• Journal of Advanced Navigation Technology
• /
• v.16 no.1
• /
• pp.41-53
• /
• 2012

The technologies used by the malicious codes have been being advanced and complicated through a merge of the existing techniques, while the damages by the malicious codes are moving from individuals and industries to organizations and countries. In this situation, the security experts are corresponding with the static analysis and the dynamic analysis such as signature searching and reverse engineering, respectively. However, they have had a hard time to respond against the obfuscated intelligent new zero day malicious codes. Therefore, it is required to prepare a process for a preliminary investigation and consequent detailed investigation on the infection sequence and the hiding mechanism to neutralize the malicious code. In this paper, we studied the formalization of the process against the infection sequence and the file hiding techniques with an empirical application to the Rustock malicious code that is most notorious as a spammer. Using the result, it is expected to promptly respond to newly released malicious codes.

• The Journal of the Korea Contents Association
• /
• v.7 no.6
• /
• pp.69-78
• /
• 2007

In recent years, embedded mobile systems have been expanding their application domains from embedded portable devices which only execute a specialized application such as MP3 player or digital camcoder to digital convergence devices which execute more complicated applications converged various functionalities such as video and audio play, digital dictionary, DMB, games, phone, etc. As it requires the increasing hardware performance such as more faster CPU and more larger RAM, display, disk size, it has brought about a corresponding increase in power consumption. However, coupled with relatively small gains in battery capacity over recent years, the importance of software architecture including intelligent power management has become paramount. In this paper, we have ported UbiFOSTM with energy saving techniques on the ARM9-based MBA2440 platform. For energy savings, we adapted the dynamic power management and the device power management schemes based on monitoring workload. Experimental results with some well-known applications show that proposed low power technique could save energy up to 24 %.

• Smart Media Journal
• /
• v.4 no.4
• /
• pp.80-85
• /
• 2015

As the number of applications using the internet the rapidly increasing incidence of cyber attacks made on the internet has been increasing. In the equipment of L3 DDoS attack detection equipment in the world and incomplete detection of application layer based intelligent. Next-generation networks domestic product in high-performance wired and wireless network threat response techniques to meet the diverse requirements of the security solution is to close one performance is insufficient compared to the situation in terms of functionality foreign products, malicious code detection and signature generation research primarily related to has progressed malware detection and analysis of the research center operating in Window OS. In this paper, we describe the current status survey and analysis of the latest variety of new attack techniques and analytical skills with the latest cyber-attack analysis prejudice the security situation.

• Journal of Digital Convergence
• /
• v.13 no.1
• /
• pp.313-319
• /
• 2015

As the number of applications using the internet the rapidly increasing incidence of cyber attacks made on the internet has been increasing. In the equipment of L3 DDoS attack detection equipment in the world and incomplete detection of application layer based intelligent. Next-generation networks domestic product in high-performance wired and wireless network threat response techniques to meet the diverse requirements of the security solution is to close one performance is insufficient compared to the situation in terms of functionality foreign products, malicious code detection and signature generation research primarily related to has progressed malware detection and analysis of the research center operating in Window OS. In this paper, we describe the current status survey and analysis of the latest variety of new attack techniques and analytical skills with the latest cyber-attack analysis prejudice the security situation.

• Journal of Intelligence and Information Systems
• /
• v.16 no.1
• /
• pp.1-16
• /
• 2010

Several techniques and methods for ontology modularization have been proposed recently. However, there are few ontology evaluation frameworks to evaluate these techniques and methods. Most researches on ontology modularization have not been focused on ontology modularization evaluation but ontology modularization process itself. In this paper, we devise a novel ontology modularization evaluation framework to measure the quality of ontology modules, logical integrity during modularization process and modularization tools. Experiments were conducted to validate the proposed framework. Three representative modularization approaches SWOOP, Prompt, and PATO were chosen and used to partition or extract modules from an ontology. Then the proposed evaluation framework is applied to these modules. The experiment results indicate that the modularization framework works well. The proposed framework would help ontology engineers improve ontology module quality, anticipate and reduce future maintenance as well as help ontology users to choose ontology modules that best meet their requirements.

