non-uniform flowfield by changing channel length at the various angle of attack are investigated.

• Proceedings of the IEEK Conference
• /
• 2003.11c
• /
• pp.101-104
• /
• 2003

As optical network technology advances, the Dense-Wavelength Division Multiplexing(DWDM) networks have been widely accepted as a promising approach to the Next Generation Optical Internet (NGOI) backbone networks. Especially. a fault/attack management scheme in NGOI backbone networks is one of the most important issues because a short service disruption in DWDM networks carrying extremely high data rates causes loss of vast traffic volumes. In this paper, we suggest a fault/attack management model for NGOI backbone networks and propose a fault/attack recovery procedure in IP/GMPLS over DWDM.

• Proceedings of the Korea Society for Simulation Conference
• /
• 2005.11a
• /
• pp.19-24
• /
• 2005

Radio Frequency Identification (RFID) is a technology used to identify the physical objects and get information about the object on which the tag attaches from network. It is expected that RFID will lead IT market from human-oriented to object-oriented. Therefore, RFID technology and services will become wide-spread. But the system of RFID naming service is quite similar to the existing DNS facilities. So it has many weak points against to DDos attack. Furthermore if the MDS server Is under attack, there might be trouble of total RFID networks.In this paper, we propose a new detecting model to find attack traffic at local routers by using Management Information Base (MIB) which is optimized for RFID MDS server.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.40 no.10
• /
• pp.67-78
• /
• 2003

As optical network technology advances and high bandwidth Internet is demanded for the exponential growth of internet traffic volumes, the Dense-Wavelength Division Multiplexing (DWDM) networks have been widely accepted as a promising approach to the Next Generation Optical Internet (NGOI) backbone networks for nation wide or global coverage. Important issues in the NGOI based on DWDM networks are the Routing and Wavelength Assignment(RWA) problem and survivability. Especially, fault/attack detection, localization and recovery schemes in All Optical Transport Network(AOTN) is one of the most important issues because a short service disruption in DWDM networks carrying extremely high data rates causes loss of vast traffic volumes. In this paper, we suggest a fault/attack management model for NGOI through analyzing fault/attack vulnerability of various optical backbone network devices and propose fault/attack recovery procedure considering Extended-LMP(Link Management Protocol) and RSVP-TE+(Resource Reservation Protocol-Traffic Engineering) as control protocols in IP/GMPLS over DWDM.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.485-500
• /
• 2018

As the size of the system and network environment grows and the network structure and the system configuration change frequently, network administrators have difficulty managing the status manually and identifying real-time changes. In this paper, we suggest a system that scans dynamic network information in real time, scores vulnerability of network devices, generates all potential attack paths, and visualizes them using attack graph. We implemented the proposed algorithm based attack graph; and we demonstrated that it can be applicable in MTD concept based defense system by simulating on dynamic virtual network environment with SDN.

• International Journal of Computer Science & Network Security
• /
• v.24 no.1
• /
• pp.127-132
• /
• 2024

With the rapid evolution of the Internet, the application of artificial intelligence fields is more and more extensive, and the era of AI has come. At the same time, adversarial attacks in the AI field are also frequent. Therefore, the research into adversarial attack security is extremely urgent. An increasing number of researchers are working in this field. We provide a comprehensive review of the theories and methods that enable researchers to enter the field of adversarial attack. This article is according to the "Why? → What? → How?" research line for elaboration. Firstly, we explain the significance of adversarial attack. Then, we introduce the concepts, types, and hazards of adversarial attack. Finally, we review the typical attack algorithms and defense techniques in each application area. Facing the increasingly complex neural network model, this paper focuses on the fields of image, text, and malicious code and focuses on the adversarial attack classifications and methods of these three data types, so that researchers can quickly find their own type of study. At the end of this review, we also raised some discussions and open issues and compared them with other similar reviews.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.1-13
• /
• 2022

As the information and communication environment develops, the environment of military facilities is also development remarkably. In proportion to this, cyber threats are also increasing, and in particular, APT attacks, which are difficult to prevent with existing signature-based cyber defense systems, are frequently targeting military and national infrastructure. It is important to identify attack groups for appropriate response, but it is very difficult to identify them due to the nature of cyber attacks conducted in secret using methods such as anti-forensics. In the past, after an attack was detected, a security expert had to perform high-level analysis for a long time based on the large amount of evidence collected to get a clue about the attack group. To solve this problem, in this paper, we proposed an automation technique that can classify an attack group within a short time after detection. In case of APT attacks, compared to general cyber attacks, the number of attacks is small, there is not much known data, and it is designed to bypass signature-based cyber defense techniques. As an attack model, we used MITRE ATT&CK® which modeled many parts of cyber attacks. We design an impact score considering the versatility of the attack techniques and proposed a group similarity score based on this. Experimental results show that the proposed method classified the attack group with a 72.62% probability based on Top-5 accuracy.

• Convergence Security Journal
• /
• v.22 no.3
• /
• pp.25-32
• /
• 2022

Recently, the image processing industry has been activated as deep learning-based technology is introduced in the image recognition and detection field. With the development of deep learning technology, learning model vulnerabilities for adversarial attacks continue to be reported. However, studies on countermeasures against poisoning attacks that inject malicious data during learning are insufficient. The conventional countermeasure against poisoning attacks has a limitation in that it is necessary to perform a separate detection and removal operation by examining the training data each time. Therefore, in this paper, we propose a technique for reducing the attack success rate by applying modifications to the training data and inference data without a separate detection and removal process for the poison data. The One-shot kill poison attack, a clean label poison attack proposed in previous studies, was used as an attack model. The attack performance was confirmed by dividing it into a general attacker and an intelligent attacker according to the attacker's attack strategy. According to the experimental results, when the proposed defense mechanism is applied, the attack success rate can be reduced by up to 65% compared to the conventional method.