Browse > Article
http://dx.doi.org/10.13089/JKIISC.2013.23.6.1069

Applying CBR algorithm for cyber infringement profiling system  

Han, Mee Lan (Graduate School of Information Security, Korea University)
Kim, Deok Jin (The Attached Institute of ETRI)
Kim, Huy Kang (Graduate School of Information Security, Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.23, no.6, 2013 , pp. 1069-1086 More about this Journal
Abstract
Nowadays, web defacement becomes the utmost threat which can harm the target organization's image and reputation. These defacement activities reflect the hacker's political motivation or his tendency. Therefore, the analysis of the hacker's activities can give the decisive clue to pursue criminals. A specific message or photo or music on the defaced web site and the outcome of analysis will be supplying some decisive clues to track down criminals. The encoding method or used fonts of the remained hacker's messages, and hacker's SNS ID such as Twitter or Facebook ID also can help for tracking hackers information. In this paper, we implemented the web defacement analysis system by applying CBR algorithm. The implemented system extracts the features from the web defacement cases on zone-h.org. This paper will be useful to understand the hacker's purpose and to plan countermeasures as a IDSS(Investigation Detection Support System).
Keywords
Cyber Genome; Web Defacement; CBR; Profiling; Incident Response;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Turkish hacking group defaces UPS, TheRegister, Acer, Telegraph, Vodafone on zone-h.org. http://www.zone-h.org/news/id/4741
2 Windows-1524 from Wikipedia, the free encyclopedia. http://en.wikipedia.org/wiki/Windows-1254
3 ISO/IEC 8859-1 from Wikipedia, the free encyclopedia. http://en.wikipedia.org/wiki/Iso_8859-1
4 M. Warren and S. Leitch, "Hacker Taggers: A new type of hackers," Information Systems Frontiers, pp. 425-431, Sep. 2010.
5 A.J. Pinizzotto and N.J. Finkel, "Criminal Personality Profiling," Law and Human Behavior, vol. 14, no. 3, pp. 215-233, Jun. 1990.   DOI
6 H. Woo, Y. Kim and J. Dominick, "Hackers: Militants or Merry Pranksters? A Content Analysis of Defaced Web Pages," Media Psychology, vol. 6, no. 1, pp. 63-82, Feb. 2004.   DOI   ScienceOn
7 Hacking groups calling for 9/11 cyber attacks against Israel, U.S. http://www.jta.org/2013/09/10/newsopinion/united-states/groups-call-for-cyber-attacks-against-israel-u-s-on-9-11
8 ICANN and IANA domains hijacked by Turkish on zoneh.org.crackers http://www.zone-h.org/news/id/4695
9 The civilian government military joint team, '3.20 Cyber Terror' mid-term report. http://www.msip.go.kr/www/brd/m_211/view.do?seq=28&srchFr=&srchTo=&srchWord=&srchTp=&multi_itm_seq=0&itm_seq_1=0&itm_seq_2=0&company_cd=&company_nm=&page=66
10 DARPA(Defense Advanced Research Projects Agency). http://www.darpa.mil/Our_Work/I2O/Programs/Cyber_Defense_(Cyber_Genome).aspx
11 M. Milone, "Hacktivism: Securing the National Infrastructure," Knowledge, Technology & Policy, vol. 16, no. 1, pp. 75-103, Mar. 2003.   DOI
12 S. Begum, M.U. Ahmed, P. Funk, Ning Xiong, and M. Folke, "Case-Based Reasoning Systems in the Health Sciences: A Survey of Recent Trends and Developments," Systems, Man, and Cybernetics, Part C: Applications and Reviews, IEEE Transactions on, vol. 41, no. 4, pp. 421-434, Jul. 2011.   DOI   ScienceOn
13 Z. Yin, Y. Gao and B. Chen, "On Development of Supplementary Criminal Analysis System Based on CBR and Ontology," Computer Application and System Modeling (ICCASM), 2010 International Conference on, pp. V14-653 -V14-655, Oct. 2010.
14 C.C. Chang and K.H. Hua, "Applying Case-Based Reasoning and Expert Systems to Coastal Patrol Crime Investigation in Taiwan," Intelligence and Security Informatics, pp. 161-170, Jun. 2008.
15 K.L. Kaufman, D.R. Hilliker and E. L. Daleiden, "Subgroup Differences in the Modus Operandi of Adolescent Sexual Offender," Child Maltreat, pp. 17-24, Feb. 1996.
16 H.K. Kim, K.H. Im and S.C. Park, "DSS for Computer Security Incident Response applying CBR and collaborative response," Expert Systems with Applications, vol. 37, no. 1, pp. 852-870, Jan. 2010.   DOI   ScienceOn
17 R.R. Hazelwooda and J.I. Warren, "Linkage analysis: modus operandi, ritual, and signature in serial sexual crime," Aggression and Violent Behavior, vol. 9, no. 3, pp. 307-318, May-Jun. 2004.   DOI   ScienceOn
18 C. Bennell and N.J. Jones, "Between a ROC and a hard place: a method for linking serial burglaries by modus operandi," Journal of Investigative Psychology and Offender Profiling, vol. 2, no. 1, pp. 23-41, Jan. 2005.   DOI   ScienceOn
19 B. Leclerc, E. Beauregard and J. Proulx, "Modus Operandi and Situational Aspects in Adolescent Sexual Offenses Against Children: A Further Examination," International Journal of Offender Therapy and Comparative Criminology, vol. 52, no. 1, pp. 46-61, Feb. 2008.   DOI
20 Character Encoding from Wikipedia, the free encyclopedia. http://en.wikipedia.org/wiki/Character_encoding
21 Typeface from Wikipedia, the free encyclopedia. http://en.wikipedia.org/wiki/Typeface
22 Cyber war blooming between Korea and japan on March 1, 2010 from Wikipedia, the free encyclopedia. http://ko.wikipedia.org/wiki/2010%EB%85%84_%ED%95%9C%C2%B7%EC%9D%BC_%EC%82%BC%EC%9D%BC%EC%A0%88_%EC%82%AC%EC%9D%B4%EB%B2%84_%EA%B3%B5%EA%B 2%A9_%EC%82%AC%EA%B1%B4
23 Syria, Egypt crises spur escalation of ME cyber attacks. http://www.itp.net/594742-syria-egyptcrises-spur-escalation-of-me-cyber-attacks
24 Unknown group calling itself Whois Team's html source, they attacked South Korea's thriving Internet community. http://mlbpark.donga.com/mbs/articleV.php?mbsC=bullpen&mbsIdx=2106425