• ETRI Journal
• /
• v.44 no.6
• /
• pp.991-1003
• /
• 2022

Industrial control systems (ICSs) used to be operated in closed networks, that is, separated physically from the Internet and corporate networks, and independent protocols were used for each manufacturer. Thus, their operation was relatively safe from cyberattacks. However, with advances in recent technologies, such as big data and internet of things, companies have been trying to use data generated from the ICS environment to improve production yield and minimize process downtime. Thus, ICSs are being connected to the internet or corporate networks. These changes have increased the frequency of attacks on ICSs. Despite this increased cybersecurity risk, research on ICS security remains insufficient. In this paper, we analyze threats in detail using STRIDE threat analysis modeling and DREAD evaluation for distributed control systems, a type of ICSs, based on our work experience as cybersecurity specialists at a refinery. Furthermore, we verify the validity of threats identified using STRIDE through case studies of major ICS cybersecurity incidents: Stuxnet, BlackEnergy 3, and Triton. Finally, we present countermeasures and strategies to improve risk assessment of identified threats.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.49-62
• /
• 2023

There has been a rapid increase in the creation and alteration of new malware samples which is a huge financial risk for many organizations. There is a huge demand for improvement in classification and detection mechanisms available today, as some of the old strategies like classification using mac learning algorithms were proved to be useful but cannot perform well in the scalable auto feature extraction scenario. To overcome this there must be a mechanism to automatically analyze malware based on the automatic feature extraction process. For this purpose, the dynamic analysis of real malware executable files has been done to extract useful features like API call sequence and opcode sequence. The use of different hashing techniques has been analyzed to further generate images and convert them into image representable form which will allow us to use more advanced classification approaches to classify huge amounts of images using deep learning approaches. The use of deep learning algorithms like convolutional neural networks enables the classification of malware by converting it into images. These images when fed into the CNN after being converted into the grayscale image will perform comparatively well in case of dynamic changes in malware code as image samples will be changed by few pixels when classified based on a greyscale image. In this work, we used VGG-16 architecture of CNN for experimentation.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.190-198
• /
• 2023

To enhance customer satisfaction for higher profits, an e-commerce sector can establish a continuous relationship and acquire new customers. Utilize machine-learning models to analyse their customer's behavioural evidence to produce their competitive advantage to the e-commerce platform by helping to improve overall satisfaction. These models will forecast customers who will churn and churn causes. Forecasts are used to build unique business strategies and services offers. This work is intended to develop a machine-learning model that can accurately forecast retainable customers of the entire e-commerce customer data. Developing predictive models classifying different imbalanced data effectively is a major challenge in collected data and machine learning algorithms. Build a machine learning model for solving class imbalance and forecast customers. The satisfaction accuracy is used for this research as evaluation metrics. This paper aims to enable to evaluate the use of different machine learning models utilized to forecast satisfaction. For this research paper are selected three analytical methods come from various classifications of learning. Classifier Selection, the efficiency of various classifiers like Random Forest, Logistic Regression, SVM, and Gradient Boosting Algorithm. Models have been used for a dataset of 8000 records of e-commerce websites and apps. Results indicate the best accuracy in determining satisfaction class with both gradient-boosting algorithm classifications. The results showed maximum accuracy compared to other algorithms, including Gradient Boosting Algorithm, Support Vector Machine Algorithm, Random Forest Algorithm, and logistic regression Algorithm. The best model developed for this paper to forecast satisfaction customers and accuracy achieve 88 %.

• International Journal of Computer Science & Network Security
• /
• v.23 no.1
• /
• pp.53-63
• /
• 2023

Many researchers are trying hard to minimize the incidence of cancers, mainly Gastric Cancer (GC). For GC, the five-year survival rate is generally 5-25%, but for Early Gastric Cancer (EGC), it is almost 90%. Predicting the onset of stomach cancer based on risk factors will allow for an early diagnosis and more effective treatment. Although there are several models for predicting stomach cancer, most of these models are based on unbalanced datasets, which favours the majority class. However, it is imperative to correctly identify cancer patients who are in the minority class. This research aims to apply three class-balancing approaches to the NHS dataset before developing supervised learning strategies: Oversampling (Synthetic Minority Oversampling Technique or SMOTE), Undersampling (SpreadSubsample), and Hybrid System (SMOTE + SpreadSubsample). This study uses Naive Bayes, Bayesian Network, Random Forest, and Decision Tree (C4.5) methods. We measured these classifiers' efficacy using their Receiver Operating Characteristics (ROC) curves, sensitivity, and specificity. The validation data was used to test several ways of balancing the classifiers. The final prediction model was built on the one that did the best overall.

• International Journal of Computer Science & Network Security
• /
• v.23 no.4
• /
• pp.123-133
• /
• 2023

Active queue management (AQM) is a leading congestion control system, which can keep smaller queuing delay, less packet loss with better network utilization and throughput by intentionally dropping the packets at the intermediate hubs in TCP/IP (transmission control protocol/Internet protocol) networks. To accelerate the responsiveness of AQM framework, proportional-integral-differential (PID) controllers are utilized. In spite of its simplicity, it can effectively take care of a range of complex problems; however it is a lot complicated to track down optimal PID parameters with conventional procedures. A few new strategies have been grown as of late to adjust the PID controller parameters. Therefore, in this paper, we have developed a Squirrel search based PID controller to dynamically find its controller gain parameters for AQM. The controller gain parameters are decided based on minimizing the integrated-absolute error (IAE) in order to ensure less packet loss, high link utilization and a stable queue length in favor of TCP networks.

