• The Journal of the Convergence on Culture Technology
• /
• v.2 no.1
• /
• pp.79-85
• /
• 2016

Ransomware was a malicious code that active around the US, but now it spreads rapidly all over the world and emerges in korea recently because of exponential computer supply and increase in users. Initially ransomware uses e-mail as an attack medium in such a way that induces to click a file through the spam mail Pam, but it is now circulated through the smart phone message. The current trend is an increase in the number of damage, including attacks such as the domestic large community site by ransomware hangul version. Ransomware outputs a warning message to the user to encrypt the file and leads to monetary damages and demands for payment via bitcoin as virtual currency is difficult to infer the tracking status. This paper presents an analysis and solutions to damage cases caused by ransomware.

• The KIPS Transactions:PartC
• /
• v.18C no.3
• /
• pp.127-134
• /
• 2011

Malicious botnet has been used for more malicious activities, such as DDoS attacks, sending spam messages, steal personal information, etc. To prevent this, many studies have been preceded. But malicious botnets have evolved and evaded detection systems. In particular, HTTP GET Request attack that exploits the vulnerability of the application layer is used. ALAB of ALADDIN proposed by ETRI is DDoS attack detection system that HTTP GET, Incomplete GET request flooding attack detection algorithm is applied. In this paper, we extend Incomplete GET detection algorithm of ALAB and derive the optimal configuration parameters to verify the validity of the algorithm ALAB by the study of the normal and attack packets.

• Journal of Advanced Navigation Technology
• /
• v.15 no.2
• /
• pp.287-297
• /
• 2011

As electronic mails are being widely used for facility and speedness of information communication, as the amount of spam mails which have malice and advertisement increase and cause lots of social and economic problem. A number of approaches have been proposed to alleviate the impact of spam. These approaches can be categorized into pre-acceptance and post-acceptance methods. Post-acceptance methods include bayesian filters, collaborative filtering and e-mail prioritization which are based on words or sentances. But, spammers are changing those characteristics and sending to avoid filtering system. In the case of Korean, the abnormal usages can be much more than other languages because syllable is composed of chosung, jungsung, and jongsung. Existing formal expressions and learning algorithms have the limits to meet with those changes promptly and efficiently. So, we present an methods for recognizing Korean abnormal language(Koral) to improve accuracy and efficiency of filtering system. The method is based on syllabic than word and Smith-waterman algorithm. Through the experiment on filter keyword and e-mail extracted from mail server, we confirmed that Koral is recognized exactly according to similarity level. The required time and space costs are within the permitted limit.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.2
• /
• pp.23-33
• /
• 2004

Because of a rapid growth of internet environment, it is also fast increasing to exchange message using e-mail. But, despite the convenience of e-mail, it is rising a currently bi9 issue to waste their time and cost due to the spam mail in an individual or enterprise. Many kinds of solutions have been studied to solve harmful effects of spam mail. Such typical methods are as follows; pattern matching using the keyword with representative method and method using the probability like Naive Bayesian. In this paper, we propose a classification method of spam mails from normal mails using Support Vector Machine, which has excellent performance in pattern classification problems, to compensate for the problems of existing research. Especially, the proposed method practices efficiently a teaming procedure with a word dictionary including a generated index by the n-Gram. In the conclusion, we verified the proposed method through the accuracy comparison of spm mail separation between an existing research and proposed scheme.