• Journal of the Korea Society of Computer and Information
• /
• v.29 no.2
• /
• pp.31-41
• /
• 2024

Deep learning models show excellent performance in tasks such as image classification and object detection in the field of computer vision, and are used in various ways in actual industrial sites. Recently, research on improving robustness has been actively conducted, along with pointing out that this deep learning model is vulnerable to hostile examples. A hostile example is an image in which small noise is added to induce misclassification, and can pose a significant threat when applying a deep learning model to a real environment. In this paper, we tried to confirm the robustness of the edge-learning classification model and the performance of the adversarial example detection model using it for adversarial examples of various algorithms. As a result of robustness experiments, the basic classification model showed about 17% accuracy for the FGSM algorithm, while the edge-learning models maintained accuracy in the 60-70% range, and the basic classification model showed accuracy in the 0-1% range for the PGD/DeepFool/CW algorithm, while the edge-learning models maintained accuracy in 80-90%. As a result of the adversarial example detection experiment, a high detection rate of 91-95% was confirmed for all algorithms of FGSM/PGD/DeepFool/CW. By presenting the possibility of defending against various hostile algorithms through this study, it is expected to improve the safety and reliability of deep learning models in various industries using computer vision.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.551-558
• /
• 2016

The recent convergence in ICT industry has created new businesses as well as other opportunities. However, it entails new convergence threat accompanied by security risks. Even though there are security professionals who are dealing with the situation, there is not enough human resource in risk management. Moreover, the amount of research that studies quality of education and training security personnel is not sufficient. This paper explores the curriculum of information security education in the private sector and reasons out fifteen standard curriculums in four professional fields categorized by job classification. In addition, it provides a weighted score table based on the evaluation indicator for the effective security education certificates in the private sector.

• Journal of Internet Computing and Services
• /
• v.19 no.1
• /
• pp.27-35
• /
• 2018

This paper is a study to classify malicious applications in Android environment. And studying the threat and behavioral analysis of malicious Android applications. In addition, malicious apps classified by machine learning were performed as experiments. Android behavior analysis can use dynamic analysis tools. Through this tool, API Calls, Runtime Log, System Resource, and Network information for the application can be extracted. We redefined the properties extracted for machine learning and evaluated the results of machine learning classification by verifying between the overall features and the main features. The results show that key features have been improved by 1~4% over the full feature set. Especially, SVM classifier improved by 10%. From these results, we found that the application of the key features as a key feature was more effective in the performance of the classification algorithm than in the use of the overall features. It was also identified as important to select meaningful features from the data sets.

• KIPS Transactions on Software and Data Engineering
• /
• v.12 no.2
• /
• pp.99-110
• /
• 2023

This study proposed a classification of malicious network traffic using the cyber threat framework(Mitre ATT&CK) and machine learning to solve the real-time traffic detection problems faced by current security monitoring systems. We applied a network traffic dataset called UNSW-NB15 to the Mitre ATT&CK framework to transform the label and generate the final dataset through rare class processing. After learning several boosting-based ensemble models using the generated final dataset, we demonstrated how these ensemble models classify network traffic using various performance metrics. Based on the F-1 score, we showed that XGBoost with no rare class processing is the best in the multi-class traffic environment. We recognized that machine learning ensemble models through Mitre ATT&CK label conversion and oversampling processing have differences over existing studies, but have limitations due to (1) the inability to match perfectly when converting between existing datasets and Mitre ATT&CK labels and (2) the presence of excessive sparse classes. Nevertheless, Catboost with B-SMOTE achieved the classification accuracy of 0.9526, which is expected to be able to automatically detect normal/abnormal network traffic.

• Korean Security Journal
• /
• no.6
• /
• pp.327-340
• /
• 2003

As a countermeasure under accidental occurrence situation, First, as application form of martial arts, A security guard foster ability that can protect a target person of guard and own body under accidental occurrence situation through incessant martial arts practice. To achieve this purpose, incessant training mental power and physical strength reinforcement should be kept on to prevent, therefore make a safety control function for such as weapon, small arms, explosive, vehicles terror etc. happened under accidental occurrence situation. Second, according to the contents of training based on the classification category of martial arts for security guard under accidental situation, a security guard must keep safety distance necessarily lest a target person of gurad should be attacked by attacker, therefore, intercept an attack opportunity if a safety distance between a target person of guard and attacker is not kept. Third, It is to practice confrontation techniques based on the type of attack. A security guard must develp situation disposal ability that can cope properly with the attack using empty hands, murderous weapon, small arms, explosive by case or individual or mass of threat that impose danger and injury in a target person's body of guard.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.4
• /
• pp.1471-1492
• /
• 2015

The rapid development of smartphone technologies have resulted in the evolution of mobile botnets. The implications of botnets have inspired attention from the academia and the industry alike, which includes vendors, investors, hackers, and researcher community. Above all, the capability of botnets is uncovered through a wide range of malicious activities, such as distributed denial of service (DDoS), theft of business information, remote access, online or click fraud, phishing, malware distribution, spam emails, and building mobile devices for the illegitimate exchange of information and materials. In this study, we investigate mobile botnet attacks by exploring attack vectors and subsequently present a well-defined thematic taxonomy. By identifying the significant parameters from the taxonomy, we compared the effects of existing mobile botnets on commercial platforms as well as open source mobile operating system platforms. The parameters for review include mobile botnet architecture, platform, target audience, vulnerabilities or loopholes, operational impact, and detection approaches. In relation to our findings, research challenges are then presented in this domain.

