• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.19-27
• /
• 2022

With the innovative development of ICT technology, hacking techniques of hackers are also evolving into sophisticated and intelligent hacking techniques. Threat detection research to counter these cyber threats was mainly conducted in a passive way through hacking damage investigation and analysis, but recently, the importance of cyber threat information collection and analysis is increasing. A bot-type automation program is a rather active method of extracting malicious code by visiting a website to collect threat information or detect threats. However, this method also has a limitation in that it cannot prevent hacking damage because it is a method to identify hacking damage because malicious code has already been distributed or after being hacked. Therefore, to overcome these limitations, we propose a model that detects actual threats by acquiring and analyzing threat information while identifying and managing cyber bases. This model is an active and proactive method of collecting threat information or detecting threats outside the boundary such as a firewall. We designed a model for detecting threats using cyber strongholds and validated them in the defense environment.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.10a
• /
• pp.420-423
• /
• 2019

최근 국내에서 발생되고 있는 사이버 공격들의 대부분은 기존 보안장비로 탐지가 어려운 지능형 공격으로 2017년 한 해 동안 발생한 사이버 공격의 경제적 피해액은 약 77조원에 달하고 있다. 또한 이러한 공격을 탐지하는데 평균 145일 정도가 소요되고 있으며 국내 기업 중 약 70% 가량은 사이버 공격을 적극적으로 대응하고 있지 않다. 이러한 공격들은 대부분 과거에 발생한 공격의 변형이거나, 특정 공격 집단이 수행하는 유사/변종 공격들이다. 이러한 사이버 공격을 사전에 탐지하거나 이미 발생된 공격의 변형된 공격을 신속하게 탐지하기 위해서 본 논문에서는 기존 사이버 공격에 사용된 다양한 정보들을 능동적으로 수집하여, 이들 간의 연관성을 분석하고, 실시간으로 유입되는 공격 의심정보와 비교분석하는 기술을 제시한다.

• Journal of Internet Computing and Services
• /
• v.13 no.5
• /
• pp.21-31
• /
• 2012

Threat Evaluation(TE) which has air intelligence attained by identifying friend or foe evaluates the target's threat degree, so it provides information to Weapon Assignment(WA) step. Most of TE data are passed by sensor measured values, but existing techniques(fuzzy, bayesian network, and so on) have many weaknesses that erroneous linkages and missing data may fall into confusion in decision making. Therefore we need to efficient Threat Evaluation system that can refine various sensor data's linkages and calculate reliable threat values under unpredictable war situations. In this paper, we suggest new threat evaluation system based on information fusion JDL model, and it is principle that combine fuzzy which is favorable to refine ambiguous relationships with bayesian network useful to inference battled situation having insufficient evidence and to use learning algorithm. Finally, the system's performance by getting threat evaluation on an air defense scenario is presented.

• Journal of Digital Convergence
• /
• v.17 no.11
• /
• pp.233-240
• /
• 2019

In order to predict and respond to cyber attacks, a number of security companies quickly identify the methods, types and characteristics of attack techniques and are publishing Security Intelligence Reports(SIRs) on them. However, the SIRs distributed by each company are huge and unstructured. In this paper, we propose a framework that uses five analytic techniques to formulate a report and extract key information in order to reduce the time required to extract information on large unstructured SIRs efficiently. Since the SIRs data do not have the correct answer label, we propose four analysis techniques, Keyword Extraction, Topic Modeling, Summarization, and Document Similarity, through Unsupervised Learning. Finally, has built the data to extract threat information from SIRs, analysis applies to the Named Entity Recognition (NER) technology to recognize the words belonging to the IP, Domain/URL, Hash, Malware and determine if the word belongs to which type We propose a framework that applies a total of five analysis techniques, including technology.

• The Journal of Bigdata
• /
• v.6 no.2
• /
• pp.99-108
• /
• 2021

Recently, unexpected and more advanced cyber medical treat attacks are on the rise. However, in responding to various patterns of cyber medical threat attack, rule-based security methodologies such as physical blocking and replacement of medical devices have the limitations such as lack of the man-power and high cost. As a way to solve the problems, the medical community is also paying attention to artificial intelligence technology that enables security threat detection and prediction by self-learning the past abnormal behaviors. In this study, there has collecting and learning the medical information data from integrated Medical-Information-Systems of the medical center and introduce the research methodology which is to develop the AI-based Net-Working Behavior Adaptive Information data. By doing this study, we will introduce all technological matters of rule-based security programs and discuss strategies to activate artificial intelligence technology in the medical information business with the various restrictions.

