• International Journal of Computer Science & Network Security
• /
• 제21권6호
• /
• pp.181-186
• /
• 2021

Ensuring national security in cyberspace is becoming an increasingly important issue, given the growing number of cybercrimes due to adaptation to new security and protection technologies. The purpose of this article is to study the features of counteracting, preventing, and detecting crimes in the virtual space of Ukraine on the example of cases and analysis of the State Center for Cyber Defense and Countering Cyber Threats CERT-UA and the Cyber Police Department of the National Police of Ukraine. The research methodology is based on the method of analysis and study of cases of crime detection in the virtual environment of the State Center for Cyber Defense and Countering Cyber Threats CERT-UA and the Cyber Police Department of the National Police of Ukraine. The results show that the consistent development of the legal framework in 2016-2020 and the development of a cyber-defense strategy for 2021-2025 had a positive impact on the institution-building and detection of cybercrime in Ukraine. Establishing cooperation with developed countries (USA) has helped to combat cybercrime by facilitating investigations by US law enforcement agencies. This means that international experience is effective for developing countries as a way to quickly understand the threats and risks of cybercrime. In Ukraine, the main number of incidents concerns the distribution of malicious software in the public sector. In the private sector, cyber police are largely confronted with the misappropriation of citizens' income through Internet technology. The practical value of this study is to systematize the experience of overcoming cybercrime on the example of cases of crime detection in a virtual environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권6호
• /
• pp.3258-3279
• /
• 2019

Recently, ransomware has earned itself an infamous reputation as a force to reckon with in the cybercrime landscape. However, cybercriminals are adopting other unconventional means to seamlessly attain proceeds of cybercrime with little effort. Cybercriminals are now acquiring cryptocurrencies directly from benign Internet users without the need to extort a ransom from them, as is the case with ransomware. This paper investigates advances in the cryptovirology landscape by examining the state-of-the-art cryptoviral attacks. In our approach, we perform digital autopsy on the malware's source code and execute the different malware variants in a contained sandbox to deduce static and dynamic properties respectively. We examine three cryptoviral attack structures: browser-based crypto mining, memory resident crypto mining and cryptoviral extortion. These attack structures leave a trail of digital forensics evidence when the malware interacts with the file system and generates noise in form of network traffic when communicating with the C2 servers and crypto mining pools. The digital forensics evidence, which essentially are IOCs include network artifacts such as C2 server domains, IPs and cryptographic hash values of the downloaded files apart from the malware hash values. Such evidence can be used as seed into intrusion detection systems for mitigation purposes.

• 융합보안논문지
• /
• 제15권1호
• /
• pp.69-82
• /
• 2015

고도화되고 지능화가 예상되는 사이버 침해대응에 대해 효율적으로 대응키 위해서는 악성코드의 공격에 대해 기존 방어적 대응형태에서 공격적 전환개념이 요구되기에 이러한 환경을 근간으로 연구한 결과 기존의 OS, APPLICATION SYSTEM 등의 각 영역별 SINGLE-MODE 체계의 구조대비 Real-time에 의한 공통 전수 취약점 탐지 분석 개념으로 다단계기반의 탐지 및 분석개념(MPSM)을 연구하였다. 동시에 필요시 해당 정보자산과 직접적인 단독접속형태의 취약점 탐지 및 분석을 위해 API 기반의 전용하드웨어 플랫폼형태의 방안이 요구되어 짐과 동시에 이를 위해서는 H/W 및 S/W의 분리된 현재와 같은 2중화된 형태가 아닌 일체형의 H/W 타입의 플랫폼구조 기반 형태로 설계됨과 동시에 병행되어 빅데이타 분석에 의한 정보보안의 포렌직 측면을 고려할 시 항시 모니터링 되고 관리할 수 있는 구조로 연동 설계 등에 대해 제안하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제17권6호
• /
• pp.1657-1673
• /
• 2023

