• ETRI Journal
• /
• v.41 no.5
• /
• pp.585-598
• /
• 2019

A cyber-physical system (CPS) is a new mechanism controlled or monitored by computer algorithms that intertwine physical and software components. Advanced persistent threats (APTs) represent stealthy, powerful, and well-funded attacks against CPSs; they integrate physical processes and have recently become an active research area. Existing offensive and defensive processes for APTs in CPSs are usually modeled by incomplete information game theory. However, honeypots, which are effective security vulnerability defense mechanisms, have not been widely adopted or modeled for defense against APT attacks in CPSs. In this study, a honeypot game-theoretical model considering both low- and high-interaction modes is used to investigate the offensive and defensive interactions, so that defensive strategies against APTs can be optimized. In this model, human analysis and honeypot allocation costs are introduced as limited resources. We prove the existence of Bayesian Nash equilibrium strategies and obtain the optimal defensive strategy under limited resources. Finally, numerical simulations demonstrate that the proposed method is effective in obtaining the optimal defensive effect.

• International Journal of Computer Science & Network Security
• /
• v.21 no.7
• /
• pp.305-316
• /
• 2021

The objective is to recognize the better opportunities from targeted reveal advertising, to show a banner ad to the consumer of online who is most expected to obtain a preferred action like signing up for a newsletter or buying a product. Discovering the most excellent commercial impression, it means the chance to exhibit an advertisement to a consumer needs the capability to calculate the probability that the consumer who perceives the advertisement on the users browser will acquire an accomplishment, that is the consumer will convert. On the other hand, conversion possibility assessment is a demanding process since there is tremendous data growth across different information dimensions and the adaptation event occurs infrequently. Retailers and manufacturers extensively employ the retail services from internet as part of a multichannel distribution and promotion strategy. The rate at which web site visitors transfer to consumers is low for online retail, out coming in high customer acquisition expenses. Approximately 96 percent of web site users concluded exclusive of no shopper purchase[1].This category of conversion rate is collected from the advertising of social media sites and pages that dataset must be estimating and assessing with the concept of big data clustering, which is used to group the particular age group of people along with their behavior. This makes to identify the proper consumer of the production which leads to improve the profitability of the concern.

• International Journal of Computer Science & Network Security
• /
• v.23 no.9
• /
• pp.166-176
• /
• 2023

A scenario known as conflict in face recognition may arise as a result of some disparity-related issues (such as expression, distortion, occlusion and others) leading to a compromise of someone's identity or contradiction of the intended message. However, addressing this requires the determination and application of appropriate procedures among the various conflict theories both in terms of concepts as well as resolution strategies. Theories such as Marxist, Game theory (Prisoner's dilemma, Penny matching, Chicken problem), Lanchester theory and Information theory were analyzed in relation to facial images conflict and these were made possible by trying to provide answers to selected questions as far as resolving facial conflict is concerned. It has been observed that the scenarios presented in the Marxist theory agree with the form of resolution expected in the analysis of conflict and its related issues as they relate to face recognition. The study observed that the issue of conflict in facial images can better be analyzed using the concept introduced by the Marxist theory in relation to the Information theory. This is as a result of its resolution strategy which tends to seek a form of balance as result as opposed to the win or lose case scenarios applied in other concepts. This was also consolidated by making reference to the main mechanisms and result scenario applicable in Information theory.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.8
• /
• pp.2805-2826
• /
• 2021

In most cases, the routing policy of networks shows a preference for a static one-to-one mapping of communication pairs to routing paths, which offers adversaries a great advantage to conduct thorough reconnaissance and organize an effective attack in a stress-free manner. With the evolution of network intelligence, some flexible and adaptive routing policies have already proposed to intensify the network defender to turn the situation. Routing mutation is an effective strategy that can invalidate the unvarying nature of routing information that attackers have collected from exploiting the static configuration of the network. However, three constraints execute press on routing mutation deployment in practical: insufficient route mutation space, expensive control costs, and incompatibility. To enhance the availability of route mutation, we propose an OpenFlow-based route mutation technique called Polymorphic Path Transferring (PPT), which adopts a physical and virtual path segment mixed construction technique to enlarge the routing path space for elevating the security of communication. Based on the Markov Decision Process, with considering flows distribution in the network, the PPT adopts an evolution routing path scheduling algorithm with a segment path update strategy, which relieves the press on the overhead of control and incompatibility. Our analysis demonstrates that PPT can secure data delivery in the worst network environment while countering sophisticated attacks in an evasion-free manner (e.g., advanced persistent threat). Case study and experiment results show its effectiveness in proactively defending against targeted attacks and its advantage compared with previous route mutation methods.

