• Annual Conference of KIPS
• /
• 2024.05a
• /
• pp.321-322
• /
• 2024

다양한 방면에서 사용되는 임베디드 시스템의 메모리 취약성에 대한 관심이 많아짐에 따라 임베디드 시스템의 메모리 보호와 관련하여 많은 연구가 진행 중이다. 스택 카나리는 효율적인 메모리 보호 기법으로써 널리 사용되지만 물리 메모리가 제한적이고 사용자 권한 분리를 지원하지 않는 임베디드 시스템에서는 기존 방식을 활용한 스택 카나리를 적용하는 것에 한계가 있다. ARM의 TrustZone은 일반 실행 환경과 신뢰 실행 환경으로 분리하여 일반 실행 환경에서 신뢰 실행 환경의 데이터나 코드에 접근하지 못 하도록 막는다. 그렇기 때문에 ARM의 TrustZone에 암호화 키를 저장하거나 보안이 중요한 동작을 TrustZone에서 실행하는 연구가 많다. 본 논문에서는 ARM의 TrustZone을 활용하여 임베디드 시스템에서 스택 카나리 기법의 한계를 보완 할 수 있는 방법을 제안한다.

• Annual Conference of KIPS
• /
• 2024.05a
• /
• pp.419-422
• /
• 2024

최근 인공지능 기술의 발전과 함께 기계학습과 빅데이터를 융합한 서비스가 증가하게 되었고, 무분별한 데이터 수집과 학습으로 인한 개인정보 유출 위험도가 커졌다. 따라서 프라이버시를 보호하면서 기계학습을 수행할 수 있는 기술이 중요해졌다. 동형암호 기술은 정보 주체자의 개인정보 기밀성을 유지하면서 기계학습을 할 수 있는 방법 중 하나이다. 그러나 평문 크기에 비례하여 암호문 크기와 연산 결과의 노이즈가 커지는 동형암호의 특징으로 인해 기계학습 모델의 예측 정확도가 감소하고 학습 시간이 오래 소요되는 문제가 발생한다. 본 논문에서는 부분 동형암호화된 데이터셋으로 로지스틱 회귀 모델을 학습할 수 있는 기법을 제안한다. 실험 결과에 따르면 제안하는 기법이 종래 기법보다 예측 정확도를 59.4% 향상시킬 수 있었고, 학습 소요 시간을 63.6% 개선할 수 있었다.

• Journal of Environmental Science International
• /
• v.33 no.7
• /
• pp.547-552
• /
• 2024

Satellite technology has emerged as a powerful tool in modern agriculture, offering capabilities for Earth observation, land-use pattern analysis, crop productivity assessment, and natural disaster prevention. This mini-review provides a concise overview of the applications and benefits of satellite technologies in agriculture. It discusses how satellite imagery enables the monitoring of crop health, identification of land-use patterns, evaluation of crop productivity, and mitigation of natural disasters. Farmers and policymakers can make informed decisions to optimize agricultural practices, enhance food security, and promote sustainable agriculture by leveraging satellite data. Integrating satellite technology with other advancements, such as artificial intelligence and precision farming techniques, holds promise for further revolutionizing the agricultural sector. Overall, satellite technology has immense potential for improving agricultural efficiency, resilience, and sustainability in the face of evolving environmental challenges.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.8
• /
• pp.2067-2081
• /
• 2024

Recently, image analysis research has been actively conducted due to the accumulation of big image data and the development of deep learning. Image analytics research has different characteristics from other data such as data size, real-time, image quality diversity, structural complexity, and security issues. In addition, a large amount of data is required to effectively analyze images with deep-learning models. However, in many fields, the data that can be collected is limited, so there is a need for meta learning based image analysis technology that can effectively train models with a small amount of data. This paper presents a comprehensive survey of meta-learning-based object-tracking techniques. This approach comprehensively explores object tracking methods and research that can achieve high performance in data-limited situations, including key challenges and future directions. It provides useful information for researchers in the field and can provide insights into future research directions.

