• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.12
• /
• pp.4625-4647
• /
• 2020

The Generative Adversarial Networks, as one of the most creative deep learning models in recent years, has achieved great success in computer vision and natural language processing. It uses the game theory to generate the best sample in generator and discriminator. Recently, many deep learning models have been applied to the security field. Along with the idea of "generative" and "adversarial", researchers are trying to apply Generative Adversarial Networks to the security field. This paper presents the development of Generative Adversarial Networks. We review traditional generation models and typical Generative Adversarial Networks models, analyze the application of their models in natural language processing and computer vision. To emphasize that Generative Adversarial Networks models are feasible to be used in security, we separately review the contributions that their defenses in information security, cyber security and artificial intelligence security. Finally, drawing on the reviewed literature, we provide a broader outlook of this research direction.

• Convergence Security Journal
• /
• v.13 no.6
• /
• pp.51-59
• /
• 2013

Cyberspace, based on the dramatic development of information and communications technology, has brought enormous benefits to mankind. However, concerns over cyber terrorism and cyber attack are becoming serious. It is time to expand the global dialogue on international security issues in cyberspace. It is imperative to have a common understanding that cyberspace, the infrastructure for prosperity, should not be utilized as a space to create conflicts among states, and that all states agree to build confidence and peace in cyberspace. For this purpose, there are 3 tracks of international cooperations: 1)international cooperation such as UN and Conference on Cyberspace, 2)regional cooperations such as ARF and OSCE. 3)bilateral cooperations such US-Russia Cybersecurity Agreement, US-China presidential level dialogue. This paper will analyze the 1st track of international cooperations of UN and Conference on Cyberspace. With this, Korean government can prepare the forthcoming GGE activities and make our own strategy to deal with the global norms of good behaviour in cyberspace.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.6
• /
• pp.2012-2030
• /
• 2021

Named Entity Recognition (NER) is used to identify entity nouns in the corpus such as Location, Person and Organization, etc. NER is also an important basic of research in various natural language fields. The processing of Chinese NER has some unique difficulties, for example, there is no obvious segmentation boundary between each Chinese character in a Chinese sentence. The Chinese NER task is often combined with Chinese word segmentation, and so on. In response to these problems, we summarize the recognition methods of Chinese NER. In this review, we first introduce the sequence labeling system and evaluation metrics of NER. Then, we divide Chinese NER methods into rule-based methods, statistics-based machine learning methods and deep learning-based methods. Subsequently, we analyze in detail the model framework based on deep learning and the typical Chinese NER methods. Finally, we put forward the current challenges and future research directions of Chinese NER technology.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.9
• /
• pp.4658-4679
• /
• 2017

Android is now the most popular smartphone platform and remains rapid growth. There are huge number of sensitive privacy information stored in Android devices. Kinds of methods have been proposed to detect Android malicious applications and protect the privacy information. In this work, we focus on extracting the fine-grained features to maximize the information of Android malware detection, and selecting the least joint features to minimize the number of features. Firstly, permissions and APIs, not only from Android permissions and SDK APIs but also from the developer-defined permissions and third-party library APIs, are extracted as features from the decompiled source codes. Secondly, feature selection methods, including information gain (IG), regularization and particle swarm optimization (PSO) algorithms, are used to analyze and utilize the correlation between the features to eliminate the redundant data, reduce the feature dimension and mine the useful joint features. Furthermore, regularization and PSO are integrated to create a new joint feature mining method. Experiment results show that the joint feature mining method can utilize the advantages of regularization and PSO, and ensure good performance and efficiency for Android malware detection.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.2
• /
• pp.702-723
• /
• 2020

The application of machine learning (ML) in intrusion detection has attracted much attention with the rapid growth of information security threat. As an efficient multi-label classifier, kernel extreme learning machine (KELM) has been gradually used in intrusion detection system. However, the performance of KELM heavily relies on the kernel selection. In this paper, a novel multiple kernel extreme learning machine (MKELM) model combining the ReliefF with nature-inspired methods is proposed for intrusion detection. The MKELM is designed to estimate whether the attack is carried out and the ReliefF is used as a preprocessor of MKELM to select appropriate features. In addition, the nature-inspired methods whose fitness functions are defined based on the kernel alignment are employed to build the optimal composite kernel in the MKELM. The KDD99, NSL and Kyoto datasets are used to evaluate the performance of the model. The experimental results indicate that the optimal composite kernel function can be determined by using any heuristic optimization method, including PSO, GA, GWO, BA and DE. Since the filter-based feature selection method is combined with the multiple kernel learning approach independent of the classifier, the proposed model can have a good performance while saving a lot of training time.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.8
• /
• pp.2865-2878
• /
• 2021

