• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10d
• /
• pp.51-55
• /
• 2007

중요한 정보를 저장하고 있는 서버 및 개인용 컴퓨터를 위협하는 바이러스가 현실적인 문제로 대두되고 있다. 범용 바이러스 탐지기법을 위해 주성분 분석(PCA)을 사용하여 휴리스틱 접근으로 바이러스 탐지 능력을 높일 수 있는 명령어 집합을 찾았고, PCA의 결과좌표 분포에 따라 정상파일인 경우 90%의 분류, 바이러스파일에 대하여 85%의 분류 능력을 확인하였다.

• Journal of KIISE
• /
• v.45 no.3
• /
• pp.294-302
• /
• 2018

With the emergence of the new service industry due to the development of information and communication technology, cyber space risks such as personal information infringement and industrial confidentiality leakage have diversified, and the security problem has emerged as a critical issue. In this paper, we propose a behavior-based anomaly detection method that is suitable for real-time and large-volume data analysis technology. We show that the proposed detection method is superior to existing signature security countermeasures that are based on large-capacity user log data according to in-company personal information abuse and internal information leakage. As the proposed behavior-based anomaly detection method requires a technique for processing large amounts of data, a real-time search engine is used, called Elasticsearch, which is based on an inverted index. In addition, statistical based frequency analysis and preprocessing were performed for data analysis, and the DBSCAN algorithm, which is a density based clustering method, was applied to classify abnormal data with an example for easy analysis through visualization. Unlike the existing anomaly detection system, the proposed behavior-based anomaly detection technique is promising as it enables anomaly detection analysis without the need to set the threshold value separately, and was proposed from a statistical perspective.

• Journal of Internet Computing and Services
• /
• v.15 no.1
• /
• pp.157-170
• /
• 2014

As the increase of transaction using mobile banking continues, threat to the mobile financial security is also increasing. Mobile banking service performs the financial transaction using the dedicate application which is made by financial corporation. It provides the same services as the internet banking service. Personal information such as credit card number, which is stored in the mobile banking application can be used to the additional attack caused by a malicious attack or the loss of the mobile devices. Therefore, in this paper, to cope with the mobile financial accident caused by personal information exposure, we suggest outlier detection method which can judge whether the transaction is conducted by the appropriate user or not. This detection method utilizes the user's input patterns and transaction patterns when a user uses the banking service on the mobile devices. User's input and transaction pattern data involves the information which can be used to discern a certain user. Thus, if these data are utilized appropriately, they can be the information to distinguish abnormal transaction from the transaction done by the appropriate user. In this paper, we collect the data of user's input patterns on a smart phone for the experiment. And we use the experiment data which domestic financial corporation uses to detect outlier as the data of transaction pattern. We verify that our proposal can detect the abnormal transaction efficiently, as a result of detection experiment based on the collected input and transaction pattern data.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2023.07a
• /
• pp.213-214
• /
• 2023

스마트폰은 앱을 통하여 사람들에게 다양하고 유용한 기능을 제공하며, 새로운 앱들이 계속해서 개발되어 출시되고 있다. 그러나 이러한 긍정적인 측면에서 불구하고, 사람들의 편리한 사용에 대한 욕구를 이용하여, 신종 앱 사기와 같은 범죄가 발생하고 있으며, 이를 악용하여 금전적으로 피해를 주거나 개인정보를 탈취하는 범죄로가 증가되는 추세이다. 이와 같은 앱으로 인한 범죄를 대응하기 위하여, 신종 앱 사기 범죄를 분석하고 해결하는 방안이 요구되는 실정이다. 따라서 본 논문에서는 신종 앱 사기 범죄에 악용되는 가짜 앱을 탐지하고, 공식 기관에서 제공하는 정보를 기반으로 가짜 앱과 공식 앱에 대한 대량의 정보를 공유하는 프레임워크를 개발한다. 개발한 프레임워크를 통하여, 정보를 공유한 사람들에게 가짜 앱에 대한 정보를 알려주고, 공식 기관의 앱을 확인하는 안전한 모바일 환경을 제공할 것으로 사료된다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1293-1300
• /
• 2012

With the rapid evolution of mobile devices and the development of wireless networks, users of mobile social network service on smartphone have been increasing. Also the security of personal information as a result of real-time communication and information-sharing are becoming a serious social issue. In this paper, a framework that can be linked with a social network services platform is designed using OpenAPI. In addition, we propose an authentication and detection mechanism to enhance the level of personal information security. The authentication scheme is based on an user ID and password, while the detection scheme analyzes user-designated input patterns to verify in advance whether personal information protection guidelines are met, enhancing the level of personal information security in a social network service environment. The effectiveness and validity of this study were confirmed through performance evaluations at the end.