• Korean Security Journal
• /
• no.21
• /
• pp.75-94
• /
• 2009

Since mechanical security systems are mostly composed of electronic, information and communication devices, they have effects in the aspects of overall social environment and crime-oriented environment. Also, the importance is increasing for wireless recognition of RFID and tracing function, which will be usefully utilized in controlling the incomings and outgoings of people/vehicles or allowance, surveillance and control. This is resulting from the increase in the care for the elderly according to the overall social environment, namely, the aging society, and the number of women entering, as well as the increase in the number of heinous crimes. The purpose of this study is to examine the theoretical considerations on ubiquitous sensor network and present a direction for securities companies for their development by focusing on the technological and application areas. To present strategies of response to a new environment for security companies, First, a diversification strategy is needed for security companies. The survival of only high level of security companies in accordance with the principle of liberal market competition will bring forth qualitative growth and competitiveness of security market. Second, active promotion by security companies is needed. It is no exaggeration to say that we are living in the modern society in the sea of advertisements and propaganda. The promotional activities that emphasize the areas of activity or importance of security need to be actively carried out using the mass media to change the aware of people regarding security companies, and they need to come up with a plan to simultaneously carry out the promotional activities that emphasize the public aspect of security by well utilizing the recent trend that the activities of security agents are being used as a topic in movies or TV dramas. Third, technically complementary establishment of ubiquitous sensor network and electronic tag is needed. Since they are used in mobile electronic tag services such as U-Home and U-Health Care, they are used throughout our lives by forming electronic tag environment within safe ubiquitous sensor network based on the existing privacy guideline for the support of mobile electronic tag terminal commercialization, reduction in communication and information usage costs, continuous technical development and strengthening of privacy protection, and the system of cooperation of academic-industrial-research needs to be established among the academic world and private research institutes for these parts.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.1019-1034
• /
• 2022

Malware attacks become more prevalent in the hyper-connected society of the 4th industrial revolution. To respond to such malware, automation of malware detection using artificial intelligence technology is attracting attention as a new alternative. However, using artificial intelligence without collateral for its reliability poses greater risks and side effects. The EU and the United States are seeking ways to secure the reliability of artificial intelligence, and the government announced a reliable strategy for realizing artificial intelligence in 2021. The government's AI reliability has five attributes: Safety, Explainability, Transparency, Robustness and Fairness. We develop four elements of safety, explainable, transparent, and fairness, excluding robustness in the malware detection model. In particular, we demonstrated stable generalization performance, which is model accuracy, through the verification of external agencies, and developed focusing on explainability including transparency. The artificial intelligence model, of which learning is determined by changing data, requires life cycle management. As a result, demand for the MLops framework is increasing, which integrates data, model development, and service operations. EXE-executable malware and documented malware response services become data collector as well as service operation at the same time, and connect with data pipelines which obtain information for labeling and purification through external APIs. We have facilitated other security service associations or infrastructure scaling using cloud SaaS and standard APIs.

• International Journal of Computer Science & Network Security
• /
• v.22 no.8
• /
• pp.15-24
• /
• 2022

