• International Journal of Computer Science & Network Security
• /
• v.24 no.5
• /
• pp.111-118
• /
• 2024

In general network-based intrusion detection system is designed to detect malicious behavior directed at a network or its resources. The key goal of this paper is to look at network data and identify whether it is normal traffic data or anomaly traffic data specifically for accounting information systems. In today's world, there are a variety of principles for detecting various forms of network-based intrusion. In this paper, we are using supervised machine learning techniques. Classification models are used to train and validate data. Using these algorithms we are training the system using a training dataset then we use this trained system to detect intrusion from the testing dataset. In our proposed method, we will detect whether the network data is normal or an anomaly. Using this method we can avoid unauthorized activity on the network and systems under that network. The Decision Tree and K-Nearest Neighbor are applied to the proposed model to classify abnormal to normal behaviors of network traffic data. In addition to that, Logistic Regression Classifier and Support Vector Classification algorithms are used in our model to support proposed concepts. Furthermore, a feature selection method is used to collect valuable information from the dataset to enhance the efficiency of the proposed approach. Random Forest machine learning algorithm is used, which assists the system to identify crucial aspects and focus on them rather than all the features them. The experimental findings revealed that the suggested method for network intrusion detection has a neglected false alarm rate, with the accuracy of the result expected to be between 95% and 100%. As a result of the high precision rate, this concept can be used to detect network data intrusion and prevent vulnerabilities on the network.

• Asia pacific journal of information systems
• /
• v.18 no.4
• /
• pp.1-26
• /
• 2008

Rapid progress of information technology and widespread use of the personal computers have brought various conveniences in our life. But this also provoked a series of problems such as hacking, malicious programs, illegal exposure of personal information etc. Information security threats are becoming more and more serious due to enhanced connectivity of information systems. Nevertheless, users are not much aware of the severity of the problems. Using appropriate password is supposed to bring out security effects such as preventing misuses and banning illegal users. The purpose of this research is to empirically analyze a research model which includes a series of factors influencing the effectiveness of passwords. The research model incorporates the concept of risk based on information systems risk analysis framework as the core element affecting the selection of passwords by users. The perceived risk is a main factor that influences user's attitude on password security, security awareness, and intention of security behavior. To validate the research model this study relied on questionnaire survey targeted on evening class MBA students. The data was analyzed by AMOS 7.0 which is one of popular tools based on covariance-based structural equation modeling. According to the results of this study, while threat is not related to the risk, information assets and vulnerability are related to the user's awareness of risk. The relationships between the risk, users security awareness, password selection and security effectiveness are all significant. Password exposure may lead to intrusion by hackers, data exposure and destruction. The insignificant relationship between security threat and perceived risk can be explained by user's indetermination of risk exposed due to weak passwords. In other words, information systems users do not consider password exposure as a severe security threat as well as indirect loss caused by inappropriate password. Another plausible explanation is that severity of threat perceived by users may be influenced by individual difference of risk propensity. This study confirms that security vulnerability is positively related to security risk which in turn increases risk of information loss. As the security risk increases so does user's security awareness. Security policies also have positive impact on security awareness. Higher security awareness leads to selection of safer passwords. If users are aware of responsibility of security problems and how to respond to password exposure and to solve security problems of computers, users choose better passwords. All these antecedents influence the effectiveness of passwords. Several implications can be derived from this study. First, this study empirically investigated the effect of user's security awareness on security effectiveness from a point of view based on good password selection practice. Second, information security risk analysis framework is used as a core element of the research model in this study. Risk analysis framework has been used very widely in practice, but very few studies incorporated the framework in the research model and empirically investigated. Third, the research model proposed in this study also focuses on impact of security awareness of information systems users on effectiveness of password from cognitive aspect of information systems users.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.3
• /
• pp.439-449
• /
• 2024

Recent rapid advancements in voice generation technology have enabled the natural synthesis of voices using text alone. However, this progress has led to an increase in malicious activities, such as voice phishing (voishing), where generated voices are exploited for criminal purposes. Numerous models have been developed to detect the presence of synthesized voices, typically by extracting features from the voice and using these features to determine the likelihood of voice generation.This paper proposes a new model for extracting voice features to address misuse cases arising from generated voices. It utilizes a deep learning-based audio codec model and the pre-trained natural language processing model BERT to extract novel voice features. To assess the suitability of the proposed voice feature extraction model for voice detection, four generated voice detection models were created using the extracted features, and performance evaluations were conducted. For performance comparison, three voice detection models based on Deepfeature proposed in previous studies were evaluated against other models in terms of accuracy and EER. The model proposed in this paper achieved an accuracy of 88.08%and a low EER of 11.79%, outperforming the existing models. These results confirm that the voice feature extraction method introduced in this paper can be an effective tool for distinguishing between generated and real voices.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1465-1475
• /
• 2015

Cheating detection models in the online games can be divided into two parts. The one is on client based model, which is designed to detect malicious programs not to be run while playing the games. The other one is server based model, which distinguishes the difference between benign users and cheaters by the server log analysis. The client based model provides various features to prevent games from cheating, For instance, Anti-reversing, memory manipulation and so on. However, being deployed and operated on the client side is a huge weak point as cheaters can analyze and bypass the detection features. That Is why the server based model is an emerging way to detect cheating users in online games. But the simple log data such as FPS's one can be hard to find validate difference between two of them. In this paper, In order to compensate for the disadvantages of the two detection model above, We use the existing game security solution log as well as the server one to bring high performance as well as detection ratio compared to the existing detection models in the market.

