• Convergence Security Journal
• /
• v.8 no.4
• /
• pp.173-181
• /
• 2008

Recently, Worm epidemic models have been developed in response to the cyber threats posed by worms in order to analyze their propagation and predict their spread. Some of the most important ones involve mathematical model techniques such as Epidemic(SI), KM (Kermack-MeKendrick), Two-Factor and AAWP(Analytical Active Worm Propagation). However, most models have several inherent limitations. For instance, they target worms that employ random scanning in the network such as CodeRed worm and it was able to be applied to the specified threats. Therefore, we propose the probabilistic of worm propagation based on the Markov Chain, which can be applied to cyber threats such as Mass SQL Injection worm. Using the proposed method in this paper, we can predict the occurrence probability and occurrence frequency for each threats in the entire system.

• Convergence Security Journal
• /
• v.13 no.1
• /
• pp.71-78
• /
• 2013

In this study, software products developed in the course of testing, software managers in the process of testing software test and test tools for effective learning effects perspective has been studied using the NHPP software. The doubly bounded power law distribution model makeup Weibull distribution applied to distribution was based on finite failure NHPP. Software error detection techniques known in advance, but influencing factors for considering the errors found automatically and learning factors, by prior experience, to find precisely the error factor setting up the testing manager are presented comparing the problem. As a result, the learning factor is greater than automatic error that is generally efficient model could be confirmed. This paper, a numerical example of applying using time between failures and parameter estimation using maximum likelihood estimation method, after the efficiency of the data through trend analysis model selection were efficient using the mean square error and $R^2$.

• The Journal of Bigdata
• /
• v.5 no.1
• /
• pp.89-96
• /
• 2020

Deep learning using an artificial neural network has been recently researched and developed in various fields such as image recognition, big data and data analysis. However, federated learning has emerged to solve issues of data privacy invasion and problems that increase the cost and time required to learn. Federated learning presented learning techniques that would bring the benefits of distributed processing system while solving the problems of existing deep learning, but there were still problems with server-client system and motivations for providing learning data. So, we replaced the role of the server with a blockchain system in federated learning, and conducted research to solve the privacy and security problems that are associated with federated learning. In addition, we have implemented a blockchain-based system that motivates users by paying compensation for data provided by users, and requires less maintenance costs while maintaining the same accuracy as existing learning. In this paper, we present the experimental results to show the validity of the blockchain-based system, and compare the results of the existing federated learning with the blockchain-based federated learning. In addition, as a future study, we ended the thesis by presenting solutions to security problems and applicable business fields.

• Journal of Digital Contents Society
• /
• v.19 no.2
• /
• pp.363-370
• /
• 2018

Ransomware detection has become a hot topic in computer security for protecting digital contents. Unfortunately, current signature-based and static detection models are often easily evadable by compress, and encryption. For overcoming the lack of these detection approach, we have proposed the dynamic ransomware detection system using data mining techniques such as RF, SVM, SL and NB algorithms. We monitor the actual behaviors of software to generate API calls flow graphs. Thereafter, data normalization and feature selection were applied to select informative features. We improved this analysis process. Finally, the data mining algorithms were used for building the detection model for judging whether the software is benign software or ransomware. We conduct our experiment using more suitable real ransomware samples. and it's results show that our proposed system can be more effective to improve the performance for ransomware detection.

• Convergence Security Journal
• /
• v.7 no.4
• /
• pp.61-72
• /
• 2007

We developed a convenience-featured Web browser which is intended to enhance Web users' convenience. The integrated convenience functions are VPV(Visited Page Viewer), APV(Aligned Page Viewer), USC(User Specified Capture), and VAC(Video and Audio Converter) which is the most important feature of FLV(FLash Video file) in UCC (User Created Contents). The four functions are considered ad the most needed functions to the Web users and we referred to the opinion of frequent and advanced Web users. We addressed important algorithms and techniques in terms of the implementation of the above four functions. The implementation methods based on the MDI application using rendering technique same as in Internet Explorer 6.0 are shown with codes. The results of implementation is compared with the survey conducted on 134 Computer Science and Multimedia Engineering major students. All four integrated functions are considered to be useful.

