• The Journal of the Korea Contents Association
• /
• v.19 no.2
• /
• pp.284-295
• /
• 2019

In the recent times, a personalized travel path recommendation based on both travelogues and community contributed photos and the heterogeneous meta-data (tags, geographical locations, and date taken) which are associated with photos have been studied. The travellers using social media leave their location history, in the form of paths. These paths can be bridged for acquiring information, required, for future recommendation, for the future travellers, who are new to that location, providing all sort of information. In this paper, we propose a personalized travel path recommendation scheme, based on social life log. By taking advantage, of two kinds of social media, such as travelogue and community contributed photos, the proposed scheme, can not only be personalized to user's travel interest, but also be able to recommend, a travel path rather than individual Points of Interest (POIs). The proposed personalized travel route recommendation method consists of two steps, which are: pruning POI pruning step and creating travel path step. In the POI pruning step, candidate paths are created by the POI derived. In the creating travel path step, the proposed scheme creates the paths considering the user's interest, cost, time, season of the topic for more meaningful recommendation.

• Journal of the Korea Convergence Society
• /
• v.12 no.1
• /
• pp.99-104
• /
• 2021

In this paper, we propose health risk management using feature extraction and cluster analysis considering time flow. The proposed method proceeds in three steps. The first is the pre-processing and feature extraction step. It collects user's lifelog using a wearable device, removes incomplete data, errors, noise, and contradictory data, and processes missing values. Then, for feature extraction, important variables are selected through principal component analysis, and data similar to the relationship between the data are classified through correlation coefficient and covariance. In order to analyze the features extracted from the lifelog, dynamic clustering is performed through the K-means algorithm in consideration of the passage of time. The new data is clustered through the similarity distance measurement method based on the increment of the sum of squared errors. Next is to extract information about the cluster by considering the passage of time. Therefore, using the health decision-making system through feature clusters, risks able to managed through factors such as physical characteristics, lifestyle habits, disease status, health care event occurrence risk, and predictability. The performance evaluation compares the proposed method using Precision, Recall, and F-measure with the fuzzy and kernel-based clustering. As a result of the evaluation, the proposed method is excellently evaluated. Therefore, through the proposed method, it is possible to accurately predict and appropriately manage the user's potential health risk by using the similarity with the patient.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.9 no.2
• /
• pp.243-247
• /
• 2016

Driving Event Data such as the rapid acceleration, the rapid deceleration, the sudden braking, and the sudden departure, and over speeding provide important information to predict or analyze the driving habits and accident risk of a driver. Most of the data that represent the driver's driving habits generally fit to the parametric distribution, whereas extreme parts of the data to estimate the accident risk of a driver may not. This paper presents an empirical distribution that is divided into two regions, one is from the normal distribution, and the other is from the general pareto distribution for the driving habits of a driver.

• The Journal of the Korea Contents Association
• /
• v.13 no.4
• /
• pp.399-406
• /
• 2013

Recently, studies about process mining for creating and analyzing business process models from log data have received much attention from BPM (Business Process Management) researchers. Process mining is a kind of method that extracts meaningful information and hidden rules from the event log of enterprise information systems such as ERP and BPM. In this paper, repair processes of electronic devices are analyzed using ProM which is a process mining tool. And based on the analysis of repair processes, the method for finding major failure patterns is proposed by multi-dimensional data analysis beyond simple statistics. By using the proposed method, the reliability of electronic device can be increased by providing the identified failure patterns to design team.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.9
• /
• pp.2272-2279
• /
• 2014

Mobile applications are software systems running on handheld devices, such as smartphones, PDAs, tablets and so on. The market of mobile application has rapidly expanded in the past few years. In this paper, we present a novel approach to track smartphone application usage from a event logs on the mobile device and analyzed both on client system and usage analysis server. We implemented our client system on Android device based usage analytics platform. Based on the analysis server system, we obtained over 47,000 user base, and we get the user's app usage informations on realtime. In this paper, we describe a large scale deployment-based research for a smartphone usage patterns and usage information visualization techniques.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1131-1139
• /
• 2016

In the Hive file format, the sk(Security Key) cell provides access control to registry key. An attacker can figure out secret information on registry or change the security set-up if she could apply modified hive files on system. This paper presents various methods to change access control of registry key by modifying or replacing cell on hive file. We also discuss threats by access control modification and signs of attacks analysis by modified hive files.