• Journal of the Korean Society of Systems Engineering
• /
• v.19 no.2
• /
• pp.126-134
• /
• 2023

Drones are emerging as a new security threat, and the world is working to reduce them. Detection and identification are the most difficult and important parts of the anti-drone systems. Existing detection and identification methods each have their strengths and weaknesses, so complementary operations are required. Detection and identification performance in anti-drone systems can be improved through the use of artificial intelligence. This is because artificial intelligence can quickly analyze differences smaller than humans. There are three ways to utilize artificial intelligence. Through reinforcement learning-based physical control, noise and blur generated when the optical camera tracks the drone may be reduced, and tracking stability may be improved. The latest NeRF algorithm can be used to solve the problem of lack of enemy drone data. It is necessary to build a data network to utilize artificial intelligence. Through this, data can be efficiently collected and managed. In addition, model performance can be improved by regularly generating artificial intelligence learning data.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.11
• /
• pp.2966-2986
• /
• 2023

Climate change is a constant threat to human life, and it is important to understand the public perception of this issue. Previous studies examining climate change have been based on limited survey data. In this study, the authors used big data such as news articles and social media data, within which the authors selected specific keywords related to climate change. Using these natural language data, topic modeling was performed for discourse analysis regarding climate change based on various topics. In addition, before applying topic modeling, sentiment analysis was adjusted to discover the differences between discourses on climate change. Through this approach, discourses of positive and negative tendencies were classified. As a result, it was possible to identify the tendency of each document by extracting key words for the classified discourse. This study aims to prove that topic modeling is a useful methodology for exploring discourse on platforms with big data. Moreover, the reliability of the study was increased by performing topic modeling in consideration of objective indicators (i.e., coherence score, perplexity). Theoretically, based on the social amplification of risk framework (SARF), this study demonstrates that the diffusion of the agenda of climate change in public news media leads to personal anxiety and fear on social media.

• Korean Security Journal
• /
• no.36
• /
• pp.227-253
• /
• 2013

The threat of crime became a global issue nowadays. Terrorism, organized crime, crime by nation can be mentioned as typical examples. The crimes in modern society can't be identified to happen when, where and how being different from those traditional crimes(murder, robbery, sexual abuse, arson). This was the result of changed security environment that needs to address wide range of crimes as being indicated sporadic characteristics of modern threat of crime such as terrorism threat targeting unidentified masses as well as the emergence of systemic phenomenon of organized crimes and crime committed by nation. In this regard, the case of 9.11 occurred in 2001 can be deemed as an example that made a dramatic turn around to the security environment. After the terrorism, it provided an opportunity to rethink not only USA but also to the institutions all over the world that deals with crime about gathering, management, utilization of crime intelligence. As a result of which there appeared a change in police activities more effectively in gathering & managing crime information and ILP is the very activity that emerged from the USA/UK countries. This aims police activities to minimize the threat of crime being the system reflecting a framework to manage more directly to control crime by gathering and processing information. In view of the global change of security environment as a common phenomenon, the need to direct to ILP has increased in Korea in line with such security environmental change. Accordingly, this study focused on the method of introduction of ILP and presentation of matters for discussion by reviewing ILP activities of the USA/UK countries.

• Asian Journal of Innovation and Policy
• /
• v.9 no.1
• /
• pp.56-78
• /
• 2020

Changes in our lives due to Artificial Intelligence (AI) are currently ongoing, and there is little refutation of the effectiveness of AI. However, there have been active discussions to minimize the side effects of AI and use it responsibly, and publishing the AI Charter of Ethics (AICE) is one result of it. This study examines how our society is responding to threats from AI that may emerge in the future by examining various AIECs in the Republic of Korea. First, we summarize seven AI threats and classify these into three categories: AI's value judgment, malicious use of AI, and human alienation. Second, from Korea's seven AICEs, we draw fourteen topics based on three categories: protection of social values, AI control, and fostering digital citizenship. Finally, we review them based on the seven AI threats to evaluate any gaps between the threats and our responses. The analysis indicates that Korea has not yet been able to properly respond to the threat of AI's usurpation of human occupations (jobs). In addition, although Korea's AICEs present appropriate responses to lethal AI weapons, these provisions will be difficult to realize because the competition for AI weapons among military powers is intensifying.

• Convergence Security Journal
• /
• v.5 no.4
• /
• pp.27-32
• /
• 2005

Recently The social interest regarding is coming to be high about Home Network accordong to intelligence anger of diffusions and the family home appliance machineries and tools of the superhigh speed Internet In the ubiquitous computing socioty, only neither the threat of the private life which is caused by in cyber attack will be able to increase according to the computer environment dependence degree of the individual increases in the ubiquitous computing socioty, only neither the threat of the private life which is caused by in cyber attack will be able to increase according to the computer environment dependence degree of the individual increases Beacaues of Home network is starting point to go ubiquitous computing enviorment, The Increase of Cyber attack through Internet will raise its head with the obstacle to disrupt the activation of the groove network. So there is a possibility of saying that the counter-measure preparation is urgent, In the various environment like this, It means the threat which present time than is complicated will exist. So it will analyze the Home network system environment of present time and observe the Security threat and attack type in the ubiquitous computing enviorment. So it will analyze the Home network system environment of present time and observe the Security threat and attack type in the ubiquitous computing enviorment.