• Journal of Digital Convergence
• /
• v.17 no.2
• /
• pp.195-200
• /
• 2019

Nowadays as the use of mobile communication devices such as smart phones and tablets and the use of Computer is expanded, data is being collected exponentially on the Internet. In addition, due to the development of SNS, users can freely communicate with each other and share information in various fields, so various opinions are accumulated in the from of big data. Accordingly, big data analysis techniques are being used to find out the difference between the response of the general public and the response of the media. In this paper, we analyzed the public response in SNS about child allowance and childbirth grant and analyzed the response of the media. Therefore we gathered articles and comments of users which were posted on Twitter for a certain period of time and crawling the news articles and applied sentiment analysis. From these data, we compared the opinion of the public posted on SNS with the response of the media expressed in news articles. As a result, we found that there is a different response to some national policy between the public and the media.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.45-55
• /
• 2019

DEX file and share objects (also known as the SO file) are important components that define the behaviors of an Android application. DEX file is implemented in Java code, whereas SO file under ELF file format is implemented in native code(C/C++). The two layers - Java and native can communicate with each other at runtime. Malicious applications have become more and more prevalent in mobile world, they are equipped with different evasion techniques to avoid being detected by anti-malware product. To avoid static analysis, some applications may perform malicious behavior in native code that is difficult to analyze. Existing researches fail to extract the call relationship which includes both Java code and native code, or can not analyze multi-DEX application. In this study, we design and implement a system that effectively extracts the call relationship between Java code and native code by analyzing DEX file and SO file of Android application.

• Journal of Industrial Convergence
• /
• v.17 no.2
• /
• pp.21-27
• /
• 2019

The Internet of things is the infrastructure that can communicate with each other by exchanging information by installing antennas that can communicate with all things in the world. The reason why the Internet of Things is the core of the Fourth Industrial Revolution is that data is collected through the Internet to be. Technology of things Internet and Trend of Things Internet IoT (Internet of Things) is a concept that enables internet connection and communication between devices equipped with various sensors. It is the core IT trend of lot, technology such as big data, mobile, cloud And to provide information for the development of the industrial environment through research on the importance of the Internet of things, the core of the Fourth Industrial Revolution and the processing and analysis techniques of Big Data. By providing various security measures and future technologies, This study was conducted to contribute to management.

• Convergence Security Journal
• /
• v.21 no.3
• /
• pp.57-66
• /
• 2021

As the detection performance using deep learning and machine learning of the intrusion detection field has been verified, the cases of using it are increasing day by day. However, it is difficult to collect the data required for learning, and it is difficult to apply the machine learning performance to reality due to the imbalance of the collected data. Therefore, in this paper, A mixed sampling technique using t-SNE visualization for imbalanced data processing is proposed as a solution to this problem. To do this, separate fields according to characteristics for intrusion detection events, including payload. Extracts TF-IDF-based features for separated fields. After applying the mixed sampling technique based on the extracted features, a data set optimized for intrusion detection with imbalanced data is obtained through data visualization using t-SNE. Nine sampling techniques were applied through the open intrusion detection dataset CSIC2012, and it was verified that the proposed sampling technique improves detection performance through F-score and G-mean evaluation indicators.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.93-100
• /
• 2021

Damage caused by intelligent cyber attacks not only disrupts system operations and leaks information, but also entails massive economic damage. Recently, cyber attacks have a distinct goal and use advanced attack tools and techniques to accurately infiltrate the target. In order to minimize the damage caused by such an intelligent cyber attack, it is necessary to block the cyber attack at the beginning or during the attack to prevent it from invading the target's core system. Recently, technologies for predicting cyber attack paths and analyzing risk level of cyber attack using big data or artificial intelligence technologies are being studied. In this paper, a cyber attack path analysis method using attack tree and RFI is proposed as a basic algorithm for the development of an automated cyber attack path prediction system. The attack path is visualized using the attack tree, and the priority of the path that can move to the next step is determined using the RFI technique in each attack step. Based on the proposed mechanism, it can contribute to the development of an automated cyber attack path prediction system using big data and deep learning technology.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.10
• /
• pp.1359-1368
• /
• 2021

Steganography is a science of embedding secret data into innocent data and its goal is to conceal the existence of a carrier data. Many research on Steganography has been proposed by various hiding and detection techniques that are based on different algorithms. On the other hand, very few studies have been conducted to analyze the performance of each Steganography software. This paper describes five different Steganography software, each having its own algorithms, and analyzes the difference of each inherent feature. Image quality metrics of Peak Signal to Noise Ratio (PSNR) and Structural SIMilarity (SSIM) are used to define its performance of each Steganography software. We extracted PSNR and SSIM results of a quantitative amount of embedded output images for those five Steganography software. The results will show the optimal steganography software based on the evaluation metrics and ultimately contribute to forensics.

• Journal of Korean Society of Disaster and Security
• /
• v.14 no.1
• /
• pp.41-50
• /
• 2021

As a method of predicting the displacement of river levee in advance, Differential Interferometry (D-InSAR) kind of InSAR techniques was used to identify weak points in the area of the levee collapes near Gumgok Bridge (Somjin River) in Namwon City, which occurred in the summer of 2020. As a result of analyzing the displacement using five images each in the spring and summer of 2020, the Variation Index (V) of area where the collapse occurred was larger than that of the other areas, so the prognostic sysmptoms was detected. If the levee monitoring system is realized by analyzing the correlations with displacement results and hydrometeorological factors, it will overcome the existing limitations of system and advance ultra-precise, automated river levee maintenance technology and improve national disaster management.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.13 no.6
• /
• pp.605-610
• /
• 2020

Software Defined Networking (SDN) is setting the standard for the management of networks due to its scalability, flexibility and functionality to program the network. The Distributed Denial of Service (DDoS) attack is most widely used to attack the SDN controller to bring down the network. Different methodologies have been utilized to detect DDoS attack previously. In this paper, first the dataset is obtained by Kaggle with 84 features, and then according to the rank, the 20 highest rank features are selected using Permutation Importance Algorithm. Then, the datasets are trained and tested with Convolution Neural Network (CNN) classifier model by utilizing deep learning techniques. Our proposed solution has achieved the best results, which will allow the critical systems which need more security to adopt and take full advantage of the SDN paradigm without compromising their security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.73-86
• /
• 2007

Numerous types of models have been developed in recent years in response to the cyber threat posed by worms in order to analyze their propagation and predict their spread. Some of the most important ones involve mathematical modeling techniques such as Epidemic, AAWP (Analytical Active Worm Propagation Modeling) and LAAWP (Local AAWP). However, most models have several inherent limitations. For instance, they target worms that employ random scanning in the entire nv4 network and fail to consider the effects of countermeasures, making it difficult to analyze the extent of damage done by them and the effects of countermeasures in a specific network. This paper extends the equations and parameters of AAWP and LAAWP and suggests ALAAWP (Advanced LAAWP), a new worm simulation technique that rectifies the drawbacks of existing models.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.101-110
• /
• 2003

Secure and reliable group communication is an increasingly active research area prompted by the growing popularity of many types of group-oriented and collaborative applications. The central challenge is secure and efficient group key management. While centralized methods are often appropriate for key distribution in large multicast-style groups, many collaborative group settings require distributed key agreement techniques. Most of prior group key agreement protocols have been focused on reducing the computational costs. One exception is STR protocol that optimizes communicational cost. On the other hand, it requires O(n) number of modular exponentiations. In this paper, we propose a new group key agreement protocol that modifies STR protocol by utilizing pairing based cryptography. The resulting protocol reduces computational cost of STR protocol while preserving the communication cost.