• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.11
• /
• pp.2067-2072
• /
• 2016

Recently, due to the development of attack techniques that can circumvent existing information protection systems, continuous threats in a form unrecognized by the user have threatened information assets. Therefore, it is necessary to support the prompt responses to anticipated attempts of APT attacks, bypass access attacks, and encryption packet attacks, which the existing systems have difficulty defending against through a single response, and to continuously monitor information protection systems with a defense strategy based on Indicators of Attack (IOA). In this paper, I suggest a centralized intelligent information protection system to support the intelligent response to a violation by discerning important assets through prevention control in a performance impact assessment about information properties in order to block the attack routes of APT; establishing information control policies through weakness/risk analyses in order to remove the risks in advance; establishing detection control by restricting interior/exterior bypass networks to server access and monitoring encrypted communications; and lastly, performing related corrective control through backup/restoration.

• Journal of IKEEE
• /
• v.27 no.3
• /
• pp.239-245
• /
• 2023

Whitelist-based ransomware solution is known as being vulnerable to false impersonation attack using DLL injection attack. To solve this problem, it is proposed to monitor DLL injection attack and to integrate the monitoring result to ransomware solutions. In this paper, we show that attackers can easily bypass the monitoring mechanism and then illegally access files of a target system. It means that whitelist-based ransomware solutions are still vulnerable.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.1021-1030
• /
• 2021

This paper proposes S-CAFG(Stage-based Cyber Attack Flow Graph), a model for effectively describing training scenarios that simulate modern complex cyber attacks. On top of existing graph and tree models, we add a stage node to model more complex scenarios. In order to evaluate the proposed model, we create a complicated scenario and compare how the previous models and S-CAFG express the scenario. As a result, we confirm that S-CAFG can effectively describe various attack scenarios such as simultaneous attacks, additional attacks, and bypass path selection.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.1
• /
• pp.143-151
• /
• 2008

Execute IP traceback at this paper as target an intruder's attacking that Bypass Attack in order to avoid an exposure of own Real IP address Design IP traceback server and agent module, and install in Internet network system for Real IP traceback. Set up detection and chase range aggressive loop around connection arbitrariness, and attack in practice, and generate Real IP data cut off by fatal attacks after data and intrusion detection accessed general IP, and store to DB. Generate the Forensic data which Real IP confirms substance by Whois service, and ensured integrity and the reliability that buy to early legal proof data, and was devoted to of an invader Present the cyber criminal preventive effect that is dysfunction of Ubiquitous Information Society and an effective Real IP traceback system, and ensure a Forensic data generation basis regarding a judge's robe penalty through this paper study.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.691-705
• /
• 2012

Buffer overflow vulnerability is the most representative one that an attack method and its countermeasure is frequently developed and changed. This vulnerability is still one of the most critical threat since it was firstly introduced in middle of 1990s. Shellcode is a machine code which can be used in buffer overflow attack. Attackers make the shellcode for their own purposes and insert it into target host's memory space, then manipulate EIP(Extended Instruction Pointer) to intercept control flow of the target host system. Therefore, a lot of research to defend have been studied, and attackers also have done many research to bypass security measures designed for the shellcode defense. In this paper, we investigate shellcode defense and attack techniques briefly and we propose our new methodology which can hide shellcode in the 24bit BMP image. With this proposed technique, we can easily hide any shellcode executable and we can bypass the current detection and prevention techniques.

• Journal of Internet Computing and Services
• /
• v.24 no.4
• /
• pp.25-36
• /
• 2023

Today, as AI (Artificial Intelligence) technology is introduced in various fields, including security, the development of technology is accelerating. However, with the development of AI technology, attack techniques that cleverly bypass malicious behavior detection are also developing. In the classification process of AI models, an Adversarial attack has emerged that induces misclassification and a decrease in reliability through fine adjustment of input values. The attacks that will appear in the future are not new attacks created by an attacker but rather a method of avoiding the detection system by slightly modifying existing attacks, such as Adversarial attacks. Developing a robust model that can respond to these malware variants is necessary. In this paper, we propose two methods of generating Adversarial attacks as efficient Adversarial attack generation techniques for improving Robustness in AI models. The proposed technique is the XAI-based attack technique using the XAI technique and the Reference based attack through the model's decision boundary search. After that, a classification model was constructed through a malicious code dataset to compare performance with the PGD attack, one of the existing Adversarial attacks. In terms of generation speed, XAI-based attack, and reference-based attack take 0.35 seconds and 0.47 seconds, respectively, compared to the existing PGD attack, which takes 20 minutes, showing a very high speed, especially in the case of reference-based attack, 97.7%, which is higher than the existing PGD attack's generation rate of 75.5%. Therefore, the proposed technique enables more efficient Adversarial attacks and is expected to contribute to research to build a robust AI model in the future.