• Journal of Radiation Protection and Research
• /
• v.47 no.4
• /
• pp.226-236
• /
• 2022

Background: An effective communication strategy for reducing conflicts in South Korea has been designed through the analysis of public perception and communication variables on nuclear power under the conditions of rapidly changing nuclear power policies. Materials and Methods: This study conducted both qualitative research through group discussions based on social psychology and quantitative research through surveys. Results and Discussion: Nuclear power plant (NPP) area residents in favor of nuclear power indicated higher levels of communication, safety perception, and contribution than those against it. NPP area residents trusted the civilian expert groups (18.3%) and local government (17.3%) the most, while metropolitan city residents trusted the Nuclear Safety and Security Commission and the Korea Institute of Nuclear Safety (20.7%) the most. In determining nuclear power policy, both the NPP area residents (18.1%) and metropolitan city residents (17.1%) prioritized safety, health, and the environment. While metropolitan city residents thought that energy security and economic growth (16.4%) were important, NPP area residents thought the current issue of spent fuel rods (14.1%) to be important. Conclusion: It is necessary for the nuclear power industry to have and actively implement communication and conflict resolution strategies based on the patterns obtained in the study results.

• International Journal of Computer Science & Network Security
• /
• v.23 no.10
• /
• pp.81-88
• /
• 2023

In the present scenario, enormous amounts of data are produced every second. These data also contain private information from sources including media platforms, the banking sector, finance, healthcare, and criminal histories. Data mining is a method for looking through and analyzing massive volumes of data to find usable information. Preserving personal data during data mining has become difficult, thus privacy-preserving data mining (PPDM) is used to do so. Data perturbation is one of the several tactics used by the PPDM data privacy protection mechanism. In Perturbation, datasets are perturbed in order to preserve personal information. Both data accuracy and data privacy are addressed by it. This paper will explore and compare several perturbation strategies that may be used to protect data privacy. For this experiment, two perturbation techniques based on random projection and principal component analysis were used. These techniques include Improved Random Projection Perturbation (IRPP) and Enhanced Principal Component Analysis based Technique (EPCAT). The Naive Bayes classification algorithm is used for data mining approaches. These methods are employed to assess the precision, run time, and accuracy of the experimental results. The best perturbation method in the Nave-Bayes classification is determined to be a random projection-based technique (IRPP) for both the cardiovascular and hypothyroid datasets.

• Journal of the Korean Society of Systems Engineering
• /
• v.19 no.2
• /
• pp.135-144
• /
• 2023

Artificial Intelligence (AI) is a prominent topic in almost every field. In Korea, Systems Engineering (SE) procedures are applied in Defense Acquisition, and it is anticipated that SE procedures will also be applied to systems incorporating AI capabilities. This study explores the applicability of the concepts "AI4SE (AI for SE)" and "SE4AI (SE for AI)," which have been proposed in the United States, to the Korean context. The research examines the feasibility of applying these concepts, identifies necessary tasks, and proposes implementation strategies. For the AI4SE, many attempts and studies applying AI to SE Processes both Requirements & Architectures Define, System implementation & V&V, and Sustainment. It needs Explainability and Security. For the SE4AI, the Functional AI implementation level, Quality & Security of the Data-set, AI Ethics, and Review policies are needed. Furthermore, it provides perspectives on how these two concepts should ultimately converge and suggests future directions for development.

• Journal of the Korean Society of Industry Convergence
• /
• v.27 no.2_2
• /
• pp.343-356
• /
• 2024

Super app is an application that provides a variety of services in a unified interface within a single platform. With the acceleration of digital transformation, super apps are becoming more prevalent. This study aims to suggest service enhancement measures by analyzing the user review data before and after the transition to a super app. To this end, user review data from a payment-based super app(Shinhan Play) were collected and studied via topic modeling. Moreover, a matrix for assessing the importance and usefulness of topics is introduced, which relies on the eigenvector centrality of the inter-topic network obtained through topic modeling and the number of review recommendations. This allowed us to identify and categorize topics with high utility and impact. Prior to the transition, the factors contributing to user satisfaction included 'payment service,' 'additional service,' and 'improvement.' Following the transition, user satisfaction was associated with 'payment service' and 'integrated UX.' Conversely, dissatisfaction factors before the transition encompassed issues related to 'signup/installation,' 'payment error/response,' 'security authentication,' and 'security error.' Following the transition, user dissatisfaction arose from concerns regarding 'update/error response' and 'UX/UI.' The research results are expected to be used as a basis for establishing strategies to strengthen service competitiveness by making super app services more user-oriented.

• Journal of Information Processing Systems
• /
• v.20 no.2
• /
• pp.273-283
• /
• 2024

The digital domain has witnessed unprecedented growth, reshaping the way we interact, work, and even perceive reality. The internet has evolved into a vast ecosystem of interconnected virtual worlds, giving birth to the concept of the Metaverse. The Metaverse, often envisioned as a collective virtual shared space, is created by the convergence of virtually enhanced physical reality and interactive digital spaces. Within this Metaverse space, the concept of ownership, identity, and authenticity takes on new dimensions, necessitating innovative solutions to safeguard individual rights. The digital transformation through Metaverse has also brought forth challenges, especially in copyright protection. As the lines between the virtual and physical blur, the traditional notions of ownership and rights are being tested. The Metaverse, with its multitude of user-generated content, poses unique challenges. The primary objective of this research is multifaceted. Firstly, there's a pressing need to understand the strategies employed by non-fungible token (NFT) marketplaces within the Metaverse to strengthen security and prevent copyright violations. As these platforms become centers for digital transactions, ensuring the authenticity and security of each trade becomes paramount. Secondly, the study aims to delve deep into the foundational technologies underpinning NFTs, from the workings of blockchain to the mechanics of smart contracts, to understand how they collectively ensure copyright protection. Thus, in this paper, we propose a quantum based NFT solution that can secure Metaverse and copyright contents in an advanced manner.