• Journal of Korea Society of Industrial Information Systems
• /
• v.26 no.5
• /
• pp.69-77
• /
• 2021

This study aims to identify security-based threat information for an organization. This is because protecting the threat for IT systems plays an important role for an corporate's intangible assets. Security monitoring systems determine and consequently respond threats by analyzing them in a real time situation, focusing on events and logs generated by security protection programs. The security monitoring task derives priority by dividing threat information into reputation information and analysis information. Reputation information consisted of Hash, URL, IP, and Domain, while, analysis information consisted of E-mail, CMD-Line, CVE, and attack trend information. As a result, the priority of reputation information was relatively high, and it is meaningful to increase accuracy and responsiveness to the threat information.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.638-640
• /
• 2021

The network separation environment is a network security design system that separates the internal business network from the external Internet network. It separates the internal business network from the external Internet by separating it into a business network that is not connected to the network to which the Internet is connected. The network is separated, and it is a relatively secure network structure compared to Danilman in terms of security. However, there are frequent cases of infecting internal networks by using vulnerabilities in internal systems, network devices, and security devices. In this paper, we analyze the vulnerability of IT security threats in such a network isolation environment and provide technical measures for effective security monitoring.

• The Journal of the Korea Contents Association
• /
• v.20 no.7
• /
• pp.618-628
• /
• 2020

The purpose of this paper is to propose a new security orchestration service model by combining various security solutions that have been introduced and operated individually as a basis for cyber security framework. At present, in order to respond to various and intelligent cyber attacks, various single security devices and SIEM and AI solutions that integrate and manage them have been built. In addition, a cyber security framework and a security control center were opened for systematic prevention and response. However, due to the document-oriented cybersecurity framework and limited security personnel, the reality is that it is difficult to escape from the control form of fragmentary infringement response of important detection events of TMS / IPS. To improve these problems, based on the model of this paper, select the targets to be protected through work characteristics and vulnerable asset identification, and then collect logs with SIEM. Based on asset information, we established proactive methods and three detection strategies through threat information. AI and SIEM are used to quickly determine whether an attack has occurred, and an automatic blocking function is linked to the firewall and IPS. In addition, through the automatic learning of TMS / IPS detection events through machine learning supervised learning, we improved the efficiency of control work and established a threat hunting work system centered on big data analysis through machine learning unsupervised learning results.

• Journal of Platform Technology
• /
• v.11 no.3
• /
• pp.32-44
• /
• 2023

A blockchain bridge (hereinafter referred to as "bridge") is a service that enables the transfer of assets between blockchains. A bridge accepts virtual assets from users and delivers the same virtual assets to users on other blockchains. Users use bridges because they cannot transfer assets to other blockchains in the usual way because each blockchain environment is independent. Therefore, the movement of assets through bridges is not traceable in the usual way. If a malicious actor moves funds through a bridge, existing asset tracking tools are limited in their ability to trace it. Therefore, this paper proposes a method to obtain information on bridge usage by identifying the structure of the bridge and analyzing the event logs of bridge requests. First, to understand the structure of bridges, we analyzed bridges operating on Ethereum Virtual Machine(EVM) based blockchains. Based on the analysis, we applied the method to arbitrary bridge events. Furthermore, we created an automated tool that continuously collects and stores bridge usage information so that it can be used for actual tracking. We also validated the automated tool and tracking method based on an asset transfer scenario. By extracting the usage information through the tool after using the bridge, we were able to check important information for tracking, such as the sending blockchain, the receiving blockchain, the receiving wallet address, and the type and quantity of tokens transferred. This showed that it is possible to overcome the limitations of tracking asset movements using blockchain bridges.