• Journal of Intelligence and Information Systems
• /
• v.18 no.1
• /
• pp.125-141
• /
• 2012

These days, the malicious attacks and hacks on the networked systems are dramatically increasing, and the patterns of them are changing rapidly. Consequently, it becomes more important to appropriately handle these malicious attacks and hacks, and there exist sufficient interests and demand in effective network security systems just like intrusion detection systems. Intrusion detection systems are the network security systems for detecting, identifying and responding to unauthorized or abnormal activities appropriately. Conventional intrusion detection systems have generally been designed using the experts' implicit knowledge on the network intrusions or the hackers' abnormal behaviors. However, they cannot handle new or unknown patterns of the network attacks, although they perform very well under the normal situation. As a result, recent studies on intrusion detection systems use artificial intelligence techniques, which can proactively respond to the unknown threats. For a long time, researchers have adopted and tested various kinds of artificial intelligence techniques such as artificial neural networks, decision trees, and support vector machines to detect intrusions on the network. However, most of them have just applied these techniques singularly, even though combining the techniques may lead to better detection. With this reason, we propose a new integrated model for intrusion detection. Our model is designed to combine prediction results of four different binary classification models-logistic regression (LOGIT), decision trees (DT), artificial neural networks (ANN), and support vector machines (SVM), which may be complementary to each other. As a tool for finding optimal combining weights, genetic algorithms (GA) are used. Our proposed model is designed to be built in two steps. At the first step, the optimal integration model whose prediction error (i.e. erroneous classification rate) is the least is generated. After that, in the second step, it explores the optimal classification threshold for determining intrusions, which minimizes the total misclassification cost. To calculate the total misclassification cost of intrusion detection system, we need to understand its asymmetric error cost scheme. Generally, there are two common forms of errors in intrusion detection. The first error type is the False-Positive Error (FPE). In the case of FPE, the wrong judgment on it may result in the unnecessary fixation. The second error type is the False-Negative Error (FNE) that mainly misjudges the malware of the program as normal. Compared to FPE, FNE is more fatal. Thus, total misclassification cost is more affected by FNE rather than FPE. To validate the practical applicability of our model, we applied it to the real-world dataset for network intrusion detection. The experimental dataset was collected from the IDS sensor of an official institution in Korea from January to June 2010. We collected 15,000 log data in total, and selected 10,000 samples from them by using random sampling method. Also, we compared the results from our model with the results from single techniques to confirm the superiority of the proposed model. LOGIT and DT was experimented using PASW Statistics v18.0, and ANN was experimented using Neuroshell R4.0. For SVM, LIBSVM v2.90-a freeware for training SVM classifier-was used. Empirical results showed that our proposed model based on GA outperformed all the other comparative models in detecting network intrusions from the accuracy perspective. They also showed that the proposed model outperformed all the other comparative models in the total misclassification cost perspective. Consequently, it is expected that our study may contribute to build cost-effective intelligent intrusion detection systems.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.7
• /
• pp.4884-4890
• /
• 2015

These days most of people possesses an average of one to two mobile devices in the world and a wireless network market is gradually expanding. Wi-Fi preference are increasing in accordance with the use growth of mobile devices. A number of areas such as public agencies, health care, education, learning, and content, manufacturing, retail create new values based on Wi-Fi, and the global network is built and provides complex services. However, There exist some attacks and vulnerabilities like wireless radio device identifier vulnerability, illegal use of network resources through the MAC forgery, wireless authentication key cracking, unauthorized AP / devices attack in the next generation radio network environment. In addition, advanced security technology research, such as authentication Advancement and high-speed secure connection is not nearly progress. Therefore, this paper designed a secure communication system for message protection in next-generation wireless network environments by device identification and, designing content classification and storage protocols. The proposed protocol analyzed safeties with respect to the occurring vulnerability and the securities by comparing and analyzing the existing password techniques in the existing wireless network environment. It is slower 0.72 times than existing cypher system, WPA2-PSK, but enforces the stability in security side.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.133-146
• /
• 2015

