• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.6
• /
• pp.2881-2894
• /
• 2018

Cyber attacks are increasing continuously. On average about one million malicious codes appear every day, and attacks are expanding gradually to IT convergence services (e.g. vehicles and television) and social infrastructure (nuclear energy, power, water, etc.), as well as cyberspace. Analysis of large-scale cyber incidents has revealed that most attacks are started by PCs infected with malicious code. This paper proposes a method of detecting an attack IP automatically by analyzing the characteristics of the e-mail transfer path, which cannot be manipulated by the attacker. In particular, we developed a system based on the proposed model, and operated it for more than four months, and then detected 1,750,000 attack IPs by analyzing 22,570,000 spam e-mails in a commercial environment. A detected attack IP can be used to remove spam e-mails by linking it with the cyber removal system, or to block spam e-mails by linking it with the RBL(Real-time Blocking List) system. In addition, the developed system is expected to play a positive role in preventing cyber attacks, as it can detect a large number of attack IPs when linked with the portal site.

• Journal of KIISE
• /
• v.42 no.5
• /
• pp.681-689
• /
• 2015

Personal information includes information about a living human individual. It is the information identifiable through name, resident registration number, and image, etc. Personal information which is collected by institutions can be wrongfully used, because it contains confidential information of an information object. In order to prevent this, a method is used to remove personal identification elements before distributing and sharing the data. However, even when the identifier such as the name and the resident registration number is removed or changed, personal information can be exposed in the case of a linking attack. This paper proposes a new anonymization technique to enhance data utility. To achieve this, attributes that are utilized in service tend to anonymize at a low level. In addition, the anonymization technique of the proposal can provide two or more anonymized data tables from one original data table without concern about a linking attack. We also verify our proposal by using the cooperative game theory.

• The KIPS Transactions:PartC
• /
• v.9C no.4
• /
• pp.453-458
• /
• 2002

Recently, the number of hacking, that use buffer overflow vulnerabilities, are increasing. Although the buffer overflow Problem has been known for a long time, for the following reasons, it continuos to present a serious security threat. There are three defense method of buffer overflow attack. First, allow overwrite but do not allow unauthorized change of control flow. Second, do not allow overwriting at all. Third, allow change of control flow, but prevents execution of injected code. This paper is for allowing overwrites but do not allow unauthorized change of control flow which is the solution of extending compiler. The previous defense method has two defects. First, a program company with overhead because it do much thing before than applying for the method In execution of process. Second, each time function returns, it store return address in reserved memory created by compiler. This cause waste of memory too much. The new proposed method is to extend compiler, by processing after compiling and linking time. To complement these defects, we can reduce things to do in execution time. By processing additional steps after compile/linking time and before execution time. We can reduce overhead.

• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.3
• /
• pp.42-49
• /
• 2021

As cyber attacks become more intelligent, there is difficulty in detecting advanced attacks in various fields such as industry, defense, and medical care. IPS (Intrusion Prevention System), etc., but the need for centralized integrated management of each security system is increasing. In this paper, we collect big data for intrusion detection and build an intrusion detection platform using deep learning and CNN (Convolutional Neural Networks). In this paper, we design an intelligent big data platform that collects data by observing and analyzing user visit logs and linking with big data. We want to collect big data for intrusion detection and build an intrusion detection platform based on CNN model. In this study, we evaluated the performance of the Intrusion Detection System (IDS) using the KDD99 dataset developed by DARPA in 1998, and the actual attack categories were tested with KDD99's DoS, U2R, and R2L using four probing methods.

• English Language & Literature Teaching
• /
• v.12 no.3
• /
• pp.267-286
• /
• 2006

The purpose of the study was to investigate what kinds of learning strategies EFL learners use to learn English grammar and what is benefit from structured grammar input processing. Students of the study consisted of 48 college students who took Practical English Grammar at a university in Kyung-Gi area and were divided into two groups based on grammar scores. The students were asked to take two grammar tasks and grammar tests and complete a survey including questions on grammar strategy and input processing. The results of the study are as follows. First, learners' grammar level has an effect on use of grammar attack strategy including asking teachers, using grammar books and given contexts whereas there was no significant difference between groups in the planning strategies, Among memory strategies, using grammar exercise and linking with already known structure demonstrated a significant difference between groups. Second, with regard to input processing, high level students got higher score on how much they understood the structured grammar input compared with low level students. Third, explicit implicit instruction added to input processing seems more comprehensible and more available than structured input only, Finally, it showed that there is positive relationship between perception and score of input processing tasks and grammar tests. Especially, learners' perception of input processing correlated more with final tests and tasks. Therefore, it suggests that the more input processing task need to develop and utilize in order to facilitate learners' intake.

