• Journal of Intelligence and Information Systems
• /
• v.14 no.3
• /
• pp.25-39
• /
• 2008

The objective of this study is to forecast the operational continuous ability using Artificial Neural Networks in battalion defensive operation for the commander decision making support. The forecasting of the combat result is one of the most complex issue in military science. However, it is difficult to formulate a mathematical model to evaluate the combat power of a battalion in defensive operation since there are so many parameters and high temporal and spatial variability among variables. So in this study, we used company combat power level data in Battalion Command in Battle Training as input data and used Feed-Forward Multilayer Perceptrons(MLP) and General Regression Neural Network (GRNN) to evaluate operational continuous ability. The results show 82.62%, 85.48% of forecasting ability in spite of non-linear interactions among variables. We think that GRNN is a suitable technique for real-time commander's decision making and evaluation of the commitment priority of troops in reserve.

• The KIPS Transactions:PartC
• /
• v.10C no.7
• /
• pp.867-878
• /
• 2003

In thls Paper, we Propose a new scheme, protecting information about the location of a mobile user against attacks from inside users of the mobile communication, especially the network providers. There have already been some proposals about how to protect location information of user in mobile communication environments〔1-5〕. Among them, Kesdogan et al.〔2, 3〕 proposed a new method, using so-called temporary pseudonyms and also described protection method against a passive and an active attack of network providers. However, the description of protection method against the active attack between the two is not clear. Moreover, there is an additional load that it should append a reachability manager〔1, 6〕 to the proposed system. Therefore, we propose a new scheme improving the above method of Kesdogan et al. and analyze its security and effectiveness.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.10
• /
• pp.1311-1319
• /
• 2019

Currently, the web environment is a commonly used area for sharing information and conducting business. It is becoming an attack point for external hacking targeting on personal information leakage or system failure. Conventional signature-based detection is used in cyber threat but signature-based detection has a limitation that it is difficult to detect the pattern when it is changed like polymorphism. In particular, injection attack is known to the most critical security risks based on web vulnerabilities and various variants are possible at any time. In this paper, we propose a novelty detection technique to detect abnormal state that deviates from the normal state on web-server log dataset(WSLD). The proposed method is a machine learning-based technique to detect a minor anomalous data that tends to be different from a large number of normal data after replacing strings in web-server log dataset with vectors using machine learning-based embedding algorithm.

• Journal of the Society of Disaster Information
• /
• v.17 no.2
• /
• pp.375-390
• /
• 2021

Purpose: Most of cybersecurity breaches occur in SMEs. As the existing cybersecurity framework and certification system are mainly focused on financial and large companies, it is difficult for SMEs to utilize it due to lack of cybersecurity budget and manpower. So it is necessary to come up with measures to allow SMEs to voluntarily manage cyber risks. Method: After reviewing Cybersecurity market, cybersecurity items of financial institutions, cybersecurity framework comparison and cybersecurity incidents reported in the media, the criticality of cybersecurity items was analyzed through AHP analysis. And cybersecurity items of non-life insurers were also investigated and made a comparison between them. Result: Cyber risk management methods for SMEs were proposed for 20 major causes of cyber accidents. Conclusion: We hope that the cybersecurity risk assessment measures of SMEs in Korea will help them assess their risks when they sign up for cyber insurance, and that cyber risk assessment also needs to be linked to ERM standardization.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.7
• /
• pp.1060-1070
• /
• 2022

With the development of information technology, the size of the system has become larger and diversified, and the existing role-based access control has faced limitations. Blockchain technology is being used in various fields by presenting new solutions to existing security vulnerabilities. This paper suggests efficient role-based access control in a blockchain where the required gas and processing time vary depending on the access frequency and capacity of the storage. The proposed method redefines the role of reusable units, introduces a hierarchical structure that can efficiently reflect dynamic states to enhance efficiency and scalability, and includes user-centered authentication functions to enable cryptocurrency linkage. The proposed model was theoretically verified using Markov chain, implemented in Ethereum private network, and compared experiments on representative functions were conducted to verify the time and gas efficiency required for user addition and transaction registration. Based on this in the future, structural expansion and experiments are required in consideration of exception situations.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.2
• /
• pp.626-643
• /
• 2023

As mobile forensics has emerged as an essential technique, the demand for technology development, education and training is increasing, wherein images are used. Academic societies in South Korea and national institutions in the US and the UK are leading the Mobile Forensic Image development. However, compared with disks, images developed in a mobile environment are few cases and have less active research, causing a waste of time, money, and manpower. Mobile Forensic Images are also difficult to trust owing to insufficient verification processes. Additionally, in South Korea, there are legal issues involving the Telecommunications Business Act and the Act on the Protection and Use of Location Information. Therefore, in this study, we requested a review of a standard model for the development of Mobile Forensic Image from experts and designed an 11-step development model. The steps of the model are as follows: a. setting of design directions, b. scenario design, c. selection of analysis techniques, d. review of legal issues, e. creation of virtual information, f. configuring system settings, g. performing imaging as per scenarios, h. Developing a checklist, i. internal verification, j. external verification, and k. confirmation of validity. Finally, we identified the differences between the mobile and disk environments and discussed the institutional efforts of South Korea. This study will also provide a guideline for the development of professional quality verification and proficiency tests as well as technology and talent-nurturing tools. We propose a method that can be used as a guide to secure pan-national trust in forensic examiners and tools. We expect this study to strengthen the mobile forensics capabilities of forensic examiners and researchers. This research will be used for the verification and evaluation of individuals and institutions, contributing to national security, eventually.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.9
• /
• pp.2550-2572
• /
• 2023

