• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.357-367
• /
• 2018

As information technology of modern society develops, various malicious codes with the purpose of seizing or destroying important system information are developing together. Among them, ransomware is a typical malicious code that prevents access to user's resources. Although researches on detecting ransomware performing encryption have been conducted a lot in recent years, no additional methods have been proposed to recover damaged files after an attack. Also, because the similarity comparison technique was used without considering the repeated encryption, it is highly likely to be recognized as a normal behavior. Therefore, this paper implements a filter driver to control the file system and performs a similarity comparison method that is verified based on the analysis of the encryption pattern of the ransomware. We propose a system to detect the malicious process of the accessed process and recover the damaged file based on the cloud storage.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1141-1151
• /
• 2018

In an APT attack, the communication stage between infected hosts and C&C(Command and Control) server is the key stage for intrusion into the attack target. Attackers can control multiple infected hosts by the C&C Server and direct intrusion and exploitation. If the C&C Server is exposed at this stage, the attack will fail. Therefore, in recent years, the Domain Generation Algorithm (DGA) has replaced DNS in C&C Server with a short time interval for making detection difficult. In particular, it is very difficult to verify and detect all the newly registered DNS more than 5 million times a day. To solve these problems, this paper proposes a model to judge DGA-DNS detection by the morphological similarity analysis of normal DNS and DGA-DNS, and to determine the sign of APT attack through it, then we verify its validity.

• Journal of Legislation Research
• /
• no.55
• /
• pp.167-191
• /
• 2018

Despite international cooperation, piracy has not yet been eradicated in major waters around the world. From the perspective of South Korea, which is absolutely dependent on exporting and importing, it's a lifeline for us to secure safe maritime traffic so it is a situation we have to be vigilant about maritime safety and security. However, criminal law on punishment of piracy is still insufficient and legislative consideration is needed. Since pirates are regarded as enemies of humankind, all nations can punish pirates regardless of their damage. The international community has done its best in cooperation from hundreds of years ago to secure maritime trade through this universal jurisdiction and marine transportation in international waters which is an essential space for military activities, particularly in the Gulf of Aden, the advanced nations have dispatched fleets to combat maritime security threats through joint operations to crack down on Somali pirates. Even if universal jurisdiction is allowed for piracy in accordance with the International Convention on Human Rights and the United Nations Convention on the Law of the Sea, it is difficult to effectively deal with piracy if it not fully complied with a domestic legal system for this purpose or is stipulated as different from international regulations. In other words, universal jurisdiction corresponding to international norms and constitution of piracy should be defined in criminal law in accordance with criminal statutory law. If the punishment of pirates by unreasonably applying our criminal law without prejudice to such work can lead to diplomatic disputes in violation of the Universal Declaration of Human Rights or other international norms. In South Korea, there is no provision to explicitly prescribe piracy as a crime, but punish similar acts like piracy in criminal law and maritime safety law. However, there is a limit to effective piracy punishment because we are not fully involved in internationally accepted piracy. In this study, we critically examine the proposals of the constitutional elements of piracy, propose the legislative direction, and insist on the introduction of globalism to pirate sins.

• Journal of Digital Convergence
• /
• v.10 no.1
• /
• pp.371-378
• /
• 2012

Through sensor nodes it can obtain behavior, condition, location of objects. Generally speaking, sensor nodes are very limited because they have a battery power supply. Therefore, for collecting sensor data, efficient energy management is necessary in order to prolong the entire network survival. In this paper, we propose a method that increases energy efficiency to be self-configuring by distributed sensor nodes per cluster. The proposed method is based on the ANTCLUST. After measuring the similarity between two objects it is method that determine own cluster. It applies a colonial closure model of ant. The result of an experiment, it showed that the number of alive nodes increased 27% than existing clustering methods.

• Journal of KIISE
• /
• v.43 no.3
• /
• pp.289-295
• /
• 2016

Malware authors spread malware variants in order to evade detection. It's hard to detect malware variants using static analysis. Therefore dynamic analysis based on API call information is necessary. In this paper, we proposed a malware family recommendation method to assist malware analysts in classifying malware variants. Our proposed method extract API call information of malware families by dynamic analysis. Then the multiple sequence alignment technique was applied to the extracted API call information. A signature of each family was extracted from the alignment results. By the similarity of the extracted signatures, our proposed method recommends three family candidates for unknown malware. We also measured the accuracy of our proposed method in an experiment using real malware samples.

• Journal of Korean Library and Information Science Society
• /
• v.34 no.2
• /
• pp.233-253
• /
• 2003

Knowledge organization is the way we humans understand the world. There are two types of information organization mechanisms studied in information retrieval: namely classification md clustering. Classification organizes entities by pigeonholing them into predefined categories, whereas clustering organizes information by grouping similar or related entities together. The system of the Internet information resources extracts a keyword from the words which appear in the web document and draws up a reverse file. Term clustering based on grouping related terms, however, did not prove overly successful and was mostly abandoned in cases of documents used different languages each other or door-way-pages composed of only an anchor text. This study examines infometric analysis and clustering possibility of web documents based on co-link topology of web pages.