As a current popular technology, the blockchain has a serious issue: the private key cannot be retrieved due to force majeure. Since the outcome of the blockchain-based Bitcoin, there have been many occurrences of the users who lost or forgot their private keys and could not retrieve their token wallets, and it may cause the permanent loss of their corresponding blockchain accounts, resulting in irreparable losses for the users. We propose a recoverable private key scheme for consortium blockchain based on the verifiable secret sharing which can enable the user's private key in the consortium blockchain to be securely recovered through a verifiable secret sharing method. In our secret sharing scheme, users use the biometric keys to encrypt shares, and the preset committer peers in the consortium blockchain act as the participants to store the users' private key shares. Due to the particularity of the biometric key, only the user can complete the correct secret recovery. Our comparisons with the existing mnemonic systems or the multi-signature schemes have shown that our scheme can allow users to recover their private keys without storing the passwords accurately. Hence, our scheme can improve the account security and recoverability of the data-sharing systems across physical and virtual platforms that use blockchain technology.

• Convergence Security Journal
• /
• v.18 no.2
• /
• pp.41-47
• /
• 2018

Theorists of war have often used Clausewitz's trinity theory as a framework for analyzing war strategies and histories. Heretofore, studies on cyber warfare have focused primarily on laws, policies, structuring organizations, manpower, and training pertaining to preparing the cyberspace for war. Currently, studies highlighting the comparative characteristics of war in cyberspace, how it differs from conventional warfare, and analytical frameworks for understanding war in cyberspace are rare. Using Clausewitz's trinity theory, this paper interprets the essence of war from the perspectives of (1) Intellect, (2) Bravery, and (3) Passion, to propose an analytical model for understanding war in cyberspace, one that factors in the intrinsic qualities and characteristics of cyberspace under spatial and temporal constraints. Furthermore, this paper applies the aforementioned analytical model to the Iraq War and concludes with a theoretical illustration that cyber warfare played a significant role in winning the war.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.161-167
• /
• 2020

Convergence ethics education for digital culture in cyberspace is limited to specific areas such as personal information and copyright. Education on the ability to accept information and provide information in cyberspace in which digital natives communicate, share and exchange is inadequate. As a result, the dysfunction of abusing the personal information of others without recognizing the importance of information security has recently emerged as a social problem. In this study, among digital netizen who communicate and exchange information the most in cyberspace, digital literacy education was conducted for students in the first and second grades of university, and then they investigated the change in information security perception. Based on this, we intend to prepare fundamental measures for systematic cultivation of digital literacy education necessary for the Digital Cultural Society.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.869-878
• /
• 2018

Digital Evidence Data in cyberspace is easy to modify or delete, and changes are reflected in real time, so it is necessary to acquire evidence data quickly. Collecting evidence on the client side is advantageous in that data can be acquired without time delay due to additional administrative procedures, but collection of large data is likewise vulnerable to collection time delay problem. Therefore, this paper proposes an automated evidence collection method on the client side, focusing on the major web-based services in cyberspace, and enables efficient evidence collection for large volumes of data. Furthermore, we propose a digital evidence collection system in cyberspace that guarantees the integrity of the collected digital evidence until the court submission.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.11
• /
• pp.5594-5615
• /
• 2019

Malicious social robots, which are disseminators of malicious information on social networks, seriously affect information security and network environments. The detection of malicious social robots is a hot topic and a significant concern for researchers. A method based on classification has been widely used for social robot detection. However, this method of classification is limited by an unbalanced data set in which legitimate, negative samples outnumber malicious robots (positive samples), which leads to unsatisfactory detection results. This paper proposes the use of generative adversarial networks (GANs) to extend the unbalanced data sets before training classifiers to improve the detection of social robots. Five popular oversampling algorithms were compared in the experiments, and the effects of imbalance degree and the expansion ratio of the original data on oversampling were studied. The experimental results showed that the proposed method achieved better detection performance compared with other algorithms in terms of the F1 measure. The GAN method also performed well when the imbalance degree was smaller than 15%.