• The Journal of the Korea Contents Association
• /
• v.15 no.6
• /
• pp.13-23
• /
• 2015

A study on the 'FUN' of TV reality audition programs. "Why are the audience so enthusiastic about the survival audition programs?" "What fun do the audition program audience have?" In order to find the answers for such questions, this study applied 'the 4-step fun evolving model' and thereby, categorized audience's fun-seeking behavioral modes, and therewith, examined how such fun-seeking behavioral modes would change by step over time. As a result, it was found that the audition program audience had faithfully followed the 4 fun types (watching, having, doing and becoming), and that their fun-seeking behavioral modes had changed by step over time in SBS "K-POP START" (Season 3) in 2013. Such findings suggest that the audition program fans accommodated 'the fun evolving model.' Their step of 'watching' evolved gradually into the step of 'having' both on-line and off-line (support of participants/malicious or good-will replies, participation in blogs/twitters, photo materials collection activities) and that of 'doing' (application for the jury group, organization of fan club, crazy fan activities, participation in phone voting, etc.), while increasing their fun.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.295-303
• /
• 2023

As the cloud computing market grows, a variety of cloud services are now reliably delivered. Administrative agencies and public institutions of South Korea are transferring all their information systems to cloud systems. It is essential to develop security solutions in advance in order to safely operate cloud services, as protecting cloud services from misuse and malicious access by insiders and outsiders over the Internet is challenging. In this paper, we propose a zero trust model for cloud storage services that store sensitive data. We then verify the effectiveness of the proposed model by operating a cloud storage service. Memory, web, and network forensics are also performed to track access and usage of cloud users depending on the adoption of the zero trust model. As a cloud storage service, we use Amazon S3(Simple Storage Service) and deploy zero trust techniques such as access control lists and key management systems. In order to consider the different types of access to S3, furthermore, we generate service requests inside and outside AWS(Amazon Web Services) and then analyze the results of the zero trust techniques depending on the location of the service request.

• Journal of KIISE
• /
• v.44 no.4
• /
• pp.352-362
• /
• 2017

This paper analyzes security threats in Security Enhanced (SE) Android and proposes a new technique to efficiently protect application data including private information on rooted Android phones. On an unrooted device, application data can be accessed by the application itself according to the access control models. However, on a rooted device, a root-privileged shell can disable part or all of the access control model enforcement procedures. Therefore, a root-privileged shell can directly access sensitive data of other applications, and a malicious application can leak the data of other applications outside the device. To address this problem, the proposed technique allows only some specific processes to access to the data of other applications including private information by modifying the existing SEAndroid Linux Security Module (LSM) Hook function. Also, a new domain type of process is added to the target system to enforce stronger security rules. In addition, the proposed technique separates the directory type of a newly installed application and the directory type of previously installed applications. Experimental results show that the proposed technique can effectively protect the data of each application and incur performance overhead up to or less than 2 seconds.

• Journal of KIISE:Information Networking
• /
• v.34 no.1
• /
• pp.41-47
• /
• 2007

The Hierarchical Mobile IPv6 (HMIPv6) has been proposed to accommodate frequent mobility of the Mobile Node and to reduce the signaling load. A Mobility Anchor Point is a router located in a network visited by the Mobile Node. The Mobile Node uses the Mobile Anchor Point as a local Home Agent. The absence of any protections between Mobile Node and Mobile Anchor Point may lead to malicious Mobile Nodes impersonating other legitimate ones or impersonating a Mobile Anchor Point. In this paper, we propose a mechanism of the secure Mobile Anther Point discovery in HMIPv6. The performance analysis and the numerical results presented in this paper show that our proposal has superior performance to other methods.

• Journal of Computing Science and Engineering
• /
• v.5 no.3
• /
• pp.210-222
• /
• 2011

In this work, we study the problem of privacy-preservation data publishing in moving objects databases. In particular, the trajectory of a mobile user in a plane is no longer a polyline in a two-dimensional space, instead it is a two-dimensional surface of fixed width $2A_{min}$, where $A_{min}$ defines the semi-diameter of the minimum spatial circular extent that must replace the real location of the mobile user on the XY-plane, in the anonymized (kNN) request. The desired anonymity is not achieved and the entire system becomes vulnerable to attackers, since a malicious attacker can observe that during the time, many of the neighbors' ids change, except for a small number of users. Thus, we reinforce the privacy model by clustering the mobile users according to their motion patterns in (u, ${\theta}$) plane, where u and ${\theta}$ define the velocity measure and the motion direction (angle) respectively. In this case, the anonymized (kNN) request looks up neighbors, who belong to the same cluster with the mobile requester in (u, ${\theta}$) space: Thus, we know that the trajectory of the k-anonymous mobile user is within this surface, but we do not know exactly where. We transform the surface's boundary poly-lines to dual points and we focus on the information distortion introduced by this space translation. We develop a set of efficient spatiotemporal access methods and we experimentally measure the impact of information distortion by comparing the performance results of the same spatiotemporal range queries executed on the original database and on the anonymized one.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.4
• /
• pp.774-784
• /
• 2009

A wireless sensor network consisting of a large number of nodes with limited battery power should minimize energy consumption at each node to prolong the network lifetime. To improve the sensitivity of wireless sensor networks, an efficient scheduling algorithm and energy management technology for minimizing the energy consumption at each node is desired. ill this paper, we propose energy-aware routing mechanism for maximum lifetime and to optimize the solution quality for sensor network maintenance and to relay node from its adjacent cluster heads according to the node"s residual energy and its distance to the base station. Proposed protocol may minimize the energy consumption at each node, thus prolong the lifetime of the system regardless of where the sink is located outside or inside the cluster. Simulation results of proposed scheme show that our mechanism balances the energy consumption well among all sensor nodes and achieves an obvious improvement on the network lifetime. To verify propriety using NS-2, proposed scheme constructs sensor networks adapt to current model and evaluate consumption of total energy, energy consumption of cluster head, average energy dissipation over varying network areas with HEED and LEACH-C.