• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.735-743
• /
• 2020

Secure coding is a technique that detects malicious attack or unexpected errors to make software systems resilient against such circumstances. In many cases secure coding relies on static analysis tools to find vulnerable patterns and contaminated data in advance. However, secure coding has the disadvantage of being dependent on rule-sets, and accurate diagnosis is difficult as the complexity of static analysis tools increases. In order to support secure coding, we apply machine learning techniques, such as DNN, CNN and RNN to investigate into finding major weakness patterns shown in secure development coding guides and present machine learning models and experimental results. We believe that machine learning techniques can support detecting security weakness along with static analysis techniques.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.54 no.2
• /
• pp.76-82
• /
• 2017

Malware, including ransomware to quickly detect, in this study, to provide an analysis method of malicious code through the image analysis that has been learned in the deep learning of artificial intelligence. First, to analyze the 2,400 malware data, and learning in artificial neural network Convolutional neural network and to image data. Extracts subgraphs to convert the graph of abstracted image, summarizes the set represent malware. The experimentally analyzed the malware is not how similar. Using deep learning of artificial intelligence by classifying malware and It shows the possibility of accurate malware detection.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.145-166
• /
• 2021

M-learning is one of the most important modern learning environments in developed countries, especially in the context of the COVID-19 pandemic. According to the Ministry of Education policies in Saudi Arabia, gender segregation in education reflects the country's religious values, which are a part of the national policy. Thus, it will help many in the target audience to accept online learning more easily in Saudi society. The literature review indicates the importance to use the UTAUT conceptual framework to study the level of acceptance through adding a new construct to the model which is Mobile Application Quality. The study focuses on the end user's requirements to use M-learning applications. It is conducted with a qualitative method to find out the students' and companies' opinions who working in the M-learning field to determine the requirements for the development of M-learning applications that are compatible with the aspirations of conservative societies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.267-277
• /
• 2022

Due to the increasing proportion of cloud and remote working environments, various information security incidents are occurring. Insider threats have emerged as a major issue, with cases in which corporate insiders attempting to leak confidential data by accessing it remotely. In response, insider threat detection approaches based on machine learning have been developed. However, existing machine learning methods used to detect insider threats do not take biases and variances into account, which leads to limited performance. In this paper, boosting-type ensemble learning algorithms are applied to verify the performance of malicious insider detection, conduct a close analysis, and even consider the imbalance in datasets to determine the final result. Through experiments, we show that using ensemble learning achieves similar or higher accuracy to other existing malicious insider detection approaches while considering bias-variance tradeoff. The experimental results show that ensemble learning using bagging and boosting methods reached an accuracy of over 98%, which improves malicious insider detection performance by 5.62% compared to the average accuracy of single learning models used.

• Journal of Internet Computing and Services
• /
• v.23 no.4
• /
• pp.73-85
• /
• 2022

In the era of the 4th industrial revolution, where automation and connectivity are maximized with artificial intelligence, the importance of data collection and utilization for model update is increasing. In order to create a model using artificial intelligence technology, it is usually necessary to gather data in one place so that it can be updated, but this can infringe users' privacy. In this paper, we introduce federated learning, a distributed machine learning method that can update models in cooperation without directly sharing distributed stored data, and introduce a study to optimize distributed consensus among participants without an existing server. In addition, we propose a pattern and group-based distributed consensus optimization algorithm that uses an algorithm for generating patterns and groups based on the Kirkman Triple System, and performs parallel updates and communication. This algorithm guarantees more privacy than the existing distributed consensus optimization algorithm and reduces the communication time until the model converges.

• Convergence Security Journal
• /
• v.15 no.6_1
• /
• pp.49-57
• /
• 2015

Changes in the national intelligence security industry is becoming increasingly rapidly changing due to the development of the network and the use of the Internet. Information also can be called by critical information assets, as well as social infrastructure of the country's reality is that individuals at risk. These professionals make to prevent terrorists to destroy national defense system and network was absolutely necessary. But, Cyber Terror Response NCOs to be responsible for cyber terrorism requires a professional NCOs with advanced knowledge. National Competency Standards(NCS) using a national information security field tutors to conduct training courses teaching - learning model to develop and to apply.