With the advancement of information technology, criminals employ multiple cyberspaces to promote cybercrime. To combat cybercrime and cyber dangers, banks and financial institutions use artificial intelligence (AI). AI technologies assist the banking sector to develop and grow in many ways. Transparency and explanation of AI's ability are required to preserve trust. Deep learning protects client behavior and interest data. Deep learning techniques may anticipate cyber-attack behavior, allowing for secure banking transactions. This proposed approach is based on a user-centric design that safeguards people's private data over banking. Here, initially, the attack data can be generated over banking transactions. Routing is done for the configuration of the nodes. Then, the obtained data can be preprocessed for removing the errors. Followed by hierarchical network feature extraction can be used to identify the abnormal features related to the attack. Finally, the user data can be protected and the malicious attack in the transmission route can be identified by using the Wrapper stepwise ResNet classifier. The proposed work outperforms other techniques in terms of attack detection and accuracy, and the findings are depicted in the graphical format by employing the Python tool.

• International Journal of Computer Science & Network Security
• /
• 제24권6호
• /
• pp.207-215
• /
• 2024

Cloud computing is now used by most companies, business centres and academic institutions to embrace new computer technology. Cloud Service Providers (CSPs) are limited to certain services, missing some of the assets requested by their customers, it means that different clouds need to interconnect to share resources and interoperate between them. The clouds may be interconnected in different characteristics and systems, and the network may be vulnerable to volatility or interference. While information technology and cloud computing are also advancing to accommodate the growing worldwide application, criminals use cyberspace to perform cybercrimes. Cloud services deployment is becoming highly prone to threats and intrusions. The unauthorised access or destruction of records yields significant catastrophic losses to organisations or agencies. Human intervention and Physical devices are not enough for protection and monitoring of cloud services; therefore, there is a need for more efficient design for cyber defence that is adaptable, flexible, robust and able to detect dangerous cybercrime such as a Denial of Service (DOS) and Distributed Denial of Service (DDOS) in heterogeneous cloud computing platforms and make essential real-time decisions for forensic investigation. This paper aims to develop a framework for digital forensic for the detection of cybercrime in a joined heterogeneous cloud setup. We developed a Digital Forensics model in this paper that can function in heterogeneous joint clouds. We used Unified Modeling Language (UML) specifically activity diagram in designing the proposed framework, then for deployment, we used an architectural modelling system in developing a framework. We developed an activity diagram that can accommodate the variability and complexities of the clouds when handling inter-cloud resources.

• International Journal of Computer Science & Network Security
• /
• 제21권12호
• /
• pp.203-206
• /
• 2021

The article is devoted to the study of the problems of polygraphic research to obtain forensically significant information. An analysis of the legal basis for the use of the polygraph in Ukraine. Problematic issues concerning the appropriateness of using a polygraph in the investigation and detection of crimes have been studied. The domestic legal norms that regulate this issue, as well as foreign experience are analyzed. The article reveals the essence of the polygraph, the legal basis and requirements for its use. Attention is drawn to the main difficulties of using a polygraph and ways to solve them.

• 스마트미디어저널
• /
• 제11권2호
• /
• pp.18-24
• /
• 2022

많은 소셜 서비스 상에서 악성 댓글로 인한 문제가 발생되고 있으며, 특히 매체로서의 성격이 강한 유튜브는 모바일기기를 이용한 쉬운 접근성으로 인해 악성 댓글로 인한 폐해가 더욱 커지고 있는 실정이다. 본 논문에서는 LSTM 기반의 자연어 처리를 통해 유튜브 콘텐츠에 대한 악성 댓글을 판별하고 악성 댓글의 비율, 악플러들의 닉네임, 그리고 빈도를 시각적으로 표현해 주기 위한 유튜브 악성 댓글 탐지 시스템을 설계하고 구현하였으며, 성능을 평가하였다. 약 5만 개의 댓글 데이터셋을 통해 악성 댓글 여부를 판별하였을 때, 약 92%의 정확도로 악성 댓글을 검출해 낼 수 있었으며, 이를 활용하여 악성 댓글의 통계가 자동으로 생성되도록 함으로써 많은 유튜버들이 겪는 악성 댓글로 인한 사회적 문제를 해결할 수 있을 것으로 기대한다.

