• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.6
• /
• pp.2354-2376
• /
• 2020

SmartThings is one of the most popular open platforms for home automation IoT solutions that allows users to create their own applications called SmartApps for personal use or for public distribution. The nature of openness demands high standards on the quality of SmartApps, but there have been few studies that have evaluated this thoroughly yet. As part of software quality practice, code reviews are responsible for detecting violations of coding standards and ensuring that best practices are followed. The purpose of this research is to propose systematically designed quality metrics under the well-known Goal/Question/Metric methodology and to evaluate the quality of SmartApps through automatic code reviews using a static analysis. We first organize our static analysis rules by following the GQM methodology, and then we apply the rules to real-world SmartApps to analyze and evaluate them. A study of 105 officially published and 74 community-created real-world SmartApps found a high ratio of violations in both types of SmartApps, and of all violations, security violations were most common. Our static analysis tool can effectively inspect reliability, maintainability, and security violations. The results of the automatic code review indicate the common violations among SmartApps.

• Convergence Security Journal
• /
• v.6 no.2
• /
• pp.91-99
• /
• 2006

As the speed of network has fastened and the Internet has became common, an ill-intentioned aggression, such as worm and E-mail virus rapidly increased. So that there too many defenses created the recent Intrusion detection system as well as the Intrusion Prevention Systems to defense the malicious aggression to the network. Also as the form of malicious aggression has changed, at the same time the method of defense has changed. There is "snort" the most representive method of defense and its Rules file increases due to the change of aggression form. This causes decline of capability for detection. This paper suggest, design, and realize the structure for the improvement of processing capability by separating the files of Snort Rule according to o/s. This system show more improvement of the processing capability than the existing composion.

• Journal of Information Technology Services
• /
• v.11 no.sup
• /
• pp.27-39
• /
• 2012

As many applications are possible now in mobile environment with the trend of mobile convergence, diverse applications in healthcare industry are also possible in mobile devices. Though lots of researches on mobile and health services are introduced, they are limited to specific area or techniques. This study shows possible directions of fusion between mobile technologies and health services in the future using a data mining technique called association rule analysis. The data used in this study is collected from web pages containing key words related to mobile technologies and health services. The analysis shows that current cases of fusion between monitoring based telemedicine and patients. It also shows another case of fusion between mobile hospital and medical screen charts. These show that fusion between mobile technologies and health services already began in industry. Association rules are found between well-being, city, diet, and sleep. The association rules containing security and privacy, though their associations are not so strong, also show that security and privacy of patient information should be protected in the future. The results show that the fusion of mobile technologies and health services is expected to provide health services to more users and larger areas. It is also expected to create new diverse business models in the future.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.339-345
• /
• 2022

Outcome-based education (OBE) is a tried-and-true teaching technique based on a set of predetermined goals. Program Educational Objectives (PEOs), Program Outcomes (POs), and Course Outcomes (COs) are the components of OBE. At the end of each year, the Program Outcomes are evaluated, and faculty members can submit many recommended measures which dependent on the relationship between the program outcomes and its courses outcomes to improve the quality of program and hence the overall educational program. When a vast number of courses are considered, bad actions may be proposed, resulting in unwanted and incorrect decisions. In this paper, a recommender system, using collaborative filtering and association rules algorithms, is proposed for predicting the best relationship between the program outcomes and its courses in order to improve the attributes of the graduates. First, a parallel algorithm is used for Collaborative Filtering on Data Model, which is designed to increase the efficiency of processing big data. Then, a parallel similar learning outcomes discovery method based on matrix correlation is proposed by mining association rules. As a case study, the proposed recommender system is applied to the Computer Information Systems program, College of Computer Sciences and Information Technology, Al-Baha University, Saudi Arabia for helping Program Quality Administration improving the quality of program outcomes. The obtained results revealed that the suggested recommender system provides more actions for boosting Graduate Attributes quality.

• International Journal of Computer Science & Network Security
• /
• v.22 no.11
• /
• pp.1-10
• /
• 2022

This study aims to build a model is capable of classifying the categories of hadith, according to the reliability of hadith' narrators (sahih, hassan, da'if, maudu) and according to what was attributed to the Prophet Muhammad (saying, doing, describing, reporting ) using the supervised learning algorithms, with a view to discover a relationship between these classifications, based on the outputs of this model, which might be useful to avoid the controversy and useless debate on automatic classifications of hadith, using some of the statistical methods such as chi-square, information gain and association rules. The experimental results showed that there is a relation between these classifications, most of Sahih hadiths are belong to saying class, and most of maudu hadiths are belong to reporting class. Also the best classifier had given high accuracy was MultinomialNB, it achieved higher accuracy reached up to 0.9708 %, for his ability to process high dimensional problems and identifying the most important features that are relevant to target data in training stage. Followed by LinearSVC classifier, reached up to 0.9655, and finally, KNeighborsClassifier reached up to 0.9644.