Ever sophisticated e-finance fraud techniques have led to an increasing number of reported phishing incidents. Financial authorities, in response, have recommended that we enhance existing Fraud Detection Systems (FDS) of banks and other financial institutions. FDSs are systems designed to prevent e-finance accidents through real-time access and validity checks on client transactions. The effectiveness of an FDS depends largely on how fast it can analyze and detect abnormalities in large amounts of customer transaction data. In this study we detect fraudulent transaction patterns and establish detection rules through e-finance accident data analyses. Abnormalities are flagged by comparing individual client transaction patterns with client profiles, using the ruleset. We propose an effective flagging method that uses decision trees to normalize detection rules. In demonstration, we extracted customer usage patterns, customer profile informations and detection rules from the e-finance accident data of an actual domestic(Korean) bank. We then compared the results of our decision tree-normalized detection rules with the results of a sequential detection and confirmed the efficiency of our methods.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.385-395
• /
• 2018

With the development of Internet, cyber attack has become a major threat. To detect cyber attacks, intrusion detection system(IDS) has been widely deployed. But IDS has a critical weakness which is that it generates a large number of false alarms. One of the promising techniques that reduce the false alarms in real time is machine learning. However, there are problems that must be solved to use machine learning. So, many machine learning approaches have been applied to this field. But so far, researchers have not focused on features. Despite the features of IDS alerts are important for performance of model, the approach to feature is ignored. In this paper, we propose new feature set which can improve the performance of model and can be extracted from a single alarm. New features are motivated from security analyst's know-how. We trained and tested the proposed model applied new feature set with real IDS alerts. Experimental results indicate the proposed model can achieve better accuracy and false positive rate than SVM model with ordinary features.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.10
• /
• pp.602-608
• /
• 2020

Development of Internet technology and the spread of various smart devices provide a convenient computing environment for people, which is becoming common thanks to the Internet of Things (IoT). However, attacks by hackers have caused various problems, such as leaking personal information or violating privacy. In the IoT environment, various smart devices are connected, and network attacks that are used in the PC environment are occurring frequently in the IoT. In fact, security incidents such as conducting DDoS attacks by hacking IP cameras, leaking personal information, and monitoring unspecified numbers of personal files without consent are occurring. Although attacks in the existing Internet environment are PC-oriented, we can now confirm that smart devices such as IP cameras and tablets can be targets of network attacks. Through performance evaluation, the proposed protocol shows 11% more energy efficiency on servers than RSA, eight times greater energy efficiency on clients than Kerberos, and increased efficiency as the number of devices increases. In addition, it is possible to respond to a variety of security threats that might occur against the network. It is expected that efficient operations will be possible if the proposed protocol is applied to the IoT environment.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.666-668
• /
• 2013

Recently, the kind and number of malicious code, which operates in Operation System of smart devices, are rapidly increasing along with the fast supplement of smart devices. Especially, smart devices based on Android OS have high potential of danger to expose to malicious code as it has an easy access to system authority. When using intent, the global message system provided from Android, inter approach between applications is available, and possible to access to created data by the device. Intent provides convenience to application development in the aspect of reusability of component however, it could be appointed as a risk element in security-wise. Therefore, if intent is used in malicious purpose, it is easy to lead the condition where is weak on security. That is, it is possible to control as accessing to resources which application is carrying to operate by receiving intents as making smart device uncontrollable or consuming system resources. Especially, in case of system authority is achieved, the risks such as smart device control or personal information exposure become bigger when misusing broadcast intent through malicious code. This paper proposes a corresponding method of security vulnerability of Android intent that monitors the appearance of intent with intent pattern inspection, detects and blocks unidentified pattern intent.