• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.10
• /
• pp.4176-4197
• /
• 2020

Botnet is a type of dangerous malware. Botnet attack with a collection of bots attacking a similar target and activity pattern is called bot group activities. The detection of bot group activities using intrusion detection models can only detect single bot activities but cannot detect bots' behavioral relation on bot group attack. Detection of bot group activities could help network administrators isolate an activity or access a bot group attacks and determine the relations between bots that can measure the correlation. This paper proposed a new model to measure the similarity between bot activities using the intersections-probability concept to define bot group activities called as B-Corr Model. The B-Corr model consisted of several stages, such as extraction feature from bot activity flows, measurement of intersections between bots, and similarity value production. B-Corr model categorizes similar bots with a similar target to specify bot group activities. To achieve a more comprehensive view, the B-Corr model visualizes the similarity values between bots in the form of a similar bot graph. Furthermore, extensive experiments have been conducted using real botnet datasets with high detection accuracy in various scenarios.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.44-46
• /
• 2012

Leading companies has led to the victimization being leaked to accept personal information by the cyber attack. Also planned hacking cases on purpose such as acquiring monetary gain or social distracting is constantly increasing. In this paper, we identify examples of the project step-by-step leading IT services companies to perform security activities. Real-world projects step-by-step through security measures that can be applied are presented.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.12
• /
• pp.5596-5615
• /
• 2016

Security is one of the major challenges in the Wireless Sensor Networks (WSNs). WSNs are more vulnerable to adversarial activities. All cryptographic security services indirectly depend on key management. Symmetric key management is the best key establishment process for WSNs due to the resource constraints of the sensors. In this paper, we proposed dynamic session key establishment scheme based on randomly generated nonce value and sensor node identity, in which each sensor node is equipped with session key on expire basis. The proposed scheme is compare with five popular existing key management systems. Our scheme is simulated in OMNET++ with MixiM and presented experimental results. The analytical study and experimental results show the superiority of the proposed scheme over the existing schemes in terms of energy, storage, resilience and communication overhead.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.1628-1631
• /
• 2012

대학교의 논문 발표 현황 및 피인용 횟수는 오늘날 대학교를 평가하는데 있어 중요한 지표 중 하나이다. 본 논문은 국내 대학교 중 KAIST를 선정하여 논문 실적을 분석함으로써 대학교의 연구 활동에 대해 분석하였다. 분석한 지표는 학과별 논문 발표 수, 피인용 횟수로 평가한 논문 순위, 활동성이 높은 학술지, 협업기관으로 각 지표들은 주 저자 기준이다. 이러한 결과는 향후 국내 대학교 간의 대학교 평가 체계에 적용될 수 있으며, 연구 활동 분석을 통해 각 대학교들은 자체적으로 실적 평가 및 연구 정책 설정 등을 할 수 있을 것이라 기대한다.

• ETRI Journal
• /
• v.43 no.1
• /
• pp.152-162
• /
• 2021

In the last few years, detection has become a powerful methodology for network protection and security. This paper presents a new detection scheme for data recorded over a computer network. This approach is applicable to the broad scientific field of information security, including intrusion detection and prevention. The proposed method employs bidimensional (time-frequency) data representations of the forms of the short-time Fourier transform, as well as the Wigner distribution. Moreover, the method applies matrix factorization using singular value decomposition and principal component analysis of the two-dimensional data representation matrices to detect intrusions. The current scheme was evaluated using numerous tests on network activities, which were recorded and presented in the KDD-NSL and UNSW-NB15 datasets. The efficiency and robustness of the technique have been experimentally proved.

• The Journal of Korean Association of Computer Education
• /
• v.20 no.6
• /
• pp.95-104
• /
• 2017

The damage caused by information spill, forgery, falsification, and deletion by cyber infringement in educational institutions and universities is very large. In this study, we analyzed the types, causes, and problems of cyber infringement in educational administrative institutions and universities. As a result, administrative, physical and technical information protection activities were weak. In this paper, we propose a security enhancement method for each domain by dividing them into Internet zone, network-neutral zone (DMZ: Demilitarized Zone), general server zone, internal server zone (Server Farm), and user zone so that these vulnerabilities can be easily identified, supplemented or security enhanced. In addition, we have proposed a method to apply security information system architecture and information protection technology correctly for educational administration institutions and universities. This study is meaningful not to provide conceptual guidance but to suggest specific action and procedure oriented security management plan.

• Journal of Korea Game Society
• /
• v.15 no.1
• /
• pp.77-88
• /
• 2015

As the smart phone market is drastically expanding, there is a steady growth of recent vicious activities such as data manipulation, billing fraud, identity theft, and leakage of personal information that are security threats to Social Network Games(SNG). Due to the threats, Strong development standard is required for security enhancement of SNG. Nonetheless, short life-spans, additional expenses, and the necessities to provide a sound game service hinders developers from reaching their security goals. Therefore, this research investigates the weak points of SNG through memory manipulation experiments based on the currently provided SNG services. In addition, the research presents counter measures and security enforcements that are light in service load and simplistic which can be applied in the developing process.

• The Journal of Society for e-Business Studies
• /
• v.19 no.2
• /
• pp.109-124
• /
• 2014

As the emerged importance and awareness for information security, It is being implemented by each industrial sector to protect information assets. In this paper, we analyze the information security checklists or security ratings criteria to derive similarity and difference in context which used to knowledge network analysis method. The analyzed results of all checklists (ISMS, PIMS, 'FSS', 'FISS', 'G') are as follows : First, It is common factors that the protection of information systems and information assets, incident response, operations management. Second, It deals with relatively important factors that IT management, the adequacy of audit activities in the financial IT sector including common factors. Third, the criteria of ISMS contains the majority of the contents among PIMS, 'FSS', 'FISS'and 'G'.

• Korean Security Journal
• /
• no.14
• /
• pp.181-194
• /
• 2007

Social psychological suspense has been increased rapidly because of a lack of morality by individual personality and offense by dissatisfactory desire. To help safety area from the situation, a professional private security guard company is increased remarkably. Followed by data from the National Statistical Office, the security guard companies and the guards had been increased. In 1999, there were 994companies and 25,464 employees were registered but in 2004, there were 1,081companies and 35,876 employees were registered. Based on the data, Security guard becomes a popular career but we should consider that the service also has been improved. Dissatisfactory service could occur to a fastidious person. The purpose of this study is to become a trustful and respectful private guard's activity through analyze defective activities of private guards and matters of what the customer feels.

• Journal of the Korea Safety Management & Science
• /
• v.12 no.4
• /
• pp.1-11
• /
• 2010

The purpose of this study is, by recognizing that recently, as crimes using information and various adverse-effect phenomena such as hacking and virus occur frequently with rapid development of information network such as Internet in every field of industry, the range of security is widening to the field of industrial areas for preventing the leaking of industrial technology and protecting that technology as well as information security only limited to IT area, and by establishing common concept about industrial security through education on the industrial security at the point of increasing importance of industrial security, to prepare the base of comprehensive risk management system for protecting company's assets (physical factor, technical factor and managerial factor) safely from the random threats or attacks inside and outside the company through assessment of important assets of the company, evaluation of threats and weak points, and risk assessment by building industrial security management system in order to protect company's information assets and resources which are connected to the existence of the company safely from the threats or attacks from inside or outside the company and to spread stable business activities.