• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1994.11a
• /
• pp.288-302
• /
• 1994

A security risk analysis provides all information system with the capability to investigate and estimate the status of its security, and gives a guideline for establishing a safeguard against any means of security threats. The information system needs tile judicious and accurate why for performing a risk analysis since security policy and risk analysis of tile information system are based on risk analysis, The risk analysis is composed of two methods. mathematical approach and diagramming technique. Mathematical approach cannot yield a precise description of the real world. However, diagramming technique is more pragmatic since it overcomes this limitation. In this paper, we studied tile security risk analysis methods proposed in overseas such as INFOSEC [4], SRAG [5], FIPS65[6], and JRAM[7].

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.297-302
• /
• 2021

The development of various phishing websites enables hackers to access confidential personal or financial data, thus, decreasing the trust in e-business. This paper compared the detection techniques utilizing URL-based features. To analyze and compare the performance of supervised machine learning classifiers, the machine learning classifiers were trained by using more than 11,005 phishing and legitimate URLs. 30 features were extracted from the URLs to detect a phishing or legitimate URL. Logistic Regression, Random Forest, and CatBoost classifiers were then analyzed and their performances were evaluated. The results yielded that CatBoost was much better classifier than Random Forest and Logistic Regression with up to 96% of detection accuracy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.6
• /
• pp.1818-1832
• /
• 2022

Violence in the Internet era poses a new challenge to the current counter-riot work, and according to research and analysis, most of the violent incidents occurring are related to the dissemination of violence images. The use of the popular deep learning neural network to automatically analyze the massive amount of images on the Internet has become one of the important tools in the current counter-violence work. This paper focuses on the use of transfer learning techniques and the introduction of an attention mechanism to the residual network (ResNet) model for the classification and identification of violence images. Firstly, the feature elements of the violence images are identified and a targeted dataset is constructed; secondly, due to the small number of positive samples of violence images, pre-training and attention mechanisms are introduced to suggest improvements to the traditional residual network; finally, the improved model is trained and tested on the constructed dedicated dataset. The research results show that the improved network model can quickly and accurately identify violence images with an average accuracy rate of 92.20%, thus effectively reducing the cost of manual identification and providing decision support for combating rebel organization activities.

• Convergence Security Journal
• /
• v.22 no.2
• /
• pp.51-57
• /
• 2022

Recently, the concept of zero trust has been introduced, and it is necessary to strengthen the security elements required for the next-generation security control system. Also, the security paradigm in the era of the 4th industrial revolution is changing. Cloud computing and the cybersecurity problems caused by the dramatic changes in the work environment due to the corona 19 virus continue to occur. And at the same time, new cyber attack techniques are becoming more intelligent and advanced, so a future security control system is needed to strengthen security. Based on the core concept of doubting and trusting everything, Zero Trust Security increases security by monitoring all communications and allowing strict authentication and minimal access rights for access requesters. In this paper, we propose a security enhancement plan in the security control field through a zero trust security model that can understand the problems of the existing security control system and solve them.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1209-1223
• /
• 2018

Android apps are made up of bytecode, so they are vulnerable to reverse engineering, and protection services are emerging that robustly repackage the app to compensate. Unlike cryptographic algorithms, the robustness of these protection services depends heavily on hiding the protection scheme. Therefore, there are few systematic discussions about the protection method even if destruction techniques of the protection service are various. And it is implemented according to the intuition of the developer. There is a need to discuss systematic protection schemes for robust security chains, rather than simple deployment of techniques disrupting static or dynamic analysis. In this paper, we analyze bangcle, a typical commercial Android app protection service, to examine the protection structure and vulnerable elements. We propose the requirements for robust structure and principles of protection structure.

