• Convergence Security Journal
• /
• v.18 no.5_1
• /
• pp.45-51
• /
• 2018

As data utilization and importance becomes important, data-related accidents and damages are gradually increasing. Especially, insider threats are the most harmful threats. And these insider threats are difficult to detect by traditional security systems, so rule-based abnormal behavior detection method has been widely used. However, it has a lack of adapting flexibly to changes in new attacks and new environments. Therefore, in this paper, we propose an adaptive anomaly movement detection framework based on a statistical Markov model to detect insider threats in advance. This is designed to minimize false positive rate and false negative rate by adopting environment factors that directly influence the behavior, and learning data based on statistical Markov model. In the experimentation, the framework shows good performance with a high F2-score of 0.92 and suspicious behavior detection, which seen as a normal behavior usually. It is also extendable to detect various types of suspicious activities by applying multiple modeling algorithms based on statistical learning and environment factors.

• The KIPS Transactions:PartD
• /
• v.12D no.7 s.103
• /
• pp.947-956
• /
• 2005

Software(S/W) reengineering is one of the effective technologies to produce a business worth and en and the S/W ROI continuously. In spite of, S/W reengineering has been recognized a cost-consumptive works with inefficient productivity. In fact we have used to transform to confusion system with destructive system architecture by extending and updating legacy system in a temporary expedients. Moreover it is impossible to provide the time-market products for coping with rapid changeable system environment and meeting to complicated customer's requirements. Therefore, we need a systematic reengineering methodology to fulfill the changeable environment, as appearance of new IT techniques, various alteration of business information model, and increment of business logic. Legacy systems can be utilized as the core property in business organization through reengineering methodology. In this paper, we target to establish the reengineering process, proposed MaRMI-RE consisting of initial Planning phase, reverse engineering and component transformation phase. To describe the MaRMI-RE, we presented the concrete tasks and techniques and artifacts per individual phase in process, and the case study is showed briefly.