• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.605-616
• /
• 2021

While malwares must be accurately identifiable from arbitrary programs, existing studies using classification techniques have limitations that they can only be applied to limited samples. In this work, we propose a method to utilize API call frequency to detect and classify malware families from arbitrary programs. Our proposed method defines a rule that checks whether the call frequency of a particular API exceeds the threshold, and identifies a specific family by utilizing the rate information on the corresponding rules. In this paper, decision tree algorithm is applied to define the optimal threshold that can accurately identify a particular family from the training set. The performance measurements using 4,443 samples showed 85.1% precision and 91.3% recall rate for family detection, 97.7% precision and 98.1% reproduction rate for classification, which confirms that our method works to distinguish malware families effectively.

• Journal of Convergence for Information Technology
• /
• v.9 no.1
• /
• pp.38-44
• /
• 2019

As 4th industrial revolution era has come, autonomous driving vehiecle gets its attention for commercialization and development and thus its impact on society. To this end, several countries such as US, England and Germany are preparing their own legal systems to come up with commercialization of autonomous driving vehiecle. In this country, Korea is also developing autonomous driving vehiecle and looking forward its commercialization yet the legal system of Korea lacks of laws, regulations, rules, guidelines and so on. Hence, it is our intention to look into Korean legal system providing the analysis of current Korean legal system in detail. This paper also provides further directions to have balance between commercialization success and risk management in this country and, as a result creates a small step toward 4th industrial revolution society.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.149-158
• /
• 2021

In this paper, we propose military symbols for cyber operations to understand the situation in cyberspace intuitively. Currently, standardized military symbols are mainly for kinetic operations, and they do not consider cyber operations. Although, MIL-STD-2525D includes some symbols for cyber operations, only icons that are composed of three letters are standardized. So there is a limit to effectively expressing cyber operations. That is why we propose military symbols for cyber operations compatible with existing military symbol building rules. In addition to merely presenting the symbols, we present examples of expressing various cyber situations using the proposed symbols. It proves the usefulness of the proposed symbol. The small number of symbols proposed in this paper will not be able to represent all cyber situations. However, based on the proposed symbols, it is expected that more symbols will be standardized in the future to more clearly express the cyber situation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.661-674
• /
• 2021

Malware, such as a rootkit that modifies the kernel, can adversely affect the analyst's judgment, making the analysis difficult or impossible if a mechanism to evade memory analysis is added. Therefore, we plan to preemptively respond to malware such as rootkits that bypass detection through advanced kernel modulation in the future. To this end, the main structure used in the Windows kernel was analyzed from the attacker's point of view, and a method capable of modulating the kernel object was applied to modulate the memory dump file. The result of tampering is confirmed through experimentation that it cannot be detected by memory analysis tool widely used worldwide. Then, from the analyst's point of view, using the concept of tamper resistance, it is made in the form of software that can detect tampering and shows that it is possible to detect areas that are not detected by existing memory analysis tools. Through this study, it is judged that it is meaningful in that it preemptively attempted to modulate the kernel area and derived insights to enable precise analysis. However, there is a limitation in that the necessary detection rules need to be manually created in software implementation for precise analysis.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.2
• /
• pp.107-114
• /
• 2022

Delegation is a powerful mechanism that allocates access rights to users to provide flexible and dynamic access control decisions. It is also particularly useful in a distributed environment. Among the representative delegation models, the RBDM0 and RDM2000 models are role delegation as the user to user delegation. However, In RBAC, the concept of inheritance of the role class is not well harmonized with the management rules of the actual corporate organization. In this paper, we propose an Adding Attributes on Permission-Based Delegation Model (ABDM) that guarantees the permanence of delegated permissions. It does not violate the separation of duty and security principle of least privilege. ABDM based on RBAC model, supports both the role to role and user to user delegation with an attribute. whenever the delegator wants the permission can be withdrawn, and A delegator can give permission to a delegatee.

• Maritime Security
• /
• v.3 no.1
• /
• pp.1-44
• /
• 2021

China's new Maritime Policy Law (MPL) purports to regulate the duties of China's maritime police agencies, including the China Coast Guard, and safeguard China's sovereignty, security, and rights and interest. The MPL has potentially far-reaching application, as China claims extensive maritime areas off its mainland and in the South China Sea. This expansive application of maritime law enforcement jurisdiction is problematic given that most of China's maritime claims are inconsistent with international law. To the extent that the MPL purports to assert jurisdiction over foreign flagged vessels in disputed areas or on the high seas, it contravenes international law. Numerous provisions of the MPL regarding the use of force are also inconsistent with international rules and standards governing the use of maritime law enforcement jurisdiction, as well as the UN Charter's prohibition on the threat or use of force against the territorial integrity or political independence of any state. China could use the MPL as a subterfuge to advance its illegal territorial and maritime claims in the South and East China Seas and interfere with coastal State resource rights in their respective exclusive economic zone.