• Journal of Korea Multimedia Society
• /
• v.17 no.7
• /
• pp.769-777
• /
• 2014

With the rapid interest in Geographic Information System (GIS) contents, a large volume of valuable GIS dataset has been distributed illegally by pirates, hackers, or unauthorized users. Therefore the problem focus on how to protect the copyright of GIS vector map data for storage and transmission. At this point, GIS security techniques focusing on secure network and data encryption have been studied and developed to solve the copyright protection and illegal copy prevention for GIS digital map. But GIS vector map data is very large and current data encryption techniques often encrypt all components of data. That means we have encrypted large amount of data lead to the long encrypting time and high complexity computation. This paper presents a novel selective encryption scheme for GIS vector map data protection to store, transmit or distribute to authorized users using K-means algorithm. The proposed algorithm only encrypts a small part of data based on properties of polylines and polygons in GIS vector map but it can change whole data of GIS vector map. Experimental results verified the proposed algorithm effectively and error in decryption is approximately zero.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.2
• /
• pp.883-900
• /
• 2017

In this paper block based blind secure gray image watermarking scheme based on discrete wavelet transform and singular value decomposition is proposed. In devising the proposed scheme, security is given high importance along with other two requirements: robustness and imperceptibility. The use of discrete wavelet transform not only improves robustness but the selection of bands with high tolerance towards noise caused an improvement in terms of imperceptibility. The robustness further improved due to the involvement of singular vectors along with singular values in watermark embedding and extraction process. Finally, to achieve security, the selected DWT band is decomposed into smaller blocks and random blocks are chosen for modification. Furthermore, the elements of left and right singular vectors of selected blocks are chosen based on their dependence upon each other for watermark embedding. Various experiments using different images as host and watermark were conducted to examine and validate the proposed technique. Additionally, the proposed technique is tested against various attacks like compression, affine transformation, cropping, translation, X shearing, scaling, Y shearing, filtering, blurring, different kinds of noises, histogram equalization, rotation, etc. Lastly, the proposed technique is compared with state-of-the-art watermarking techniques and their comparison shows significant improvement of proposed scheme over existing techniques.

• Journal of Korea Multimedia Society
• /
• v.24 no.9
• /
• pp.1224-1241
• /
• 2021

Recent development of deep learning techniques for image generation has led to straightforward generation of sophisticated deepfakes. However, as a result, privacy violations through deepfakes has also became increased. To solve this issue, a number of techniques for deepfake detection have been proposed, which are mainly focused on RGB channel-based analysis. Although existing studies have suggested the effectiveness of other color model-based analysis (i.e., Grayscale), their effectiveness has not been quantitatively validated yet. Thus, in this paper, we compare the effectiveness of Grayscale channel-based analysis with RGB channel-based analysis in deepfake detection. Based on the selected CNN-based models and deepfake datasets, we measured the performance of each color model-based analysis in terms of accuracy and time. The evaluation results confirmed that Grayscale channel-based analysis performs better than RGB-channel analysis in several cases.

• International Journal of Computer Science & Network Security
• /
• v.22 no.7
• /
• pp.427-442
• /
• 2022

MP3 is one of the most widely used file formats for encoding and representing audio data. One of the reasons for this popularity is their significant ability to reduce audio file sizes in comparison to other encoding techniques. Additionally, other reasons also include ease of implementation, its availability and good technical support. Steganography is the art of shielding the communication between two parties from the eyes of attackers. In steganography, a secret message in the form of a copyright mark, concealed communication, or serial number can be embedded in an innocuous file (e.g., computer code, video film, or audio recording), making it impossible for the wrong party to access the hidden message during the exchange of data. This paper describes a new steganography algorithm for encoding secret messages in MP3 audio files using an improved least significant bit (LSB) technique with high embedding capacity. Test results obtained shows that the efficiency of this technique is higher compared to other LSB techniques.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.3
• /
• pp.779-800
• /
• 2024

Unmanned Aerial Vehicle (UAV) networks, also known as drone networks, have gained significant attention for their potential in various applications, including communication. UAV networks for communication involve using a fleet of drones to establish wireless connectivity and provide communication services in areas where traditional infrastructure is lacking or disrupted. UAV communication networks need to be highly secured to ensure the technology's security and the users' safety. The proposed survey provides a comprehensive overview of the current state-of-the-art UAV network security solutions. In this paper, we analyze the existing literature on UAV security and identify the various types of attacks and the underlying vulnerabilities they exploit. Detailed mitigation techniques and countermeasures for the protection of UAVs are described in this paper. The survey focuses on the implementation of novel technologies like Q-learning, blockchain, IRS, and mmWave. This paper discusses network simulation tools that range in complexity, features, and programming capabilities. Finally, future research directions and challenges are highlighted.