• International Journal of Computer Science & Network Security
• /
• v.23 no.3
• /
• pp.10-16
• /
• 2023

The ever-increasing amount of data generated by various industries and systems has led to the development of data mining techniques as a means to extract valuable insights and knowledge from such data. The electrical energy industry is no exception, with the large amounts of data generated by SCADA systems. This study focuses on the analysis of historical data recorded in the SCADA database of the Libyan Electricity Company. The database, spanned from January 1st, 2013, to December 31st, 2022, contains records of daily date and hour, energy production, temperature, humidity, wind speed, and energy consumption levels. The data was pre-processed and analyzed using the WEKA tool and the Apriori algorithm, a supervised machine learning technique. The aim of the study was to extract association rules that would assist decision-makers in making informed decisions with greater efficiency and reduced costs. The results obtained from the study were evaluated in terms of accuracy and production time, and the conclusion of the study shows that the results are promising and encouraging for future use in the Libyan Electricity Company. The study highlights the importance of data mining and the benefits of utilizing machine learning technology in decision-making processes.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.6
• /
• pp.2781-2800
• /
• 2016

Emerging attacks aim to access proprietary assets and steal data for business or political motives, such as Operation Aurora and Operation Shady RAT. Skilled Intruders would likely remove their traces on targeted hosts, but their network movements, which are continuously recorded by network devices, cannot be easily eliminated by themselves. However, without complete knowledge about both inbound/outbound and internal traffic, it is difficult for security team to unveil hidden traces of intruders. In this paper, we propose an autonomous anomaly detection system based on behavior profiling and relation mining. The single-hop access profiling model employ a novel linear grouping algorithm PSOLGA to create behavior profiles for each individual server application discovered automatically in historical flow analysis. Besides that, the double-hop access relation model utilizes in-memory graph to mine time-sequenced access relations between different server applications. Using the behavior profiles and relation rules, this approach is able to detect possible anomalies and violations in real-time detection. Finally, the experimental results demonstrate that the designed models are promising in terms of accuracy and computational efficiency.

• The Korean Journal of Health Service Management
• /
• v.9 no.2
• /
• pp.23-32
• /
• 2015

In this paper, we evaluated web security vulnerability and privacy information management of hospital web sites which are registered at the Korea Hospital Association. Vulnerability Scanner (WVS) based on the OWASP Top 10 was used to evaluate the web security vulnerability of the web sites. And to evaluate the privacy information management, we used ten rules which were based on guidelines for protecting privacy information on web sites. From the results of the evaluation, we discovered tertiary hospitals had relatively excellent web security compared to other type of hospitals. But all the hospital types had not only high level vulnerabilities but also the other level of vulnerabilities. Additionally, 97% of the hospital web sites had a certain level of vulnerability, so a security inspection is needed to secure the web sites. We discovered a few SQL Injection and XSS vulnerabilities in the web sites of tertiary hospitals. However, these are very critical vulnerabilities, so all hospital types have to be inspected to protect their web sites against attacks from hacker. On the other hand, the inspection results of the tertiary hospitals for privacy information management had a better compliance rate than that of the other hospital types.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.3-13
• /
• 2004

Kvarnstrom et al. ${in}^{[10]}$ proposed a rule protection scheme by using one-way hash function to protect rules in security systems over ubiquitous environment. Son et at. ${in}^{[5-6]}$ also prooposed a rule protection scheme for Snort, which is one of the most common IDS. These schemes provide security only for the header information but not for its contents. To solve this problem, this paper presents a scheme based on the symmetric cryptosystem over Snort not only for the header information but also contents. This paper uses the key management based on PCMCIA security module proposed ${by}^{[12]}$ for the symmetric cryptosystem. Our scheme could be adjusted to other security systems, which use the rule based detection.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.12
• /
• pp.65-84
• /
• 1999

During the past few decades, we have witnessed three approaches to overcome the legal disparities between trading countries: - determining the individual governing law in accordance with the conflict of laws principle; - unifying and harmonizing private international law into uniform rules and substantive laws under the auspices of ICC, UNCITRAL, UNIDROIT and various NGOs ; and - drafting model laws like the UNCITRAL Model Law on Electronic Commerce and promoting member countries to enact them. Against this backdrop, the United Nations Convention on Contracts for the International Sale of Goods (CISG) and the process by which it was adopted, established the benchmark for the unification of commercial law. The CISG, completed in 1980, merged civil and common law concepts and came into force in 1988 after a certain number of countries endorsed the treaty. Besides the CISG, the U.N. Limitations Convention and the UNIDROIT Principles of International Commercial Law, to name a few, have attempted to set cross-border legal norms and standards in the international business transactions. However, since the advent of computer-based commerce, there have emerged all-out efforts to establish uniform rules before national legal systems have been developed. As a consequence, the Model Law on Electronic Commerce has become a specimen legislation covering functional equivalents of paper-based writing and signature. For the credit enhancement exemplified by the Uniform Rules for Demand Guarantees (ICC Publication No.458), the UNCITRAL prepared the U.N. Convention on Independent Guarantees and Stand-by Letters of Credit, which was adopted by the U.N. General Assembly in 1995 but remains still not effective as only two countries have ratified this treaty so far. In this connection, two draft conventions underway at UNIDROIT and UNCITRAL deserve our attention as the probability of unification in the Korean Peninsula is mounting. They are to create security interests for commercial finance in moveable equipment and accounts receivable. The UCC-type security rights are regarded to be useful to enable the North Koreans with limited properties to borrow from the banks.