The article clarifies the conditions for information, digital and educational accessibility for higher education seekers with disabilities in terms of distance learning caused by quarantine restrictions. It is established that such conditions are regulated by international and Ukrainian legal documents (The Standard Rules on the Equalization of Opportunities for Persons with Disabilities, Convention on the Rights of Persons with Disabilities, Sustainable Development Goals, Law of Ukraine "On Education", Law of Ukraine "On Higher Education", Strategy for the Development of Higher Education in Ukraine 2021-2031, Development Strategy areas of innovation for the period up to 2030, Development strategy of the sphere of innovation activity for the period up to 2030). As a part of information barrierlessness, Higher Education Institutions (HEI) should provide access to information in various formats and using technologies, in particular Braille script, large-type printing, audio description (audio descriptive commenting), sign language interpretation, subtitling, a format suitable for reading by screen access programs, formats of simple speech, easy-to-read formats, means of alternative communication. The experience of Pavlo Tychyna Uman State Pedagogical University is described. In particular, special attention is paid to the study of sign language: in view of this, the initiative group implemented the project "Learning to hear and overcome social isolation together" with the financial support of the British Council in Ukraine. Within the framework of digital accessibility, the official website of the Faculty of Social and Psychological Education has been adapted for the visually impaired in accordance with WCAG 2.0 World Standards. In 2021, Pavlo Tychyna Uman State Pedagogical University implemented the project "Cultural, Recreational and Tourist Cherkasy Region: Inclusive Social 3D Map" funded by the Ukrainian Cultural Foundation; a site with available content for online travel in the region to provide barrier-free access to the historical and cultural heritage of Cherkasy region was created. Educational accessibility is achieved by increasing the number of people with special educational needs, receiving education in inclusive groups; activities of the Center for Social and Educational Integration and Inclusive Rehabilitation Social Tourism "Bez barieriv" ("Without barriers"); implementation of a research topic for financing the Ministry of Education and Science of Ukraine: "Social and psychological rehabilitation of children and youth with special educational needs by means of inclusive tourism"; implementation of the project "Social inclusion of distance educational process"; development of information campaigns to popularize the ideas of accessibility, the need for its implementation, ongoing training programs and competitions, etc.

• Journal of Information Technology Applications and Management
• /
• v.26 no.3
• /
• pp.99-120
• /
• 2019

The purpose of this study is to provide information necessary for establishing a new strategy for customer service improvement by deriving factors affecting user satisfaction and continuous use intention of mobile app service user characteristics, system characteristics, and social characteristics. The results of this study are summarized as follows. First, reliability, innovation, familiarity, convenience, and self-efficacy among the characteristics of mobile app are analyzed as factors that have the greatest influence on user's perceived usefulness. Second, convenience, mobility, and visibility are some of the characteristics of mobile app service. Third, identity, security, and expectation agreement among mobile app service characteristics are analyzed as negative factors that do not affect users' perceived usefulness. Fourth, interactivity, familiarity, and self-efficacy among the characteristics of mobile app service were analyzed as positive factors that have the greatest effect on user's perceived ease of use. Fifth, reliability, mobility, visibility, and convenience among mobile app service characteristics are analyzed as factors that have some positive effects on perceived ease of use of app users. Sixth, identity, innovation, and security among the characteristics of mobile app service are negatively influenced by mobile app users' perceived ease of use. Seventh, the perceived usefulness of mobile app users is analyzed as a factor that has a very positive effect on user satisfaction. Eighth, the perceived ease of use of mobile app users is analyzed as a factor affecting perceived usefulness positively. Ninth, the perceived ease and expectation of mobile app users are positively influenced on user satisfaction. The tenth, the perceived usefulness of the mobile app users was analyzed as a factor having a very positive influence on the persistent intention to use. For the eleventh, the perceived ease of use of mobile app users was analyzed as a factor having a positive effect on the persistent intention to use. The twelfth, mobile app user satisfaction was analyzed as a factor having a very positive effect on the persistent intention to use.

• Journal of Digital Convergence
• /
• v.17 no.10
• /
• pp.93-102
• /
• 2019

This paper aims to set the priorities for the cybersecurity strategy of Cambodian government. To this end, we built a AHP research model by adopting 4 factors from the ITU national interests model and selecting 7 strategies from best practices of 8 countries leading the cyber security. Using a questionnaire, 19 experts evaluated Cambodia's cybersecurity strategy priorities. The key policy factors were evaluated in the order of homeland defense, economic welfare, value promotion and favorable world order. Their strategic alternatives were identified in the order of legislation, capacity building, and cyber attack prevention for critical infrastructure. This study will contribute to setting the strategic priorities and feasible action plans to strengthen Cambodia's cybersecurity capabilities.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.171-181
• /
• 2010

The iCAS specification that download CAS s/w image from the IPTV provider's server to the IPTV devices provides compatibility and service mobility between the IPTV service providers. However, to ensure mobility of the device, a TA(Trust Authority) within an IPTV eco-system that is capable of systematically managing keys or certificates is required. In the Legacy CAS, solution providers for CAS play a critical role of carrying out the TA. However, in order to standardize the device mobility, a TA should be established by implementing iCAS technology that manages the entire IPTV eco-system including iCAS. In this paper, we analysis TA issues related iCAS commercialization, and propose TA establishment strategy for IPTV service in iCAS environment.