• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.735-743
• /
• 2020

Secure coding is a technique that detects malicious attack or unexpected errors to make software systems resilient against such circumstances. In many cases secure coding relies on static analysis tools to find vulnerable patterns and contaminated data in advance. However, secure coding has the disadvantage of being dependent on rule-sets, and accurate diagnosis is difficult as the complexity of static analysis tools increases. In order to support secure coding, we apply machine learning techniques, such as DNN, CNN and RNN to investigate into finding major weakness patterns shown in secure development coding guides and present machine learning models and experimental results. We believe that machine learning techniques can support detecting security weakness along with static analysis techniques.

• International journal of advanced smart convergence
• /
• v.13 no.2
• /
• pp.48-60
• /
• 2024

With the exponential growth of satellite data utilization, machine learning has become pivotal in enhancing innovation and cybersecurity in satellite systems. This paper investigates the role of machine learning techniques in identifying and mitigating vulnerabilities and code smells within satellite software. We explore satellite system architecture and survey applications like vulnerability analysis, source code refactoring, and security flaw detection, emphasizing feature extraction methodologies such as Abstract Syntax Trees (AST) and Control Flow Graphs (CFG). We present practical examples of feature extraction and training models using machine learning techniques like Random Forests, Support Vector Machines, and Gradient Boosting. Additionally, we review open-access satellite datasets and address prevalent code smells through systematic refactoring solutions. By integrating continuous code review and refactoring into satellite software development, this research aims to improve maintainability, scalability, and cybersecurity, providing novel insights for the advancement of satellite software development and security. The value of this paper lies in its focus on addressing the identification of vulnerabilities and resolution of code smells in satellite software. In terms of the authors' contributions, we detail methods for applying machine learning to identify potential vulnerabilities and code smells in satellite software. Furthermore, the study presents techniques for feature extraction and model training, utilizing Abstract Syntax Trees (AST) and Control Flow Graphs (CFG) to extract relevant features for machine learning training. Regarding the results, we discuss the analysis of vulnerabilities, the identification of code smells, maintenance, and security enhancement through practical examples. This underscores the significant improvement in the maintainability and scalability of satellite software through continuous code review and refactoring.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.369-372
• /
• 2002

An anonymous authentication scheme allows a user to identify himself as a member of a group of users in a secure and anonymous way. It seems to be crucial and indispensable components in English auction, electronic voting and open procurement, which are getting very popular business areas in E-commerce. First, we briefly describe the previous anonymous authentication protocols how to work and what cryptographic techniques adopted to increase performance and achieve anonymity. Second, we compare those protocols from the viewpoint of the communication and computation complexity and the specific cryptographic techniques used in their protocols.

• Journal of information and communication convergence engineering
• /
• v.11 no.1
• /
• pp.17-23
• /
• 2013

Cloud computing is a currently developing revolution in information technology that is disturbing the way that individuals and corporate entities operate while enabling new distributed services that have not existed before. At the foundation of cloud computing is the broader concept of converged infrastructure and shared services. Security is often said to be a major concern of users considering migration to cloud computing. This article examines some of these security concerns and surveys recent research efforts in cryptography to provide new technical mechanisms suitable for the new scenarios of cloud computing. We consider techniques such as homomorphic encryption, searchable encryption, proofs of storage, and proofs of location. These techniques allow cloud computing users to benefit from cloud server processing capabilities while keeping their data encrypted; and to check independently the integrity and location of their data. Overall we are interested in how users may be able to maintain and verify their own security without having to rely on the trust of the cloud provider.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.793-799
• /
• 2021

Recently, there has been a growing interest in threat hunting presented to overcome the limitations of existing security solutions. Threat hunting is generally recognized as a technique for identifying and eliminating threats that exit inside the system. But, the definition is not clear, so there is confusion in terms with penetration testing, intrusion detection, and incident analysis. Therefore, in this paper, compare and analyze the definitions of threat hunting extracted from reports and papers to clarify their implications and compare with defense techniques.

