• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.1528-1531
• /
• 2011

최근 악성봇은 해커에 의해 원격 조정되어 명령에 의해 스팸메일 발송, DDoS 공격 등의 악성행위를 수행하는 웜/바이러스이다[2]. 악성봇은 이전의 웜/바이러스와 달리 금전적인 이득을 목적으로 하는 것이 많아 작게는 일상생활의 불편함으로부터 크게는 사회적, 국가적으로 악영향을 주고 있다. 국내에서는 이러한 위험을 방어하기 위한 효과적인 대응 방법으로 DNS 싱크홀을 운영 하고 있다. 본 논문에서는 DNS 싱크홀 운영 중 수집한 봇 명령/제어 (Command and Control, C&C) 도메인을 Internet Service Provider (ISP) DNS 싱크홀 시스템에 적용하는 과정에서 나타나는 문제점을 효과적으로 해결 하기 위한 DNS Response Policy Zone(RPZ)을 이용한 DNS 싱크홀 운영 방안을 제시 하였다.

• The Korean Journal of Applied Statistics
• /
• v.28 no.3
• /
• pp.407-415
• /
• 2015

$Na{\ddot{i}}ve$ Bayes Classification is based on input variables that are a conditionally independent given output variable. The $Na{\ddot{i}}ve$ Bayes assumption is unrealistic but simplifies the problem of high dimensional joint probability estimation into a series of univariate probability estimations. Thus $Na{\ddot{i}}ve$ Bayes classier is often adopted in the analysis of massive data sets such as in spam e-mail filtering and recommendation systems. In this paper, we propose a variable selection method based on ${\chi}^2$ statistic on input and output variables. The proposed method retains the simplicity of $Na{\ddot{i}}ve$ Bayes classier in terms of data processing and computation; however, it can select relevant variables. It is expected that our method can be useful in classification problems for ultra-high dimensional or big data such as the classification of diseases based on single nucleotide polymorphisms(SNPs).

• Proceedings of the Korea Contents Association Conference
• /
• 2006.05a
• /
• pp.337-341
• /
• 2006

Spam email is an electronic mail sent to a large number of netizen who do not want it. Criminals have been to take an advantage of this tool easily through harmful activities such as phishing. Recently the spam mail containing commercial information is broadly accepted as an illegal commitment to endangering the network. According some report, it could cause real damages. For the better policy on controlling spam mail we need new Efficient Countermeasure. Several laws have been enacted in Korea for controlling spam mail. The most important acts is the Using and Protecting Communication Act. Main targets of this law is virus spreading, computer hacking, cyber pornography, intellectual property breaching, private or public information abusing and cyber terrorism. But the Using and Protecting Communication Act is insufficient to control spam mail. For the better policy on controlling spam mail we need new Efficient Countermeasure. Therefore, this research wishes to present way to control for efficient spam mail through enactment of conversion, induction of clash action system degree, special law of national regulation form for spam mail.

• Journal of KIISE:Computing Practices and Letters
• /
• v.15 no.1
• /
• pp.47-55
• /
• 2009

Bot is a kind of worm/virus that is remotely controlled by a herder. Bot can be used to launch distributed denial-of-service(DDoS) attacks or send spam e-mails etc. Launching cyber attacks using malicious Bots is motivated by increased monetary gain which is not the objective of worm/virus. However, it is very difficult for infected user to detect this infection of Botnet which becomes more serious problems. This is why botnet is a dangerous, malicious program. The Bot DNS Sinkhole is a domestic bot mitigation scheme which will be proved in this paper as one of an efficient ways to prevent malicious activities caused by bots and command/control servers. In this paper, we analysis botnet activities over more than one-year period, including Bot's lifetime, Bot command/control server's characterizing. And we analysis more efficient ways to prevent botnet activities. We have showed that DNS sinkhole scheme is one of the most effective Bot mitigation schemes.

• The Journal of the Convergence on Culture Technology
• /
• v.2 no.1
• /
• pp.79-85
• /
• 2016

Ransomware was a malicious code that active around the US, but now it spreads rapidly all over the world and emerges in korea recently because of exponential computer supply and increase in users. Initially ransomware uses e-mail as an attack medium in such a way that induces to click a file through the spam mail Pam, but it is now circulated through the smart phone message. The current trend is an increase in the number of damage, including attacks such as the domestic large community site by ransomware hangul version. Ransomware outputs a warning message to the user to encrypt the file and leads to monetary damages and demands for payment via bitcoin as virtual currency is difficult to infer the tracking status. This paper presents an analysis and solutions to damage cases caused by ransomware.