• Asian Journal for Public Opinion Research
• /
• v.8 no.3
• /
• pp.246-264
• /
• 2020

As netizens increasingly utilize social media to obtain and engage with information, this study aims to determine the extent to which the follower-influencer interaction is manifested and strengthened. To analyze information related to the novel coronavirus disease (COVID-19), a total of 62,119 online posts from 11 Internet forums were examined to find a relationship between followers and influencers in Taiwan. These forums are PTT, SOGO, Ck101, Plurk, Mobile01, TalkFetnet, Gamez, PlaySport, Dcard, Eyny, and PCDVD. The variables that were the best predictors of influencer classification were strong influences, engagements, and hot values across 11 Internet forums. Learning the response to the COVID-19 pandemic is vital because public actions could have been fueled by stigmatizing terms that may harm public health and well-being. The results questioned the conventional diffusion of traditional news sources because the influencers brought widespread attention to the health threat issues in the early outbreak stages. This study enhances the understanding of forum types, follower engagement, and influencers' impact maximization in social networks. The conclusion provides insight into the relationships and information diffusion mechanisms to ensure accurate health information dissemination.

• Asian Pacific Journal of Cancer Prevention
• /
• v.15 no.3
• /
• pp.1085-1091
• /
• 2014

Matrix metalloproteinases (MMPs) are a family of zinc dependent extracellular matrix (ECM) remodelling endopeptidases having the ability to degrade almost all components of extracellular matrix and implicated in various physiological as well as pathological processes. Carcinogenesis is a multistage process in which alteration of the microenvironment is required for conversion of normal tissue to a tumour. Extracellular matrix remodelling proteinases such as MMPs are principal mediators of alterations observed in the microenvironment during carcinogenesis and according to recent concepts not only have roles in invasion or late stages of cancer but also in regulating initial steps of carcinogenesis in a favourable or unfavourable manner. Establishment of relationships between MMP overproduction and cancer progression has stimulated the development of inhibitors that block proteolytic activity of these enzymes. In this review we discuss the MMP general structure, classification, regulation roles in relation to hallmarks of cancer and as targets for therapeutic intervention.

• Proceedings of the KIEE Conference
• /
• 2000.07a
• /
• pp.366-368
• /
• 2000

When faults occur in transmission lines, the classification of faults is very important. If the fault is HIF(High Impedance Fault), it cannot be detected or removed by conventional overcurrent relays (OCRs), and results in fire hazards and causes damages in electrical equipment or personal threat. The fast discrimination of fault needs to effective protection and treatment and is important problem for power system protection. This paper proposes the fault detection and discrimination algorithm for LIFs(Low Impedance Faults) and HIFs(High Impedance Faults). This algorithm uses artificial neural networks and variation of 3-phase maximum currents per period while faults. A double lines-to-ground and line-to-line faults can be detected using Neural Network. Also, the other faults can be detected using the value of variation of maximum current. Test results show that the proposed algorithms discriminate LIFs and HIFs accurately within a half cycle.

• International Commerce and Information Review
• /
• v.9 no.3
• /
• pp.305-320
• /
• 2007

With expanded use of B2B(between enterprises), B2G(between enterprises and government) and EDI(Electronic Data Interchange), and increased amount of available network information and information protection threat, as it was judged that security can not be perfectly assured only with security technology such as electronic signature/authorization and access control, Bayesian networks have been developed for protection of information. Therefore, this study speculates Bayesian networks system, centering on ERP(Enterprise Resource Planning). The Bayesian networks system is one of the methods to resolve uncertainty in electronic data interchange and is applied to overcome uncertainty of abnormal invasion detection in ERP. Bayesian networks are applied to construct profiling for system call and network data, and simulate against abnormal invasion detection. The host-based abnormal invasion detection system in electronic trade analyses system call, applies Bayesian probability values, and constructs normal behavior profile to detect abnormal behaviors. This study assumes before and after of delivery behavior of the electronic document through Bayesian probability value and expresses before and after of the delivery behavior or events based on Bayesian networks. Therefore, profiling process using Bayesian networks can be applied for abnormal invasion detection based on host and network. In respect to transmission and reception of electronic documents, we need further studies on standards that classify abnormal invasion of various patterns in ERP and evaluate them by Bayesian probability values, and on classification of B2B invasion pattern genealogy to effectively detect deformed abnormal invasion patterns.