• 정보처리학회논문지:컴퓨터 및 통신 시스템
• /
• 제12권5호
• /
• pp.165-170
• /
• 2023

최근 블록체인 기술이 부상하면서 이를 이용한 암호화폐 플랫폼이 늘어나며 화폐 거래가 활발이 이뤄지고 있다. 그러나 암호화폐의 특성을 악용한 범죄 또한 늘어나 문제가 되고 있다. 특히 피싱 스캠은 이더리움 사이버 범죄의 과반수 이상을 차지하며 주요 보안 위협원으로 여겨지고 있다. 따라서 효과적인 피싱 스캠 탐지 방법이 시급하다. 그러나 전체 이더리움 참여 계정 주소에서 라벨링된 피싱 주소의 부족으로 인한 데이터 불균형 문제로 지도학습에 충분한 데이터 제공이 어려운 상황이다. 이를 해결하기 위하여 본 논문에서는 이더리움 트랜잭션 네트워크를 고려한 효과적인 그래프 임베딩 기법인 trans2vec과 준지도 학습 모델 tri-training을 함께 사용하여 라벨링된 데이터 뿐만 아니라 라벨링되지 않은 데이터도 최대한 활용하는 피싱 스캠 탐지 방법을 제안한다.

• Journal of Information Science Theory and Practice
• /
• 제9권1호
• /
• pp.24-34
• /
• 2021

The popularity of social networking sites (SNS) has facilitated communication between users. The usage of SNS helps users in their daily life in various ways such as sharing of opinions, keeping in touch with old friends, making new friends, and getting information. However, some users misuse SNS to belittle or hurt others using profanities, which is typical in cyberbullying incidents. Thus, in this study, we aim to identify profane words from the ASKfm corpus to analyze the profane word distribution across four different roles involved in cyberbullying based on lexicon dictionary. These four roles are: harasser, victim, bystander that assists the bully, and bystander that defends the victim. Evaluation in this study focused on occurrences of the profane word for each role from the corpus. The top 10 common words used in the corpus are also identified and represented in a graph. Results from the analysis show that these four roles used profane words in their conversation with different weightage and distribution, even though the profane words used are mostly similar. The harasser is the first ranked that used profane words in the conversation compared to other roles. The results can be further explored and considered as a potential feature in a cyberbullying detection model using a machine learning approach. Results in this work will contribute to formulate the suitable representation. It is also useful in modeling a cyberbullying detection model based on the identification of profane word distribution across different cyberbullying roles in social networks for future works.

• 지능정보연구
• /
• 제23권3호
• /
• pp.119-138
• /
• 2017

최근 SNS는 개인의 의사소통뿐 아니라 마케팅의 중요한 채널로도 자리매김하고 있다. 그러나 사이버 범죄 역시 정보와 통신 기술의 발달에 따라 진화하여 불법 광고가 SNS에 다량으로 배포되고 있다. 그 결과 개인정보를 빼앗기거나 금전적인 손해가 빈번하게 일어난다. 본 연구에서는 SNS로 전달되는 홍보글인 비정형 데이터를 분석하여 어떤 글이 금융사기(예: 불법 대부업 및 불법 방문판매)와 관련된 글인지를 분석하는 방법론을 제안하였다. 불법 홍보글 학습 데이터를 만드는 과정과, 데이터의 특성을 고려하여 입력 데이터를 구성하는 방안, 그리고 판별 알고리즘의 선택과 추출할 정보 대상의 선정 등이 프레임워크의 주요 구성 요소이다. 본 연구의 방법은 실제로 모 지방자치단체의 금융사기 방지 프로그램의 파일럿 테스트에 활용되었으며, 실제 데이터를 가지고 분석한 결과 금융사기 글을 판정하는 정확도가 사람들에 의하여 판정하는 것이나 키워드 추출법(Term Frequency), MLE 등에 비하여 월등함을 검증하였다.