• International Journal of Computer Science & Network Security
• /
• v.24 no.1
• /
• pp.52-60
• /
• 2024

APT (Advanced Persistent Threat) attack is a dangerous, targeted attack form with clear targets. APT attack campaigns have huge consequences. Therefore, the problem of researching and developing the APT attack detection solution is very urgent and necessary nowadays. On the other hand, no matter how advanced the APT attack, it has clear processes and lifecycles. Taking advantage of this point, security experts recommend that could develop APT attack detection solutions for each of their life cycles and processes. In APT attacks, hackers often use phishing techniques to perform attacks and steal data. If this attack and phishing phase is detected, the entire APT attack campaign will be crash. Therefore, it is necessary to research and deploy technology and solutions that could detect early the APT attack when it is in the stages of attacking and stealing data. This paper proposes an APT attack detection framework based on the Network traffic analysis technique using open-source tools and deep learning models. This research focuses on analyzing Network traffic into different components, then finds ways to extract abnormal behaviors on those components, and finally uses deep learning algorithms to classify Network traffic based on the extracted abnormal behaviors. The abnormal behavior analysis process is presented in detail in section III.A of the paper. The APT attack detection method based on Network traffic is presented in section III.B of this paper. Finally, the experimental process of the proposal is performed in section IV of the paper.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.491-498
• /
• 2014

Recently, cyber terror has been occurred frequently based on advanced persistent threat(APT) and it is very difficult to detect these attacks because of new malwares which cannot be detected by anti-virus softwares. This paper proposes and verifies the algorithms to detect the advanced persistent threat previously through real-time network monitoring and combinatorial analysis of big data log. In the future, APT attacks can be detected more easily by enhancing these algorithms and adapting big data platform.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.12
• /
• pp.1771-1779
• /
• 2016

In these days, the world is getting connected to the internet like a sophisticated net, such an environment gives a suitable environment for cyber attackers, so-called cyber-terrorists. As a result, a number of cyber attacks has significantly increased and researches to find cyber attack traffics in the field of network monitoring has also been proceeding. But cyber attack traffics have been appearing in new forms in every attack making it harder to monitor. This paper suggests a method of tracking down cyber attack traffic sources by defining relational information flow of traffic data from highest cascaded and grouped relational flow. The result of applying this cyber attack source tracking method to real cyber attack traffic, was found to be reliable with quality results.

• KSCE Journal of Civil and Environmental Engineering Research
• /
• v.29 no.4D
• /
• pp.491-497
• /
• 2009

This paper presents the results of accelerated pavement tests (APT) that simulate permanent deformation (rutting) of asphalt concrete pavements under different temperatures and loading courses. Also, finite element (FE) analysis has been conducted to predict the test results. Test section for APT is the same as one of test sections at Korea Expressway Corporation test road and is subjected to a constant moving dual tire wheel load of APT at three different temperatures: 30, 40, $50^{\circ}C$. The moving wheel is applied at different loading courses within a 75cm wide wheel path to account for traffic wandering. Also, the effect of wandering on permanent deformation development is investigated numerically with three wandering schemes. In this study, ABAQUS is adopted to model APT pavement section with plain stain elements and creep strain rate model is used to take into account viscoplastic stain of asphalt concrete mixtures, and elastic layer properties are back-calculated from FWD measurements. Plus, the effect of boundary condition and subgrade on FE permanent deformation predictions is investigated. A full FE model that accounted for subgrade provided more realistic rut depth predictions, indicating subgrade has contributed to surface rutting.

• Proceedings of the Society of Korea Industrial and System Engineering Conference
• /
• 2002.05a
• /
• pp.497-505
• /
• 2002

This paper is a report on the user requirements analysis based on the survey performed during the February and March, 2002. The survey constitutes the preliminary stage of our research on the design of advanced public transportation system(APTS) in ITS service. A random sample of 60 responses were selected from the total of 300 replies that were received for our statistical analysis. We were able to identify what kind of information content Is mostly required by the public transportation users. Some useful guidelines as to how to design the APTS are provided as the conclusion.

• International Journal of Highway Engineering
• /
• v.2 no.2
• /
• pp.139-148
• /
• 2000

Currently existing Accelerated Pavement Testing (APT) systems developed in several countries have been employed mainly to test the performance of asphalt pavement. Meanwhile, the length of concrete pavement is similar to that of asphalt pavement in expressways of Korea. and is expected to increase due to its durability and compatibility to our weather condition. To meet the society's demand of having our own APT system which can examine the long-term performance of concrete pavement, a contract study to develop Korea Accelerated Loading and Environment Simulator (KALES) for concrete pavement has been performed for 3 years from 1997 through 1999. Through the project, a detailed design was Peformed for the KALES system in which the entire structure of KALES, loading mechanism, wandering mechanism, suspension system, driving system were proposed. Also in advance to design a full-scale KALES system, a sample scale model was manufactured and tested for operating motion and force distribution. It is evident that the proposed prototype KALES system will provide higher degree of traffic simulation and durable operation, based on the satisfactory fatigue analysis.

• Proceedings of the Korean Geotechical Society Conference
• /
• 1999.10a
• /
• pp.293-300
• /
• 1999

Soilcrete has been the traditional material for the paving and soft ground improvement techniques. But because the durability is not excellent and the quality is not homogeneous, it has not been used for the various purposes up to date. And because the quality of soilcrete is apt to be changed by the content of water and soil stabilizer, and the kind of soil and soil stabilizer, it is not free of cares. But with the increase of naturally oriented needs for the light traffic road such as pedestrian roads of the garden, golf courses and sidewalks, the cases of soilcrete paving has been increased recently. This study aims at making the reference table of the mix design in accordance with the required design specifications for the soilcrete admixtures by the FGC soil stabilizer by using the statistical experiment method. The treated soil is the clay which are widely spreaded in Korea. As the results of this study we can derive the effective reference mix design table for the clay soil treated by the FGC soil stabilizer in accordance with the compressive strength of 50∼200kg/$\textrm{cm}^2$ soilcrete with respect to the contents of water, soil stabilizer and fine sand.

• Journal of Internet Computing and Services
• /
• v.19 no.1
• /
• pp.1-10
• /
• 2018

Network threats such as Internet worms and computer viruses have been significantly increasing. In particular, APTs(Advanced Persistent Threats) and ransomwares become clever and complex. IDSes(Intrusion Detection Systems) have performed a key role as information security solutions during last few decades. To use an IDS effectively, IDS rules must be written properly. An IDS rule includes a key signature and is incorporated into an IDS. If so, the network threat containing the signature can be detected by the IDS while it is passing through the IDS. However, it is challenging to find a key signature for a specific network threat. We first need to analyze a network threat rigorously, and write a proper IDS rule based on the analysis result. If we use a signature that is common to benign and/or normal network traffic, we will observe a lot of false alarms. In this paper, we propose a scheme that analyzes a network threat and extracts key signatures corresponding to the threat. Specifically, our proposed scheme quantifies the degree of correspondence between a network threat and a signature using the LDA(Latent Dirichlet Allocation) algorithm. Obviously, a signature that has significant correspondence to the network threat can be utilized as an IDS rule for detection of the threat.