• Journal of Korean Society of societal Security
• /
• v.1 no.4
• /
• pp.33-40
• /
• 2008

Personal information security has been as risk ever since the development of information technology increased its internet use. As personal information security is compromised there will be a rise in personal privacy conflicts and this will become an important social issue. The following research is a presentation of the warning map for risk monitoring on personal information security. First, the personal information security process is identified then defined. Second, in order to achieve the personal information security's objective, a survey was taken and the data was collected. Third, factor in the Fishbone Diagram's analysis and figure out the key indicators that include metric and threshold. Last, develop the warning map which has the matrix table composed of the process and the risk. It displays the warning based on the threshold and the value of key indicators related to risks.

• Proceedings of the Korean Information Science Society Conference
• /
• 2006.06b
• /
• pp.127-129
• /
• 2006

모바일 디바이스에서 얻을 수 있는 로그에는 다양한 개인정보가 풍부하게 포함되어 있으면서도 제약이 많아 활용이 어렵다. 그 동안은 모바일 장치의 용량, 파워의 제약과 정보 분석의 어려움으로 로그 정보를 무시해온 것이 일반적이었다. 본 논문에서는 모바일 디바이스의 다양한 로그 정보를 분석하여 사용자에게 의미 있는 상황(특이성)을 탐지해낼 수 있는 정보 분석 방법을 제안한다. 불확실한 상황에서의 정확성 향상을 위해 규칙/패턴 분석에 의한 특이성 추론뿐만 아니라 베이지안 네트워크를 활용한 확률적인 접근 방법을 활용한다. 이때, 복잡하지 않고 연산이 효율적으로 이루어질 수 있도록 BN을 모듈화하고 모듈화된 BN의 상호보완적인 확률 추론을 위한 BN 처리 과정을 제안한다. 그리고, 특이성 추출 모듈을 주기적으로 업데이트함으로써 성능을 향상시키기 위한 학습알고리즘을 소개한다.

• Review of KIISC
• /
• v.29 no.3
• /
• pp.14-21
• /
• 2019

인터넷 상에서 개인정보보호 등 안전성 강화를 위해 암호통신이 지속적으로 증가하고 있다. 특히, 해커들도 사이버공격 행위 은닉 및 탐지기법 우회를 목적으로 암호통신을 적극 활용하는 추세이다. 이러한 상황에서, 네트워크 트래픽 상에서 평문형태의 패턴매칭을 통해 사이버공격을 탐지하는 기존의 방법으로는 한계점에 당면한 상황이다. 따라서, 본 논문에서는 암호통신 기반 사이버공격을 효과적으로 탐지하기 위하여 인공지능 및 설명가능 인공지능 기술을 접목하기 위한 연구 개발 동향을 소개한다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.255-264
• /
• 2016

Due to the development of information and communication technology, the great change on economics has grown and the biggest change is the e-commerce. With the methods of electronic financial frauds becoming advanced, reported phishing incidents have greatly increased. The Fraud Detection System(hereafter FDS) has taken effect to prevent electronic financial frauds, but economic losses still occurring. This Paper aims to analyze the financial environment, financial information technology environment, financial information technology security environment and some features of the institutional changes. In order to supplement the defect of FDS, it gives some recommendations for the improvement of the effective FDS Management System and information sharing on frauds with some public institution and a major consideration for collection or utilization of personal information.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.657-667
• /
• 2020

The Android framework allows apps to take full advantage of personal information through granting single permission, and does not determine whether the data being leaked is actual personal information. To solve these problems, we propose a tool with static/dynamic analysis. The tool analyzes the Source and Sink used by the target app, to provide users with information on what personal information it used. To achieve this, we extracted the Source and Sink through Control Flow Graph and make sure that it leaks the user's privacy when there is a Source-to-Sink flow. We also used the sensitive permission information provided by Google to obtain information from the sensitive API corresponding to Source and Sink. Finally, our dynamic analysis tool runs the app and hooks information from each sensitive API. In the hooked data, we got information about whether user's personal information is leaked through this app, and delivered to user. In this process, an automated Source/Sink classification model was applied to collect latest Source/Sink information, and the we categorized latest release version of Android(9.0) with 88.5% accuracy. We evaluated our tool on 2,802 APKs, and found 850 APKs that leak personal information.