• Journal of Intelligence and Information Systems
• /
• v.13 no.2
• /
• pp.15-26
• /
• 2007

In this study, a SOHO (Small Office Home Office) bankruptcy prediction model is proposed using Modified Bagging Predictors which is modification of traditional Bagging Predictors. There have been several studies on bankruptcy prediction for large and middle size companies. However, little studies have been done for SOHOs. In commercial banks, loan approval processes for SOHOs are usually less structured than those for large and middle size companies, and largely depend on partial information such as credit scores. In this study, we use a real SOHO loan approval data set of a Korean bank. First, decision tree induction techniques and artificial neural networks are applied to the data set, and the results are not satisfactory. Bagging Predictors which has been not previously applied for bankruptcy prediction and Modified Bagging Predictors which is proposed in this paper are applied to the data set. The experimental results show that Modified Bagging Predictors provides better performance than decision tree inductions techniques, artificial neural networks, and Bagging Predictors.

• Journal of Intelligence and Information Systems
• /
• v.13 no.2
• /
• pp.69-80
• /
• 2007

The preferences of customers change over time. However, existing collaborative filtering (CF) systems are static, since they only incorporate information regarding whether a customer buys a product during a certain period and do not make use of the purchase sequences of customers. Therefore, the quality of the recommendations of the typical CF could be improved through the use of information on such sequences. In this study, we propose a new methodology for enhancing the quality of CF recommendation that uses customer purchase sequences. The proposed methodology is applied to a large department store in Korea and compared to existing CF techniques. Various experiments using real-world data demonstrate that the proposed methodology provides higher quality recommendations than do typical CF techniques with better performance.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.4 s.42
• /
• pp.231-241
• /
• 2006

When current cyber attacks to information and communication facilities are examined, technologies such as chase evasion technology and defense deviation technology have been rapidly advanced and many weak systems worldwide are often used as passages. And when newly-developed cyber attack instruments are examined, technologies for prefect crimes such as weakness attack, chase evasion and evidence destruction have been developed and distributed in packages. Therefore, there is a limit to simple prevention technology and according to cases, special procedures such as real-time chase are required to overcome cyber crimes. Further, cyber crimes beyond national boundaries require to be treated in international cooperation and relevant procedural arrangements through which the world can fight against them together. However, in current laws, there are only regulations such as substantial laws including simple regulations on Punishment against violation. In procedure, they are treated based on the same procedure as that of general criminal cases which are offline crimes. In respect to international cooperation system, international criminal private law cooperation is applied based on general criminals, which brings many problems. Therefore, this study speculates the procedural law on cyber crimes and presents actual problems of our country and its countermeasures.

• Convergence Security Journal
• /
• v.21 no.3
• /
• pp.13-23
• /
• 2021

The attacker's techniques and tools are becoming intelligent and sophisticated. Existing Anti-Virus cannot prevent security accident. So the security threats on the endpoint should also be considered. Recently, EDR security solutions to protect endpoints have emerged, but they focus on visibility. There is still a lack of detection and responsiveness. In this paper, we use real-world EDR event logs to aggregate knowledge-based MITRE ATT&CK and autoencoder-based anomaly detection techniques to detect anomalies in order to screen effective analysis and analysis targets from a security manager perspective. After that, detected anomaly attack signs show the security manager an alarm along with log information and can be connected to legacy systems. The experiment detected EDR event logs for 5 days, and verified them with hybrid analysis search. Therefore, it is expected to produce results on when, which IPs and processes is suspected based on the EDR event log and create a secure endpoint environment through measures on the suspicious IP/Process.

• Convergence Security Journal
• /
• v.21 no.2
• /
• pp.67-79
• /
• 2021

Lessons Learned(LL) is a military term defined as all activities that promote future development by finding problems and need improvement in education and reality in the field of warfare development. In this paper, we focus on presenting actual examples and applying AI analysis inference techniques to solve revealed problems in promoting LL activities, such as long-term analysis, budget problems, and necessary expertise. AI legal advice services using cognitive computing-related technologies that have already been practical and in use, were judged to be the best examples to solve the problems of LL. This paper presents intelligent LL inference techniques, which utilize AI. To this end, we want to explore theoretical backgrounds such as LL analysis definitions and examples, evolution of AI into Machine Learning, cognitive computing, and apply it to new technologies in the defense sector using the newly proposed L²-OODA ensemble algorithm to contribute to implementing existing power improvement and optimization.