• International Journal of Computer Science & Network Security
• /
• v.22 no.10
• /
• pp.155-164
• /
• 2022

The review of known decisions showed that currently there are no systems and technologies for supporting the decision about the possibility of concluding the civil law agreements for medical, therapeutic and dental services. The paper models the decision-making support process on the possibility of concluding the civil law agreements for medical, therapeutic and dental services, which is the theoretical basis for the development of rules, methods and system for supporting the decision about the possibility of concluding the civil law agreements for medical, therapeutic and dental services. The paper also developed the system for supporting the decision about the possibility of concluding the civil law agreements for medical, therapeutic and dental services, which automatically and free determines the possibility or impossibility of concluding the corresponding civil law agreement for the provision of a corresponding medical service. In the case of formation of a conclusion about the possibility of concluding the agreement, further conclusion and signing of the corresponding agreement takes place. In the case of forming a conclusion about the impossibility of concluding the agreement, a request is made for finalizing the relevant agreement for the provision of the relevant medical service, indicating the reasons for the impossibility of concluding the agreement - missing essential conditions in the agreement. After finalization, the agreement can be analyzed again by the developed system for supporting the decision.

• International Journal of Computer Science & Network Security
• /
• v.22 no.9
• /
• pp.307-315
• /
• 2022

The review of known decision-making support systems and technologies regarding the possibility of donation and transplantation showed that currently there are no systems and technologies of decision-making support regarding the possibility of donation and transplantation considering civil law. The paper models the decision-making support process regarding the possibility of donation and transplantation, which is a theoretical basis for the development of rules, methods and technology of decision-making support regarding the possibility of donation and transplantation considering civil law. The paper also developed the technology of decision-making support regarding the possibility of donation and transplantation considering civil law as a component of the Unified State Information System for Organ and Tissue Transplantation, which automatically and free of charge determines the possibility/impossibility of donation and transplantation. In the case of the possibility of donation, the admissible type of donation is also determined - over-life or after-life donation - and data about potential donor is entered in the relevant Donor Register. In the case of the possibility of transplantation, if the recipient needs a transplant of one of the paired organs or a part of the organ/tissue, then data about potential recipient are entered in the Transplantation List from both over-life and after-life donor, otherwise, if the recipient needs a transplant of a non-paired organ or both paired organs, then data about potential recipient are entered only in the Transplantation List from after-life donor.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.346-356
• /
• 2022

The jurisprudential legal rules govern the way Muslims react and interact to daily life. This creates a huge stream of questions, that require highly qualified and well-educated individuals, called Muftis. With Muslims representing almost 25% of the planet population, and the scarcity of qualified Muftis, this creates a demand supply problem calling for Automation solutions. This motivates the application of Artificial Intelligence (AI) to solve this problem, which requires a well-designed Question-Answering (QA) system to solve it. In this work, we propose a QA system, based on retrieval augmented generative transformer model for jurisprudential legal question. The main idea in the proposed architecture is the leverage of both state-of-the art transformer models, and the existing knowledge base of legal sources and question-answers. With the sensitivity of the domain in mind, due to its importance in Muslims daily lives, our design balances between exploitation of knowledge bases, and exploration provided by the generative transformer models. We collect a custom data set of 850,000 entries, that includes the question, answer, and category of the question. Our evaluation methodology is based on both quantitative and qualitative methods. We use metrics like BERTScore and METEOR to evaluate the precision and recall of the system. We also provide many qualitative results that show the quality of the generated answers, and how relevant they are to the asked questions.

• International Journal of Computer Science & Network Security
• /
• v.22 no.5
• /
• pp.368-374
• /
• 2022

Children are by nature curious and enthusiastic about learning and love to explore and search for everything they see around them, but as a result of this exploration they may sometimes be exposed to dangerous situations ranging from falls to poisoning and suffocation. That is why when supporting a child's natural desire to explore the world and supporting his awareness of dangerous situations and good handling of them, helps him build a conscious scientific mind and enhance his curiosity in the natural world. It is not easy to imagine a difficult situation in which we or one of our family is in danger, unable to help ourselves or to help them in time, due to our complete ignorance of the rules of first aid. Hence the importance of learning first aid not only for the child but for the community and the world at large. "Hakeem" is an Arabic E-health educational application that aims to teach children from the age of six to eleven years first aid, in our belief that the seed of renaissance lies in the care and education of children, and the lack of Arabic content that aims to teach children first aid skills. The idea is to create a scenario in which the child is responsible for saving the person who will be in a dangerous situation using Augmented Reality (AR) technology, to increase engagement and interaction and provides a rich user experience, and according to the child's performance, he will get reward points. The game will have several levels: Beginner, Intermediate, and Hakeem, and based on the player's points he will get a title and move to the next level, and when he reaches the end, he will get the certificate.