• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.11a
• /
• pp.803-805
• /
• 2022

자율주행의 시대가 도래함에 따라, 딥러닝 모델에 대한 적대적 공격 위험이 함께 증가하고 있다. 카메라 기반 자율주행차량이 공격받을 경우 보행자나 표지판 등에 대한 오분류로 인해 심각한 사고로 이어질 수 있어, 자율주행 시스템에서의 적대적 공격에 대한 방어 및 보안 기술 연구가 필수적이다. 이에 본 논문에서는 GTSRB 표지판 데이터를 이용하여 각종 공격 및 방어 기법을 개발하고 제안한다. 시간 및 정확도 측면에서 성능을 비교함으로써, 자율주행에 최적인 모델을 탐구하고 더 나아가 해당 모델들의 완전자율주행을 위한 발전 방향을 제안한다.

• Convergence Security Journal
• /
• v.11 no.6
• /
• pp.3-8
• /
• 2011

Advanced Persistent Threat (APT), aims a specific business or political targets, is rapidly growing due to fast technological advancement in hacking, malicious code, and social engineering techniques. One of the most important characteristics of APT is persistence. Attackers constantly collect information by remaining inside of the targets. Enterprise Security Management (EMS) system can misidentify APT as normal pattern of an access or an entry of a normal user as an attack. In order to analyze this misidentification, a new system development and a research are required. This study suggests the way of forecasting APT and the effective countermeasures against APT attacks by categorizing misidentified data in data-mining through threshold ratings. This proposed technique can improve the detection of future APT attacks by categorizing the data of long-term attack attempts.

• KIPS Transactions on Software and Data Engineering
• /
• v.4 no.3
• /
• pp.129-134
• /
• 2015

Since automatic social engineering based spam attacks induce for users to click or receive the short message service (SMS), e-mail, site address and make a relationship with an unknown friend, it is very easy for them to active in online social networks. The previous spam detection schemes only apply manual filtering of the system managers or labeling classifications regardless of the features of social networks. In this paper, we propose the spam detection metric after reflecting on a couple of features of social networks followed by analysis of real social network data set, Twitter spam. In addition, we provide the online social networks based unsupervised scheme for automated social engineering spam with self organizing map (SOM). Through the performance evaluation, we show the detection accuracy up to 90% and the possibility of real time training for the spam detection without the manager.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.161-165
• /
• 2002

최근 증가하고 있는 인터넷 및 기타 네트워크 시스템에 대한 위협은 그 공격의 목적과 기법, 피해의 종류가 늘어남에 따라 효과적인 대응책으로 단순한 기술적 접근 이외에 법률 및 심리, 사회 공학적 접근의 결합적인 대처방안이 강구되어야 할 것이다. 이를 효과적으로 보조할 수 있는 시스템이 Honeypot이다. 하지만 Honeypot 자체는 공격의 위협을 그 즉시 막는데는 별다른 능력이 없기 때문에 Honeypot 시스템의 의도대로 공격자가 속지 않거나 Honeypot의 정보가 다른 보안 도구와 보안 정책 갱신에 이용되기 이전의 공격에 대해서는 취약점을 가지고 있다. 이에 따라 본 논문에서는 기존의 Honeypot이 설치된 시스템의 효과적 활용을 위해 신경망 이론에 기반한 침입 탐지 모듈을 연동하며 이를 통해 초기 공격에 대한 Honeypot 시스템 보호, Honeypot 시스템이 활성화 된 다음의 상호 연동 효과 및 향후 과제 등을 기술한다. 또한 이에 대한 보다 확실한 접근을 위해 Honeypot 시스템을 통해 DDoS를 방어하도록 제안되었던 시스템의 취약점과 이를 효과적으로 해결할 수 있는 방법을 제안한다.

• Journal of Industrial Convergence
• /
• v.22 no.2
• /
• pp.63-71
• /
• 2024

Conventional methods like PIN used in conventional smartphone form factor have not considered the variation in display structure or screen size. As a result, when applied to recent variable display-based smartphones, the secret information input unit may get reduced or enlarged, leading to vulnerabilities for social engineering attacks due to deformation of the display area. This study proposes a secure keypad that responds to changes in display size in rollable and bendable smart phones. Firstly, the security problems that may arise when applying classical authentication methods to new form factors were analyzed, and corresponding security requirements were derived. The proposed security keypad addresses the key input error problem that can occur when the screen size is small. The arrangement and size of keys can be deformed with the spacing suitable for input depending on the display size of rollable and bendable smartphones. The study also considered the problem of leaking input information for social engineering attacks by irregularly distributing key input coordinates. The proposed method provides better user experience and security than existing methods and can be used in smartphones of various sizes and shapes.