• International Journal of Computer Science & Network Security
• /
• v.23 no.5
• /
• pp.41-46
• /
• 2023

Biometrics is an application of biometric authentication and identification techniques that are used for security. Where people can be identified by physical or behavioral features such as iris, fingerprints, or even voice. Biometrics with cryptography can be used in a variety of applications such as issuing, generating, or associating biometric keys. Biometric identification and cryptography are used in many institutions and high-security systems due to the difficulty of tampering or forgery by hackers. In this paper, literature reviews on biometric identification and cryptography are presented and discussed. In addition to a comparison of techniques in the literature reviews, identifying its strengths and weaknesses, and providing an initial proposal for biometrics and cryptography.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.271-278
• /
• 2015

We use various types of cryptographic algorithms for the protection of personal and sensitive informations in the application environments, such as an internet banking and an electronic commerce. However, recent researches were introduced that if we implement modes of operation, padding method and other cryptographic implementations in a wrong way, then the critical information can be leaked even though the underlying cryptographic algorithms are secure. Among these attacking techniques, the padding oracle attack is representative. In this paper, we analyze the possibility of padding oracle attacks of 12 kinds of padding techniques that can be applied to the CBC operation mode of a block cipher. As a result, we discovered that 3 kinds were safe padding techniques and 9 kinds were unsafe padding techniques. We propose 5 considerations when designing a safe padding techniques to have a resistance to the padding oracle attack through the analysis of three kinds of safe padding techniques.

• International Journal of Computer Science & Network Security
• /
• v.23 no.1
• /
• pp.33-40
• /
• 2023

Machine-learning techniques are discovering effective performance on data analytics. Classification and regression are supported for prediction on different kinds of data. There are various breeds of classification techniques are using based on nature of data. Threshold determination is essential to making better model for unlabelled data. In this paper, threshold value applied as range, based on min-max normalization technique for creating labels and multiclass classification performed on rainfall data. Binary classification is applied on autism data and classification techniques applied on child abuse data. Performance of each technique analysed with the evaluation metrics.

• International Journal of Computer Science & Network Security
• /
• v.24 no.3
• /
• pp.107-112
• /
• 2024

Nowadays the deadly virus famous as COVID-19 spread all over the world starts from the Wuhan China in 2019. This disease COVID-19 Virus effect millions of people in very short time. There are so many symptoms of COVID19 perhaps the Identification of a person infected with COVID-19 virus is really a difficult task. Moreover it's a challenging task to identify whether a person or individual have covid test positive or negative. We are developing a framework in which we used machine learning techniques..The proposed method uses DecisionTree, KNearestNeighbors, GaussianNB, LogisticRegression, BernoulliNB , RandomForest , Machine Learning methods as the classifier for diagnosis of covid ,however, 5-fold and 10-fold cross-validations were applied through the classification process. The experimental results showed that the best accuracy obtained from Decision Tree classifiers. The data preprocessing techniques have been applied for improving the classification performance. Recall, accuracy, precision, and F-score metrics were used to evaluate the classification performance. In future we will improve model accuracy more than we achieved now that is 93 percent by applying different techniques

• International Journal of Computer Science & Network Security
• /
• v.24 no.4
• /
• pp.67-76
• /
• 2024

Diabetic retinopathy is a threatening complication of diabetes, caused by damaged blood vessels of light sensitive areas of retina. DR leads to total or partial blindness if left untreated. DR does not give any symptoms at early stages so earlier detection of DR is a big challenge for proper treatment of diseases. With advancement of technology various computer-aided diagnostic programs using image processing and machine learning approaches are designed for early detection of DR so that proper treatment can be provided to the patients for preventing its harmful effects. Now a day machine learning techniques are widely applied for image processing. These techniques also provide amazing result in this field also. In this paper we discuss various machine learning and deep learning based techniques developed for automatic detection of Diabetic Retinopathy.