Epidemiological survey is an important means for the prevention and control of infectious diseases. Due to the particularity of the epidemic survey, 1) epidemiological survey in epidemic prevention and control has a wide range of people involved, a large number of data collected, strong requirements for information disclosure and high timeliness of data processing; 2) the epidemiological survey data need to be disclosed at different institutions and the use of data has different permission requirements. As a result, it easily causes personal privacy disclosure. Therefore, traditional access control technologies are unsuitable for the privacy protection of epidemiological survey data. In view of these situations, we propose a black box-assisted fine-grained hierarchical access control scheme for epidemiological survey data. Firstly, a black box-assisted multi-attribute authority management mechanism without a trusted center is established to avoid authority deception. Meanwhile, the establishment of a master key-free system not only reduces the storage load but also prevents the risk of master key disclosure. Secondly, a sensitivity classification method is proposed according to the confidentiality degree of the institution to which the data belong and the importance of the data properties to set fine-grained access permission. Thirdly, a hierarchical authorization algorithm combined with data sensitivity and hierarchical attribute-based encryption (ABE) technology is proposed to achieve hierarchical access control of epidemiological survey data. Efficiency analysis and experiments show that the scheme meets the security requirements of privacy protection and key management in epidemiological survey.

• The Journal of the Korea Contents Association
• /
• v.9 no.4
• /
• pp.131-141
• /
• 2009

An increasing variety of malware, such as worms, spyware and adware, threatens both personal and business computing. Remotely controlled bot networks of compromised systems are growing quickly. This paper proposes an intrusion detection system based outflow traffic analysis. Many research efforts and commercial products have focused on preventing intrusion by filtering known exploits or unknown ones exploiting known vulnerabilities. Complementary to these solutions, the proposed IDS can detect intrusion of unknown new mal ware before their signatures are widely distributed. The proposed IDS is consists of a outflow detector, user monitor, process monitor and network monitor. To infer user intent, the proposed IDS correlates outbound connections with user-driven input at the process level under the assumption that user intent is implied by user-driven input. As a complement to existing prevention system, proposed IDS decreases the danger of information leak and protects computers and networks from more severe damage.

• Journal of Korea Multimedia Society
• /
• v.15 no.1
• /
• pp.115-130
• /
• 2012

These days, most of safety-critical systems, which are systems those failures or malfunction may result in death or serious injury to people, or loss or severe damage to social systems, or environmental harm, are being built of embedded software or loaded controlling software systems on computers, electrical and electronic components or devices. There are a lot kind of fault analysis methods to evaluate safety of the safety-critical systems equipped computers, electrical and electronic components or devices with software. However, the only assessment method to evaluate software safety of a safety-critical system is not enough to analysis properly on account of the various types and characteristic of software systems by progress of information technology. Therefore, this paper proposes the integrated evaluation method and carries out a case study for the software safety of safety-critical system which embedded or loaded software sizes are small and control response times are not sensitive by use of two security analysis methods which are Fault Tree Analysis (FTA) and Fault Modes and Effect Analysis (FMEA) for ubiquitous healthcare system.

• Journal of Korea Multimedia Society
• /
• v.20 no.8
• /
• pp.1299-1311
• /
• 2017

Sounds based machine fault diagnosis recovers all the studies that aim to detect automatically faults or damages on machines using the sounds emitted by these machines. Conventional methods that use mathematical models have been found inaccurate because of the complexity of the industry machinery systems and the obvious existence of nonlinear factors such as noises. Therefore, any fault diagnosis issue can be treated as a pattern recognition problem. We present here an automatic fault diagnosis system of hand drills using discrete wavelet transform (DWT) and pattern recognition techniques such as principal component analysis (PCA) and artificial neural networks (ANN). The diagnosis system consists of three steps. Because of the presence of many noisy patterns in our signals, we first conduct a filtering analysis based on DWT. Second, the wavelet coefficients of the filtered signals are extracted as our features for the pattern recognition part. Third, PCA is performed over the wavelet coefficients in order to reduce the dimensionality of the feature vectors. Finally, the very first principal components are used as the inputs of an ANN based classifier to detect the wear on the drills. The results show that the proposed DWT-PCA-ANN method can be used for the sounds based automated diagnosis system.