• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38C no.8
• /
• pp.651-662
• /
• 2013

In this study, we suggest the selecting evaluation method considering 6 major factors like Compliance system application (Development language conformance, Platform Compliance), threat evaluation (criticality of security incident, possibility of security incident), application benefit (Reliability / quality improvement, Modify Cost) for appropriate secure coding rule selecting evaluation. Using this method, we selected and make a set consist of 197 secure coding rules for Battlefield Management System Software. And calculated the application priority for each rules.

• Convergence Security Journal
• /
• v.6 no.2
• /
• pp.91-99
• /
• 2006

As the speed of network has fastened and the Internet has became common, an ill-intentioned aggression, such as worm and E-mail virus rapidly increased. So that there too many defenses created the recent Intrusion detection system as well as the Intrusion Prevention Systems to defense the malicious aggression to the network. Also as the form of malicious aggression has changed, at the same time the method of defense has changed. There is "snort" the most representive method of defense and its Rules file increases due to the change of aggression form. This causes decline of capability for detection. This paper suggest, design, and realize the structure for the improvement of processing capability by separating the files of Snort Rule according to o/s. This system show more improvement of the processing capability than the existing composion.

• Journal of Information Technology Services
• /
• v.11 no.sup
• /
• pp.27-39
• /
• 2012

As many applications are possible now in mobile environment with the trend of mobile convergence, diverse applications in healthcare industry are also possible in mobile devices. Though lots of researches on mobile and health services are introduced, they are limited to specific area or techniques. This study shows possible directions of fusion between mobile technologies and health services in the future using a data mining technique called association rule analysis. The data used in this study is collected from web pages containing key words related to mobile technologies and health services. The analysis shows that current cases of fusion between monitoring based telemedicine and patients. It also shows another case of fusion between mobile hospital and medical screen charts. These show that fusion between mobile technologies and health services already began in industry. Association rules are found between well-being, city, diet, and sleep. The association rules containing security and privacy, though their associations are not so strong, also show that security and privacy of patient information should be protected in the future. The results show that the fusion of mobile technologies and health services is expected to provide health services to more users and larger areas. It is also expected to create new diverse business models in the future.

• Convergence Security Journal
• /
• v.8 no.4
• /
• pp.1-8
• /
• 2008

Not only the recent hacking techniques are becoming more malicious with the sophisticated technology but also its consequences are bringing more damages as the broadband Internet is growing rapidly. These may include invasion of information leakage, or identity theft over the internet. Its intent is very destructive which can result in invasion of information leakage, hacking, one of the most disturbing problems on the net. This thesis describes the technology of how you can effectively analyze and detect these kind of E-Mail malicious codes. This research explains how we can cope with malicious code more efficiently by detection method.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.31-40
• /
• 2021

The increasing number of credit card fraud cases has become a considerable problem since the past decades. This phenomenon is due to the expansion of new technologies, including the increased popularity and volume of online banking transactions and e-commerce. In order to address the problem of credit card fraud detection, a rule-based approach has been widely utilized to detect and guard against fraudulent activities. However, it requires huge computational power and high complexity in defining and building the rule base for pattern matching, in order to precisely identifying the fraud patterns. In addition, it does not come with intelligence and ability in predicting or analysing transaction data in looking for new fraud patterns and strategies. As such, Data Mining and Machine Learning algorithms are proposed to overcome the shortcomings in this paper. The aim of this paper is to highlight the important techniques and methodologies that are employed in fraud detection, while at the same time focusing on the existing literature. Methods such as Artificial Neural Networks (ANNs), Support Vector Machines (SVMs), naïve Bayesian, k-Nearest Neighbour (k-NN), Decision Tree and Frequent Pattern Mining algorithms are reviewed and evaluated for their performance in detecting fraudulent transaction.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.339-345
• /
• 2022

Outcome-based education (OBE) is a tried-and-true teaching technique based on a set of predetermined goals. Program Educational Objectives (PEOs), Program Outcomes (POs), and Course Outcomes (COs) are the components of OBE. At the end of each year, the Program Outcomes are evaluated, and faculty members can submit many recommended measures which dependent on the relationship between the program outcomes and its courses outcomes to improve the quality of program and hence the overall educational program. When a vast number of courses are considered, bad actions may be proposed, resulting in unwanted and incorrect decisions. In this paper, a recommender system, using collaborative filtering and association rules algorithms, is proposed for predicting the best relationship between the program outcomes and its courses in order to improve the attributes of the graduates. First, a parallel algorithm is used for Collaborative Filtering on Data Model, which is designed to increase the efficiency of processing big data. Then, a parallel similar learning outcomes discovery method based on matrix correlation is proposed by mining association rules. As a case study, the proposed recommender system is applied to the Computer Information Systems program, College of Computer Sciences and Information Technology, Al-Baha University, Saudi Arabia for helping Program Quality Administration improving the quality of program outcomes. The obtained results revealed that the suggested recommender system provides more actions for boosting Graduate Attributes quality.

• Journal of Korea Multimedia Society
• /
• v.23 no.1
• /
• pp.24-30
• /
• 2020

As the number of internet-connected appliances and the variety of IoT services are rapidly increasing, it is hard to protect IT assets with traditional network security techniques. Most traditional network log analysis systems use rule based mechanisms to reduce the raw logs. But using predefined rules can't detect new attack patterns. So, there is a need for a mechanism to reduce congested raw logs and detect new attack patterns. This paper suggests enterprise security management for IoT services using graph and network measures. We model an event network based on a graph of interconnected logs between network devices and IoT gateways. And we suggest a network clustering algorithm that estimates the attack probability of log clusters and detects new attack patterns.

• Proceedings of the KIEE Conference
• /
• 2006.11a
• /
• pp.21-23
• /
• 2006

As a general rule for evaluating dependability of a system, reliability is commonly considered which barely rays attention to the system behavior, however the estimation is based on the assumption of a fault-frost system, which may be impracticable and inaccurate especially for complicated system. This paper introduces a security and dependability integrated approach to analyze the availability of a fault-active system both from dependability and security points of view. Two fault modes involved are discussed about the impairment to the system reliance. The approach can be well applied to estimate and quantify the attribute of system robustness with the help of Markov chain process, which is good at solving status related problem. The comparison result between dual system and IEC61850-based almighty backup system is shown to sup-port the suggested approach.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.8 no.2
• /
• pp.59-65
• /
• 2012

Emergency medical information center performs role of medical direction about disease consult and pre-hospital emergency handling scheme work to people. Emergency medical information system plays a major role to be decreased mortality and disability of emergency patient by providing information of medical institution especially when emergency patient has appeared. But, various attacks as a hacking have been happened in Emergency medical information system recently. In this paper, we proposed security structure which can protect the system securely by detecting attacks from outside effectively. Intrusion detection was performed using rule based detection technique according to protocol for every packet to detect attack and intrusion was reported to control center if intrusion was detected also. Intrusion detection was performed again using decision tree for packet which intrusion detection was not done. We experimented effectiveness using attacks as TCP-SYN, UDP flooding and ICMP flooding for proposed security structure in this paper.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.93-98
• /
• 2012

MANET composed of only moving nodes is concerned to core technology to construct ubiquitous computing environment. Also, it is a lack of security because of no middle infrastructure. So, it is necessary to intrusion detection system which can track malicious attack. In this study, cluster was used to stable intrusion detection, and rule about various attacks was defined to detect accurately attack that seems like network problem. Proposed method through experience was confirmed that stable detection rate was showed although number of nodes increase.