• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.605-616
• /
• 2020

Obfuscation technology delays the analysis of a program by modifying internal logic such as data structure and control flow while maintaining the program's functionality. However, the application of such obfuscation technology to malicious code frequently occurs to reduce the detection rate of malware in antivirus software. The obfuscation technology applied to protect software intellectual property is applied to the malicious code in reverse, which not only lowers the detection rate of the malicious code but also makes it difficult to analyze and thus makes it difficult to identify the functionality of the malicious code. The study of reverse obfuscation techniques that can be closely restored should also continue. This paper analyzes the characteristics of obfuscated code with the option of Pack the Output File and Import Protection among detailed obfuscation technologies provided by VMProtect 3.4.0, a popular tool among commercial obfuscation tools. We present a de-obfuscation algorithm.

• Journal of Communications and Networks
• /
• v.16 no.4
• /
• pp.407-414
• /
• 2014

The Internet is a highly distributed and complex system consisting of billion devices and has become the field of various kinds of conflicts during the last two decades. As a matter of fact, various actors utilise the Internet for illicit purposes, such as for performing distributed denial of service attacks (DDoS) and for spreading various types of aggressive malware. Despite the fact that numerous services provide information regarding the threat level of the Internet, they are mostly based on information acquired by their sensors or on offline statistical sampling of various security applications (antivirus software, intrusion detection systems, etc.). This paper introduces proactive threat observatory system (PROTOS), an open-source early warning system that does not require a commercial license and is capable of estimating the threat level across the Internet. The proposed system utilises both a global and a local approach, and is thus able to determine whether a specific host is under an imminent threat, as well as to provide an estimation of the malicious activity across the Internet. Apart from these obvious advantages, PROTOS supports a large-scale installation and can be extended even further to improve the effectiveness by incorporating prediction and forecasting techniques.

• Journal of Pharmacopuncture
• /
• v.19 no.3
• /
• pp.225-230
• /
• 2016

Objectives: Mellitine, a major component of bee venom (BV, Apis mellifera), is more active against gram positive than gram negative bacteria. Moreover, BV has been reported to have multiple effects, including antibacterial, antivirus, and anti-inflammation effects, in various types of cells. In addition, wasp venom has been reported to have antibacterial properties. The aim of this study was to evaluate the antibacterial activity of BV against selected gram positive and gram negative bacterial strains of medical importance. Methods: This investigation was set up to evaluate the antibacterial activity of BV against six grams positive and gram negative bacteria, including Staphylococcus aureus (S. aureus), Salmonella typhimurium, Escherichia coli (E. coli) O157:H7, Pseudomonas aeruginosa, Burkholderia mallei and Burkholderia pseudomallei. Three concentrations of crude BV and standard antibiotic (gentamicin) disks as positive controls were tested by using the disc diffusion method. Results: BV was found to have a significant antibacterial effect against E. coli, S. aureus, and Salmonella typhyimurium in all three concentrations tested. However, BV had no noticeable effect on other tested bacteria for any of the three doses tested. Conclusion: The results of the current study indicate that BV inhibits the growth and survival of bacterial strains and that BV can be used as a complementary antimicrobial agent against pathogenic bacteria. BV lacked the effective proteins necessary for it to exhibit antibacterial activity for some specific strains while being very effective against other specific strains. Thus, one may conclude, that Apis mellifera venom may have a specific mechanism that allows it to have an antibacterial effect on certain susceptible bacteria, but that mechanism is not well understood.

• Biomolecules & Therapeutics
• /
• v.25 no.3
• /
• pp.272-278
• /
• 2017

Fucoidan has been reported to exhibit various beneficial activities ranging from to antivirus and anticancer properties. However, little information is available about the effects of fucoidan on cerebral ischemia-reperfusion injury (IRI). Our study aimed to explore the effects of fucoidan on cerebral IRI, as well as the underlying mechanisms. Sprague-Dawley (SD) rats were randomly subjected to four groups: Sham, IRI+saline (IRI+S), IRI+80 mg/kg fucoidan (IRI+F80), and IRI+160 mg/kg fucoidan (IRI+F160). Fucoidan (80 mg/kg or 160 mg/kg) was intraperitoneally injected from 7 days before the rats were induced to cerebral IRI model with middle cerebral artery occlusion (MCAO) method. At 24 h after reperfusion, neurological deficits and the total infarct volume were determined. The levels of inflammation-associated cytokines (interleukin (IL)-$1{\beta}$, IL-6, myeloperoxidase (MPO), and tumor necrosis factor (TNF)-${\alpha}$), oxidative stress-related proteins (malondialdehyde (MDA) and superoxide dismutase (SOD)) in the ischemic brain were measured by enzyme-linked immunosorbent assay (ELISA). Besides, the levels of apoptosis-related proteins (p-53, Bax, and B-cell lymphoma (Bcl)-2) and mitogen-activated protein kinase (MAPK) pathway (phosphorylation-extracellular signal-regulated kinase (p-ERK), p-c-Jun N-terminal kinase (JNK), and p-p38) were measured. Results showed that administration of fucoidan significantly reduced the neurological deficits and infarct volume compared to the IRI+S group in a dose-dependent manner. Also, fucoidan statistically decreased the levels of inflammation-associated cytokines, and oxidative stress-related proteins, inhibited apoptosis, and suppressed the MAPK pathway. So, Fucoidan plays a protective role in cerebral IRI might be by inhibition of MAPK pathway.