• Asian Pacific Journal of Cancer Prevention
• /
• v.17 no.12
• /
• pp.5047-5056
• /
• 2016

Colorectal cancer (CRC) is a major worldwide health problem owing to its high prevalence and mortality rates. Carcinogenesis in the colon is a multistage and multifactorial process. An imbalance between free radical exposure and anti-oxidant defense systems may leads to oxidative stress and attack of macromolecules which can alter signal transduction pathways and gene expression. Consequently, oxidative damage can lead to cellular dysfunction and contribute to pathophysiological processes in a variety of diseases including CRC. One factor tightly associated with CRC is chronic inflammation, which can be present from the earliest stage of tumor onset. Unpolished rice is an attractive chemoprevention in CRC due to their anti-oxidant and anti-inflammatory activities. The aim of this paper is to review evidence linking oxidative stress and inflammation to CRC and to provide essential background information for understanding future research on oxidative stress and inflammation on CRC. Mechanisms of action of unpolished rice in CRC carcinogenesis are also discussed.

• Journal of Internet Computing and Services
• /
• v.21 no.1
• /
• pp.179-190
• /
• 2020

In the Unix-like system environment, the GOT overwrite attack is one of the traditional control flow hijacking techniques for exploiting software privileges. Several techniques have been proposed to defend against the GOT overwrite attack, and among them, the Full Relro(Relocation Read only) technique, which blocks GOT overwrites at runtime by arranging the GOT section as read-only in the program startup, has been known as the most effective defense technique. However, it entails loading delay, which limits its application to a program sensitive to startup performance, and it is not currently applied to the library due to problems including a chain loading delay problem caused by nested library dependency. Also, many compilers, including LLVM, do not apply the Full Relro technique by default, so runtime programs are still vulnerable to GOT attacks. In this paper, we propose a GOT protection scheme using the Control Flow Integrity(CFI) technique, which is currently recognized as the most suitable technique for defense against code reuse attacks. We implemented this scheme based on LLVM and applied it to the binutils-gdb program group to evaluate security, performance and compatibility. The GOT protection scheme with CFI is difficult to bypass, fast, and compatible with existing library programs.

• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.113-120
• /
• 2006

C4I system is the centerpiece of the military force. The system is an information based system which facilitates information grid, collection of data and dissemination of the information. The C4I system seeks to assure information dominance by linking warfighting elements in the battlespace to information network which enables sharing of battlespace information and awareness; thereby shifting concept of warfare from platform-centric paradigm to Network Centric Warfare. Although, it is evident that C4I system is a constant target from the adversaries, the issues of vulnerability via cyberspace from attack still remains. Therefore, the protection of C4I system is critical. The roadmap I have constructed in this paper will guide through the direction to protect the system during peace and war time. Moreover, it will propose vision, objectives and necessary supporting framework to secure the system from the threat. In order to fulfill these tasks, enhanced investments and plans from the Joint chief of Staff and Defense of Acquisition and Program Administration (DAPA) is critical; thereby enabling the establishment of rapid and efficient security system.

• Transactions of the Korean hydrogen and new energy society
• /
• v.25 no.2
• /
• pp.151-160
• /
• 2014

CL-SPEEK/Cs-TPA/$CeO_2$ composite membrane was prepared for polymer electrolyte membrane water electrolysis (PEMWE). In order to improve the electrochemical, mechanical, durabilities and electrocatalytic characteristics, engineering plastic of polyether ether ketone (PEEK) as polymer matrix was sulfonated and the organic-inorganic blend composite membranes was prepared by loading cesium-substituted tungstophosphoric acid (Cs-TPA) by titration method with cross-linking agent contents of 0.01mL. Ceria ($CeO_2$) was used to scavenge free radicals which attack the membrane in the PEMWE circumstance and to increase the duration of the membrane. CL-SPEEK/$Cs_{(1)}$-TPA/CeriaIn conclusion, 1% membrane showed the optimum results such as 0.119 S/cm at $80^{\circ}C$ of proton conductivity and 62MPa of tensile strength.

• Transactions of the Korean hydrogen and new energy society
• /
• v.25 no.1
• /
• pp.1-10
• /
• 2014

Ceria ($CeO_2$) was used to scavenge free radicals which attack the membrane in the polymer electrolyte membrane water electrolysis (PEMWE) circumstance and to increase the duration of the membrane. In order to improve the electrochemical, mechanical and electrocatalytic characteristics, engineering plastic of the sulfonated polyether ether ketone (SPEEK) as polymer matrix was prepared in the sulfonation reaction of polyether ether ketone (PEEK) and the organic-inorganic blended composite membranes were prepared by sol-gel casting method with loading the highly dispersed ceria and cesium-substituted phophomolybdic acid(Cs-MoPA) with cross-linking agent contents of 0.01mL. In conclusion, CL-SPEEK/$Cs_{(2.5)}$-MoPA/ceria(1%) membrane showed the optimum results such as 0.1095S/cm of proton conductivity at $80^{\circ}C$, 2.906meq./g-dry-membrane of ion exchange capacity and mechanical characteristics, and 49.73MPa of tensile strength which were better than Nafion 117 membrane.