• International Journal of Computer Science & Network Security
• /
• v.22 no.4
• /
• pp.374-386
• /
• 2022

Nowadays, research in deep learning leveraged automated computing and networking paradigm evidenced rapid contributions in terms of Software Defined Networking (SDN) and its diverse security applications while handling cybercrimes. SDN plays a vital role in sniffing information related to network usage in large-scale data centers that simultaneously support an improved algorithm design for automated detection of network intrusions. Despite its security protocols, SDN is considered contradictory towards DDoS attacks (Distributed Denial of Service). Several research studies developed machine learning-based network intrusion detection systems addressing detection and mitigation of DDoS attacks in SDN-based networks due to dynamic changes in various features and behavioral patterns. Addressing this problem, this research study focuses on effectively designing a multistage hybrid and intelligent deep learning classifier based on modified deep forest classification to detect DDoS attacks in SDN networks. Experimental results depict that the performance accuracy of the proposed classifier is improved when evaluated with standard parameters.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1329-1342
• /
• 2018

Recent advances in quantum computer development have raised the issue of the security of RSA and elliptic curve cryptography, which are widely used. In response, the National Institute of Standards and Technology(NIST) is working on the standardization of public key cryptosystem which is secure in the quantum computing environment. Lattice-based cryptography is a typical post-quantum cryptography(PQC), and various lattice-based cryptographic schemes have been proposed for NIST's PQC standardization contest. Among them, EMBLEM proposed a new multi-bit encryption method which is more intuitive and efficient for encryption and decryption phases than the existing LWE-based encryption schemes. In this paper, we propose a multi-bit encryption scheme with improved efficiency using LWR assumption. In addition, we prove the security of our schemes and analyze the efficiency by comparing with EMBLEM and R.EMBLEM.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.411-425
• /
• 2023

Today, AI (Artificial Intelligence) technology is widely used in various fields, performing classification and regression tasks according to the purpose of use, and research is also actively progressing. Especially in the field of security, unexpected threats need to be detected, and unsupervised learning-based anomaly detection techniques that can detect threats without adding known threat information to the model training process are promising methods. However, most of the preceding studies that provide interpretability for AI judgments are designed for supervised learning, so it is difficult to apply them to unsupervised learning models with fundamentally different learning methods. In addition, previously researched vision-centered AI mechanism interpretation studies are not suitable for application to the security field that is not expressed in images. Therefore, In this paper, we use a technique that provides interpretability for detected anomalies by searching for and comparing optimization references, which are the source of intrusion attacks. In this paper, based on reference, we propose additional logic to search for data closest to real data. Based on real data, it aims to provide a more intuitive interpretation of anomalies and to promote effective use of an anomaly detection model in the security field.

• Journal of the Semiconductor & Display Technology
• /
• v.22 no.3
• /
• pp.112-118
• /
• 2023

As technology advances, the need for enhanced preparedness against cyber-attacks becomes an increasingly critical problem. Therefore, it is imperative to consider various circumstances and to prepare for cyber-attack strategic technology. This paper proposes a method to solve network security problems by applying reinforcement learning to cyber-security. In general, traditional static cyber-security methods have difficulty effectively responding to modern dynamic attack patterns. To address this, we implement cyber-attack scenarios such as 'Tiny Alpha' and 'Small Alpha' and evaluate the performance of various reinforcement learning methods using Network Attack Simulator, which is a cyber-attack simulation environment based on the gymnasium (formerly Open AI gym) interface. In addition, we experimented with different RL algorithms such as value-based methods (Q-Learning, Deep-Q-Network, and Double Deep-Q-Network) and policy-based methods (Actor-Critic). As a result, we observed that value-based methods with discrete action spaces consistently outperformed policy-based methods with continuous action spaces, demonstrating a performance difference ranging from a minimum of 20.9% to a maximum of 53.2%. This result shows that the scheme not only suggests opportunities for enhancing cybersecurity strategies, but also indicates potential applications in cyber-security education and system validation across a large number of domains such as military, government, and corporate sectors.