• Journal of Information Processing Systems
• /
• 제7권1호
• /
• pp.173-186
• /
• 2011

Due to the disadvantages of signature-based computer virus detection techniques, behavior-based detection methods have developed rapidly in recent years. However, current popular behavior-based detection methods only take API call sequences as program behavior features and the difference between API calls in the detection is not taken into consideration. This paper divides virus behaviors into separate function modules by introducing DLLs into detection. APIs in different modules have different importance. DLLs and APIs are both considered program calling resources. Based on the calling relationships between DLLs and APIs, program calling resources can be pictured as a tree named program behavior resource tree. Important block structures are selected from the tree as program behavior features. Finally, a virus detection model based on behavior the resource tree is proposed and verified by experiment which provides a helpful reference to virus detection.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권12호
• /
• pp.5819-5840
• /
• 2018

Considering the topology of hierarchical tree structure, each cluster in WSNs is faced with various attacks launched by malicious nodes, which include network eavesdropping, channel interference and data tampering. The existing intrusion detection algorithm does not take into consideration the resource constraints of cluster heads and sensor nodes. Due to application requirements, sensor nodes in WSNs are deployed with approximately uncorrelated security weights. In our study, a novel and versatile intrusion detection system (IDS) for the optimal defense strategy is primarily introduced. Given the flexibility that wireless communication provides, it is unreasonable to expect malicious nodes will demonstrate a fixed behavior over time. Instead, malicious nodes can dynamically update the attack strategy in response to the IDS in each game stage. Thus, a multi-stage intrusion detection game (MIDG) based on Bayesian rules is proposed. In order to formulate the solution of MIDG, an in-depth analysis on the Bayesian equilibrium is performed iteratively. Depending on the MIDG theoretical analysis, the optimal behaviors of rational attackers and defenders are derived and calculated accurately. The numerical experimental results validate the effectiveness and robustness of the proposed scheme.

• 한국응용곤충학회지
• /
• 제56권2호
• /
• pp.187-193
• /
• 2017

솔수염하늘소는 소나무에 시들음 증상을 유발하여 괴사시키는 소나무재선충을 매개하는 대표적 매개충이다. 소나무재선충병 고사목 방제살충처리 방법으로 훈증방법을 대체할 수 있는 그물망을 이용한 방제법이 도입되고 있다. 본 연구는 솔수염하늘소의 쏠기와 탈출 행동을 유발시키는 조건을 구명하기 위하여 구속 공간 및 온도를 달리 처리하고 탈출여부를 조사하였다. 솔수염하늘소는 직경 30 mm 이하의 공간에 구속되었을 때 장애물을 뚫고 탈출이 가능하였다. 온도 $15^{\circ}C$에서는 탈출에 성공하지 못하였으며, $20{\sim}30^{\circ}C$ 범위에서 탈출 성공률이 높았다. 먹이를 이용한 솔수염하늘소의 유인은 탈출 성공률에 영향을 미치지 않았다. 좁은 공간에 구속되지 않는 경우는 갉는 부위가 집중되지 않아 탈출공을 형성하지 못하였다. 구속된 공간에서 솔수염하늘소는 가운데와 뒷다리 부절을 이용해 좁은 공간에서 몸을 이동시키며 큰턱으로 정면에 있는 장애물을 집중적으로 갉아서 탈출공을 만들고 앞다리를 뻗어 몸을 지탱하면서 빠져나오는 행동을 보였다. 본 연구의 결과는 훈증 대체기술로 제시되고 있는 구속 그물망의 성능을 평가하는데 중요한 기초자료로 활용될 수 있을 것이다.