• Journal of the Korea Society for Simulation
• /
• v.19 no.4
• /
• pp.151-159
• /
• 2010

Currently, by using the Internet, We can do varius things such as Web surfing, email, on-line shopping, stock trading on your home or office. However, as being out of the concept of security from the beginning, it is the big social issues that malicious user intrudes into the system through the network, on purpose to steal personal information or to paralyze system. In addition, network intrusion by ordinary people using network attack tools is bringing about big worries, so that the need for effective and powerful intrusion detection system becomes very important issue in our Internet environment. However, it is very difficult to prevent this attack perfectly. In this paper we proposed the algorithm for the detection of DoS attacks, and developed attack detection tools. Through learning in a normal state on Step 1, we calculate thresholds, the number of packets that are coming to each port, the median and the average utilization of each port on Step 2. And we propose values to determine how to attack detection on Step 3. By programing proposed attack detection algorithm and by testing the results, we can see that the difference between the median of packet mounts for unit interval and the average utilization of each port number is effective in detecting attacks. Also, without the need to look into the network data, we can easily be implemented by only using the number of packets to detect attacks.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.287-294
• /
• 2016

APT attack aimed at the interruption of information and communication facilities and important information leakage of companies. it performs an attack using zero-day vulnerabilities, social engineering base on collected information, such as IT infra, business environment, information of employee, for a long period of time. Fragmentary response to cyber threats such as malware signature detection methods can not respond to sophisticated cyber-attacks, such as APT attacks. In this paper, we propose a cyber intrusion detection model for countermeasure of APT attack by utilizing heterogeneous system log into big-data. And it also utilizes that merging pattern-based detection methods and abnormality detection method.

• Journal of the Korea Convergence Society
• /
• v.6 no.1
• /
• pp.85-91
• /
• 2015

Recently government has distributed precautionary measure and response procedures for smishing(SMS phishing), pharming, phishing, memory hacking and intensified Electronic Financial Transaction Act because of the sharp increase of electronic bank frauds. However, the methods of electronic bank frauds also developed and changed accordingly so much it becomes hard to cope with them. In contrast to earlier voice phishing targeted randomizing object, these new methods find out the personal information of targets and analyze them in detail making a big data base. And they are progressed into new kind of electronic bank frauds using those analyzed informations for voice phishing. This study analyze the attack method of voice phishing blended with the Big Data of personal informations and suggests response procedures for electronic bank frauds increasingly developed. Using the method to save meaningless data in a memory, attackers cannot deduct accurate information and try voice phishing properly even though they obtain personal information based on the Big Data. This study analyze newly developed social technologic attacks and suggests response procedures for them.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.04a
• /
• pp.220-222
• /
• 2017

제 4차 산업이 다가오는 이 시점에서 보안이 잘 갖추어진 네트워크 조직에서도 사람과 PC와 같은 단말에 대한 취약점이 드러나면 결국 네트워크 전체가 무너질 수 있다. 그러므로 단말에 대한 보안이 중요시되고 있다. 암호화된 장비를 갖추거나 물리적 망 분리를 한다하여도 사회공학을 통한 보안 위협은 여전히 존재하고 있기 때문이다. 본 논문에서는 사회공학을 통해 사람과 PC와 같은 단말을 통해 침투하고 악성코드를 유포하여 공격 대상의 정보를 수집하는 방법에 대하여 연구한다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2018.07a
• /
• pp.470-473
• /
• 2018

본 논문에서는 스마트폰과 스마트폰이 블루투스로 연결할 때 페어링 진행을 최초 1회만 하는 것에 대한 위험성에 관하여 연구하였다. 본 연구를 통하여 구현한 트로이목마 어플리케이션은 희생자 스마트폰과 페어링이 되어 있을 경우, 실행과 동시에 공격자의 스마트폰과 블루투스로 연결되도록 하였다. 희생자 스마트폰의 어플리케이션은 스마트폰의 카메라를 작동시켜 사진을 촬영하고 스마트폰에 저장된 주소록 데이터를 추출하며, 촬영한 사진과 추출한 주소록 데이터를 공격자의 스마트폰으로 전송한다. 공격자는 희생자의 스마트폰에서 탈취한 정보를 확인할 수 있다.