• Journal of Korean Neurosurgical Society
• /
• v.44 no.4
• /
• pp.228-233
• /
• 2008

Objective : The standard treatment strategy of intracranial aneurysms includes either endovascular coiling or microsurgical clipping. In certain situations such as in giant or dissecting aneurysms, bypass surgery followed by proximal occlusion or trapping of parent artery is required. Methods : The authors assessed the result of extracranial-intracranial (EC-IC) bypass surgery in the treatment of complex intracranial aneurysms in one institute between 2003 and 2007 retrospectively to propose its role as treatment modality. The outcomes of 15 patients with complex aneurysms treated during the last 5 years were reviewed. Six male and 9 female patients, aged 14 to 76 years, presented with symptoms related to hemorrhage in 6 cases, transient ischemic attack (TIA) in 2 un ruptured cases, and permanent infarction in one, and compressive symptoms in 3 cases. Aneurysms were mainly in the internal carotid artery (ICA) in 11 cases, middle cerebral artery (MCA) in 2, posterior cerebral artery (PCA) in one and posterior inferior cerebellar artery (PICA) in one case. Results : The types of aneurysms were 8 cases of large to giant size aneurysms, 5 cases of ICA blood blister-like aneurysms, one dissecting aneurysm, and one pseudoaneurysm related to trauma. High-flow bypass surgery was done in 6 cases with radial artery graft (RAG) in five and saphenous vein graft (SVG) in one. Low-flow bypass was done in nine cases using superficial temporal artery (STA) in eight and occipital artery (OA) in one case. Parent artery occlusion was performed with clipping in 9 patients, with coiling in 4, and with balloon plus coil in 1. Direct aneurysm clip was done in one case. The follow up period ranged from 2 to 48 months (mean 15.0 months). There was no mortality case. The long-term clinical outcome measured by Glasgow outcome scale (GOS) showed good or excellent outcome in 13/15. The overall surgery related morbidity was 20% (3/15) including 2 emergency bypass surgeries due to unexpected parent artery occlusion during direct clipping procedure. The short-term postoperative bypass graft patency rates were 100% but the long-term bypass patency rates were 86.7% (13/15). Nonetheless, there was no bypass surgery related morbidity due to occlusion of the graft. Conclusion : Revascularization technique is a pivotal armament in managing complex aneurysms and scrupulous prior planning is essential to successful outcomes.

• Journal of Korean Neurosurgical Society
• /
• v.54 no.6
• /
• pp.511-514
• /
• 2013

Isolated symptomatic occlusion of the anterior cerebral artery (ACA) is a rare condition and until date, only few cases regarding the revascularization of the ACA have been reported. This paper reports on successful attempt to revascularize the ACA using superficial temporal artery (STA) in patient with isolated symptomatic occlusion of the ACA. A 69-year-old man presented with several episodes of transient weakness involving left lower extremity. Cerebral angiography showed occlusion of the right ACA at the A2 segment. After medical treatment failure, the patient underwent STA-ACA bypass surgery. Subsequent to surgery, there was immediate disappearance of transient ischemic attack and follow-up angiography showed favorable revascularization of the ACA territory. Bypass surgery can be considered in the patients with symptomatic occlusion of the ACA, who have experienced failure in medical treatment.

• Journal of Chest Surgery
• /
• v.21 no.2
• /
• pp.373-378
• /
• 1988

Since the introduction of percutaneous; transluminal coronary angioplasty[PTCA] by Grunt-zig in 1977, this is widely used in some patients with coronary artery disease and is an effective alternative to surgery for many patients. Indications for emergency coronary artery bypass graft[CABG] after PTCA are prolonged chest pain, worsening of coronary artery obstruction, "current of injury" by electrocardiogram, cardiogenic shock, and in a lesser incidence, ventricular fibrillation, coronary artery dissection[without obstruction], heart block, and intractable cardiac arrest. Recently, we have experienced one case of emergency CABG following unsuccessful PTCA. The patient was 54 year-old male and admitted with complaint of angina pectoris. The routine electrocardiogram revealed within normal limit. The treadmill test revealed severe chest pain after 2 min. exercise. Coronary cineangiogram revealed 95% segmental stenosis of the proximal right coronary artery. Our cardiologist was planned PTCA. During PTCA, severe chest pain and ischemic pattern on electrocardiogram were developed. But they were not relieved even by morphine and nitroglycerin till 90 min. So we performed emergency single coronary artery bypass graft from aorta to proximal right coronary artery with great saphenous vein. The patient had an excellent postoperative recovery and was free from anginal attack. He has shown striking improvement in general status[NYHA functional class 1] during 6 months after operation.operation.

• Journal of Korean Neurosurgical Society
• /
• v.46 no.3
• /
• pp.257-260
• /
• 2009

Intraventricular hemorrhage long after successful encephaloduroarterio synangiosis (EDAS) is very rare. The effect of revascularization surgery for preventing hemorrhagic event of moyamoya disease remains controversial. We report a 17-year-old female with intracerebral hemorrhage and intraventricular hemorrahge 10 years after successful EDAS. Even though cerebral vessels angiography showed good collateral circulations without specific weak points, a cerebral hemorrhage could occur in patient with ischemic type of moyamoya disease long after successful indirect bypass operations. Good collateralization of cerebral angiography or magnetic resonance perfusion image after indirect bypass surgery would ensure against ischemic symptoms, not a hemorrhage. And, thus a life-time follow-up strategy might be necessary even if a good collateral circulation has been established.