• Journal of the Society of Cosmetic Scientists of Korea
• /
• v.28 no.1
• /
• pp.166-185
• /
• 2002

Aroma oils extracted from the natural material have antibacterial, antivirus, antiinflammatory, and preservative effect. The preserve efficacy testing between aroma oils and parabens as an artificial preservative had been performed and then it had been suggested that aroma oil was possibile to apply to the cosmetics. Aroma oils were pine, rosemary, lemon and eucalyptus, and parabens were methylparaben, blitylparaben. Antiseptic concentrations of aroma oils and parabens having 0.0, 0.1, 0.2, 0.4, 0.8, 1.0wt% were tested respectively. Escherichia coil(ATCC No.8739), Pseudomonas aeruginosa(ATCC No. 9027) which are gram-negative and Staphylococcus aureus (ATCC No. 6538), Bacillus subtilis(ATCC No. 6633) which are gram-positive were used as the test organisms. Disk paper and broth dilution methods were used as the methods of preservative efficacy testing. The antibacterial activity of aroma oils and parabens for gram-positive were better than that for gram-negative. For the antibacterial activity aroma oils were better than parabens. Among the aroma oils, rosemary and pine having superior antibacterial activity were selected and blended to illuminate if there is any synergy, There was synergical effect and optimum ratio of aroma blend is 3 : 1(rosemary pine) in this study.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.549-555
• /
• 2019

According to a recent report by anti-virus vendors, the number of new and modified malware increased exponentially. Therefore, malware analysis research using machine learning has been actively researched in order to replace passive analysis method which has low analysis speed. However, when using supervised learning based machine learning, many studies use low-reliability malware family name provided by the antivirus vendor as the label. In order to solve the problem of low-reliability of malware label, this paper introduces a new labeling technique, "Unified Labeling", and further verifies the malicious behavior similarity through the feature analysis of the fine-grained method. To verify this study, various clustering algorithms were used and compared with existing labeling techniques.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.234-237
• /
• 2014

The increasing of Cloud Computing technology among several companies has been a key strategy for IT services to provide desirable IT solutions to consumers of cloud services. More attention is concentrated to these core technologies that enable cloud services and more particularly to the virtualization aspect. The accessibility to a larger number of users is possible because of the usage of the data-intensive, data management and data integrity. Unfortunately, those useful services are vulnerable to kind of attacks by hackers, thus the security of personal information is in critical situation. To solve this to leakage vulnerability, and with the proliferation of cloud services, the cloud service providers adopt a security system with firewall, antivirus software and a large number of virtualized servers and Host. In this paper, a variety of virtualization technologies, threats and vulnerabilities are described with a complement of different security solutions as countermeasures.

• Journal of Industrial Convergence
• /
• v.16 no.2
• /
• pp.25-31
• /
• 2018

An APT attack is a new hacking technique that continuously attacks specific targets and is called an APT attack in which a hacker exploits various security threats to continually attack a company or organization's network. Protect employees in a specific organization and access their internal servers or databases until they acquire significant assets of the company or organization, such as personal information leaks or critical data breaches. Also, APT attacks are not attacked at once, and it is difficult to detect hacking over the years. This white paper examines ongoing APT attacks and identifies, educates, and proposes measures to build a security management system, from the executives of each organization to the general staff. It also provides security updates and up-to-date antivirus software to prevent malicious code from infiltrating your company or organization, which can exploit vulnerabilities in your organization that could infect malicious code. And provides an environment to respond to APT attacks.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.6
• /
• pp.907-913
• /
• 2022

Approximately 70% of smartphone users around the world use Android operating system-based smartphones, and malicious apps targeting these Android platforms are constantly increasing. Google has provided "Google Play Protect" to respond to the increasing number of Android targeted malware, preventing malicious apps from being installed on smartphones, but many malicious apps are still normal. It threatens the smartphones of ordinary users registered in the Google Play store by disguising themselves as apps. However, most people rely on antivirus programs to detect malicious apps because the average user needs a great deal of expertise to check for malicious apps. Therefore, in this paper, we propose a method to classify unnecessary malicious permissions of apps by using only the categories and permissions that can be easily confirmed by the app, and to easily detect malicious apps through the classified permissions. The proposed method is compared and analyzed from the viewpoint of undiscovered rate and false positives with the "commercial malicious application detection program", and the performance level is presented.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.7
• /
• pp.105-112
• /
• 2009

Small and medium enterprises have more dependency on their information technology than large enterprises have. but they can't pay much for information technology and information security due to financial restrictions, limited resources, and lack of know-how. So there are many vulnerabilities in small and medium enterprises and these would make many security incidents. Security managers of small and medium enterprises think that information security in their company is simply equivalent to updating the antivirus solutions. managing firewall, and patching systems regularly. However, security policies, prevention of information theft. business continuity, access controls, and many other information security issues should be considered for mitigating security incidents. In this context, we redefined security countermeasures and strategies which are only appropriate to large enterprises. for making them appropriate on a secure operating for information system of small and medium enterprises, and we investigate information security issues in the four views of information system and company, and finally we present information security strategies for each view, in this paper.