• Convergence Security Journal
• /
• v.11 no.1
• /
• pp.25-32
• /
• 2011

In this study, software products developed in the course of testing, software managers in the process of testing software test and test tools for effective learning effects perspective has been studied using the NHPP software. The Weibull distribution applied to distribution was based on finite failure NHPP. Software error detection techniques known in advance, but influencing factors for considering the errors found automatically and learning factors, by prior experience, to find precisely the error factor setting up the testing manager are presented comparing the problem. As a result, the learning factor is greater than automatic error that is generally efficient model could be confirmed. This paper, a numerical example of applying using time between failures and parameter estimation using maximum likelihood estimation method, after the efficiency of the data through trend analysis model selection were efficient using the mean square error and $R_{sq}$.

• Convergence Security Journal
• /
• v.12 no.3
• /
• pp.19-26
• /
• 2012

In this study, software products developed in the course of testing, software managers in the process of testing software and tools for effective learning effects perspective has been studied using the NHPP software. The log type hazard function applied to distribution was based on finite failure NHPP. Software error detection techniques known in advance, but influencing factors for considering the errors found automatically and learning factors, by prior experience, to find precisely the error factor setting up the testing manager are presented comparing the problem. As a result, the learning factor is greater than autonomous errors-detected factor that is generally efficient model could be confirmed. This paper, a failure data analysis of applying using time between failures and parameter estimation using maximum likelihood estimation method, after the efficiency of the data through trend analysis model selection were efficient using the mean square error and $R^2$(coefficient of determination).

• Journal of the Korean Institute of Intelligent Systems
• /
• v.18 no.4
• /
• pp.437-444
• /
• 2008

This paper deals with the biometric template protection in the biometric system which has been widely used for personal authentication. First, we consider the structure of the biometric system and the function of its sub-systems and define the biometric template and identification(ID) information. And then, we describe the biometric template attack points of a biometric system and attack examples and provide their countermeasures. From this, we classify the vulnerability which can be protected by encryption and hashing techniques. For more detail investigation of these at real operating situations, we analyze them and suggest several protection methods for the typical application scheme of biometric systems such as local model, download model, attached model, and center model. Finally, we also handle the privacy problem which is most controversy issue related to the biometric systems and suggest some guidances of safeguarding procedures on establishing privacy sympathy biometric systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1365-1373
• /
• 2019

Meltdown and Spectre are vulnerabilities that exploit out-of-order execution and speculative execution techniques to read memory regions that are not accessible with user privileges. OS patches were released to prevent this attack, but older systems without appropriate patches are still vulnerable. Currently, there are some research to detect Meltdown and Spectre attacks, but most of them proposed dynamic analysis methods. Therefore, this paper proposes a binary signature that can be used to detect Meltdown and Spectre malware without executing them. For this, we collected 13 malicious codes from GitHub and performed binary pattern analysis. Based on this, we proposed a static detection method for Meltdown and Spectre malware. Our results showed that the method identified all the 19 attack files with 0.94% false positive rate when applied to 2,317 normal files.

• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.347-356
• /
• 2009

In an RFID search protocol, a reader uses designated query to determine whether a specific tag is in the vicinity of the reader. This fundamental difference makes search protocol more vulnerable to replay attacks than authentication protocols. Due to this, techniques used in existing RFID authentication protocols may not be suitable for RFID search protocols. In this paper, we propose two RFID search protocols, one based on static ID and the other based on dynamic ID, which use counter to prevent replay attacks. Moreover, we propose a security model for RFID search protocols that includes forward/backward traceability, de-synchronization and forgery attack. Based on this model, we analyze security of our protocols and related works.