• The Korean Journal of Applied Statistics
• /
• v.30 no.5
• /
• pp.681-690
• /
• 2017

Various imbalanced binary classification problems exist such as fraud detection in banking operations, detecting spam mail and predicting defective products. Several sampling methods such as over sampling, under sampling, SMOTE have been developed to overcome the poor prediction performance of binary classifiers when the proportion of one group is dominant. In order to overcome this problem, several sampling methods such as over-sampling, under-sampling, SMOTE have been developed. In this study, we investigate prediction performance of logistic regression, Lasso, random forest, boosting and support vector machine in combination with the sampling methods for binary imbalanced data. Four real data sets are analyzed to see if there is a substantial improvement in prediction performance. We also emphasize some precautions when the sampling methods are implemented.

• The KIPS Transactions:PartC
• /
• v.13C no.7 s.110
• /
• pp.859-864
• /
• 2006

The openness of the Web allows any user to access almost any type of information easily at any time and anywhere. However, with function of easy access for useful information, internet has dysfunctions of providing users with harmful contents indiscriminately. Some information, such as adult content, is not appropriate for all users, notably children. Additionally for adults, some contents included in abnormal porn sites can do ordinary people's mental health harm. In the meantime, since Internet is a worldwide open network it has a limit to regulate users providing harmful contents through each countrie's national laws or systems. Additionally it is not a desirable way of developing a certain system-specific classification technology for harmful contents, because internet users can contact with them in diverse way, for example, porn sites, harmful spams, or peer-to-peer networks, etc. Therefore, it is being emphasized to research and develop context-based core technologies for classifying harmful contents. In this paper, we propose an efficient text filter for blocking harmful texts of web documents using context-based technologies.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.3
• /
• pp.25-32
• /
• 2019

The core of the block chain technology is solving the problem of agreement on double payment, and the PoW, PoS and DPoS algorithms used for this have been studied. PoW in-process proofs are consensus systems that require feasible efforts to prevent minor or malicious use of computing capabilities, such as sending spam e-mail or initiating denial of service (DoS) attacks. The proof of the PoS is made to solve the Nothing at stake problem as well as the energy waste of the proof of work (PoW) algorithm, and the decision of the sum of each node is decided according to the amount of money, not the calculation ability. DPoS is that a small number of authorized users maintain a trade consensus through a distributed network, whereas DPS provides consent authority to a small number of representatives, whereas PoS has consent authority to all users. If PoS is direct democracy, DPoS is indirect democracy. This study aims to contribute to the continuous development of the related field through the study of the algorithm of the block chain agreement.

• Database Research
• /
• v.34 no.3
• /
• pp.3-13
• /
• 2018

Text classification is one of the text mining technologies that classifies a given textual document into its appropriate categories and is used in various fields such as spam email detection, news classification, question answering, emotional analysis, and chat bot. In general, the text classification system utilizes machine learning algorithms, and among a number of algorithms, naïve Bayes and support vector machine, which are suitable for text data, are known to have reasonable performance. Recently, with the development of deep learning technology, several researches on applying deep neural networks such as recurrent neural networks (RNN) and convolutional neural networks (CNN) have been introduced to improve the performance of text classification system. However, the current text classification techniques have not yet reached the perfect level of text classification. This paper focuses on the fact that the text data is expressed as a vector only with the word dimensions, which impairs the semantic information inherent in the text, and proposes a neural network architecture based upon the semantic tensor space model.

• Journal of Platform Technology
• /
• v.9 no.2
• /
• pp.26-37
• /
• 2021

E-mail is one of the important tools for communicating with people in everyday life. With COVID-19 (Coronavirus) increasing non-face-to-face activity, security incidents through e-mail such as spam, phishing, and ransomware are increasing. E-mail security incidents are increasing as social engineering attack using human psychology rather than arising from technological weaknesses that e-mails have. Security incidents using human psychology can be prevented and defended by improving security awareness. This study empirically studies the analysis of changes in response to malicious e-mail due to improved security awareness through malicious e-mail simulations on executives and employees of domestic and foreign company. In this study, the factors of security training, top-down security management, and security issue sharing are found to be effective in safely responding to malicious e-mail. This study presents a new study by conducting empirical analysis of theoretical research on security awareness in relation to malicious e-mail responses, and results obtained from simulations in a practical setting may help security work.