• Annual Conference on Human and Language Technology
• /
• 2022.10a
• /
• pp.485-490
• /
• 2022

데이터 증강기법은 추가적인 데이터 구축 혹은 수집 행위 없이 원본 데이터셋의 양과 다양성을 증가시키는 방법이다. 데이터 증강기법은 규칙 기반부터 모델 기반 방법으로 발전하였으며, 최근에는 Masked Language Modeling (MLM)을 응용한 모델 기반 데이터 증강 연구가 활발히 진행되고 있다. 그러나 기존의 MLM 기반 데이터 증강 방법은 임의 대체 방식을 사용하여 문장 내 의미 변화 가능성이 큰 주요 토큰을 고려하지 않았으며 증강에 따른 레이블 교정방법이 제시되지 않았다는 한계점이 존재한다. 이러한 문제를 완화하기 위하여, 본 논문은 레이블을 고려할 수 있는 Re-labeling module이 추가된 MLM 기반 한국어 데이터 증강 방법론을 제안한다. 제안하는 방법론을 KLUE-STS 및 KLUE-NLI 평가셋을 활용하여 검증한 결과, 기존 MLM 방법론 대비 약 89% 적은 데이터 양으로도 baseline 성능을 1.22% 향상시킬 수 있었다. 또한 Gate Function 적용 여부 실험으로 제안 방법 Re-labeling module의 구조적 타당성을 검증하였다.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.11
• /
• pp.236-247
• /
• 2016

The purpose of this study was to examine the effects of health program s on hypertension in a public health center located in Y-si. Most interesting were the effects on hypertension-related knowledge, self-care behavior, quality of life, and physiological parameters for hypertensive patients. Nonequivalent control group pretest-posttest design was employed. A total of 48 patients with hypertension living in Y-si were assigned to either the experimental group (n=23) or the control group (n=25). The experimental group was provided with an 8-week health program on hypertension between August 31 and October 23 in 2015. Data were analyzed with SPSS/WIN 21.0 using descriptive statistics, ${\chi}^2$-test, Fisher's exact test, and t-test. The result indicated a significant difference between the experimental group and the control group with respect to the scores of hypertension-related knowledge (t=-3.76, p<.001), self-care behavior (t=-3.33, p=.002), physiological parameters, including systolic blood pressure (t=6.27, p<.001) and diastolic blood pressure (t=4.70, p<.001), total cholesterol levels (t=3.08, p=.003), and Abdominal circumference (t=2.52, p=.015). We conclude that the self-group program on hypertension has a significant effect on the change of hypertension-related knowledge and self-care behavior for hypertensive patients.

• Korean journal of communication and information
• /
• v.74
• /
• pp.7-37
• /
• 2015

The study explores how the discourses on game addiction, which emphasize diligence and sincerity for labor and self-control, and professional gamers, who are trapped in pleasures of playing games in the virtual world, cohabit in Korean society. Progamers have grown from entertainment industry enlarged along with the current of the economic 'postmodernization,' mentioned by Hardt and Negri(1997; 2001; 2004). Hardt and Negri have elaborated on the economic postmodernization with the notion 'immaterial labor,' which blurs the line between economic (instrumental) actions and humane qualities as well as pertains to the potentiality of resistant practices against the power of modernity. From this perspective, progamers' labor is understood as 'affective labor,' an aspect of immaterial labor with the potentiality of resistance. However, meticulous examination of progamers' labor in this study reveals that progamers control their affects systematically, strategically, and rationally for their materialistic success. Progamers, while performing postmodern mode of labor, are subordinate to modern work ethics, which lead them to lose the potentiality of resistance. Consequently, while the discourses on game addiction and progamers outwardly form sharp contrast to each other, the two indeed are placed in tandem in the vein of modern work ethics of Protestantism.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.10
• /
• pp.225-232
• /
• 2019

The trademark dilution of famous marks as a kind of unfair competition practice is defined and regulated in Article 2 (1) (c) of the Unfair Competition Prevention and Trade Secret Protection Act (hereinafter referred to as the Unfair Competition Prevention Act), which was newly established according to the amendment of the Act on February 3, 2001. Famous trademarks are universally protected in all around the world, which are likewise protected in the Republic of Korea by the Unfair Competition Prevention Actin line with such international trends. In order to establish the trademark dilution of famous marks, it is necessary to have the following characteristics: (1) high reputation of the original mark, (2) use of identical or similar markscompared to the original mark, (3) occurrence of blurring of discrimination or tarnishment of reputation; in particular, with respect to the degree of proof of 'blurring of discrimination or tarnishment of reputation', which is a constituent requirement of the trademark dilution of famous marks, it is reasonable to interpret the trademark dilution as concrete endangerment offense, neither harm-based offense nor abstract endangerment offense, and thus it should be considered that the crime is established if a specific realistic risk of blurring of discrimination or tarnishment of reputation occurs. Furthermore, in relation to the specific criteria of 'blurring of discrimination or tarnishment of reputation', it is necessary to comprehensively judge the degree of individual behavior in specific matters as a normative factor as well as the psychosocial viewpoint of the general public.