• Proceedings of the Korea Society for Simulation Conference
• /
• 2005.11a
• /
• pp.171-179
• /
• 2005

Computer virus modeling and simulation research has been conducted with focus on the network vulnerability analysis. However, computer virus generally shows the biological virus characters such as proliferation, reproduction and evolution. Therefore it is necessary to research the computer virus modeling and simulation using Artificial Life. The approach of computer modeling and simulation using the Artificial Life technology Provides the efficient analysis method for the effects on the network by computer virus and the behavioral mechanism of the computer virus. Hence this paper proposes the methodology of computer virus modeling and simulation using Artificial Life, which may be contribute the research on the computer virus vaccine.

• Journal of the Korea Society for Simulation
• /
• v.15 no.4
• /
• pp.1-10
• /
• 2006

Computer virus modeling and simulation research has conducted with focus on the network vulnerability analysis. But computer virus shows the biological virus characters such as proliferation, reproduction and evolution. Therefore it is necessary to research the computer virus modeling and simulation using the Artificial life technique. The approach of computer modeling and simulation using Artificial life provides the analysis method about the effects on the network by computer virus and the behavior mechanism of computer virus. Hence this paper proposes the methodology of computer virus modeling and simulation using Artificial life, which is effected to contribute the research on the computer virus vaccine.

• The Journal of Information Systems
• /
• v.15 no.1
• /
• pp.145-168
• /
• 2006

Current computer viruses are one of the most serious problems in information age due to their potential demage and impact on use of information systems. To make the problem worse, virus development technology has been advanced rapidly, and use of network systems has expanded widely. Therefore computer viruses are much more complex and use of anti-virus software(AV S/W) is not enough to prrevent virus incidents. It implies that computer viruses as well as other information security matters are not solely a technical problem but also a managerial one. This study emphasized on computer virus controls from managerial perspective of information security and investigated factors influencing the effectiveness of computer virus controls. Organization's comprehensive security policies provide guidelines on how organization or individual can protect themselves from computer viruses. Especially, user's education has positive impact on user's security related characteristics. Based on the analysis of research model using structural equation modeling technique, security policies were influencing security controls and improving user's computer viruses related awareness. Also security controls had positive impact on security effectiveness. However, no significant relationship was found between user's security related characteristics and security effectiveness.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.1
• /
• pp.29-38
• /
• 2004

It was fast and easily used limitless information as a development of information technology, but it was increased side effects. There are hacking or cracking, personal information leakage in these side effects. A computer virus is stated in a serious problem recently. The best solution about a computer virus is an anti-virus. An anti-virus downloads and is updated virus signature in server after it was installed in a client computer. Products interworking with server are released recently. However, if signature isn't aptly updated, anti-virus program doesn't normally operate these anti-virus systems, and remote management is impossible. Therefore, in this paper, an active server-based anti-virus system which is installed in server and was able to be managed remotely was designed and implemented in order to solve these problems.

• 제어로봇시스템학회:학술대회논문집
• /
• 2001.10a
• /
• pp.115.1-115
• /
• 2001

According as many people use a computer newly, damage of computer virus and hacking is rapidly increasing by the crucial users. A computer virus is one of program on computer and has abilities of self reproduction and destruction like a virus of biology. And hacking is to rob a person´s data in a intruded computer and to delete data in a person´s computer from the outside. To block hacking that is intrusion of a person´s computer and the computer virus that destroys data, a study for intrusion-detection of system and virus detection using a biological immune system is in progress. In this paper, we make a mood of positive selection and negative selection of self-recognition process that is ability of ...

• The Journal of Information Systems
• /
• v.14 no.1
• /
• pp.19-40
• /
• 2005

The history of computer virus comes along with that of computer. Computer virus han surfaced as a serious problem in information age. The advent of open network and widespread use of Internet made the problem even more urgent. As a method of defense for computer virus most companies use anti-virus software. Selecting appropriate anti-virus software involves various criteria and thus it is a multiple-attribute decision making problem. The purpose of this study is to prioritize anti-virus software evaluation factors. To do that, first of all, important evaluation factors are selected based on previous research on anti-virus software as well as general software evaluation models. Then, a questionnaire survey was conducted on end-users, system administrators and anti-virus software developers. The survey result was analyzed with ExpertChoice 2000 which is based on Analytic hierarchy Process technique. This study found that there are clear differences among three survey groups regarding the relative importance of overall evaluation factors. End-user group ranked "cost" first, but it was the least important factor to developer group. Developers pointed out "operational support" ad the most important factor. There were also obvious differences in the relative importance of detail evaluation items. Both end-users and system administrators shared 7 common items among top 10 most important items. Moreover, neither of the two groups ranked any of the items in the "operational support" factor in top 10, whereas all 4 items in the factor were included in top 10 by developer group.

• Journal of Information Processing Systems
• /
• v.7 no.1
• /
• pp.173-186
• /
• 2011

Due to the disadvantages of signature-based computer virus detection techniques, behavior-based detection methods have developed rapidly in recent years. However, current popular behavior-based detection methods only take API call sequences as program behavior features and the difference between API calls in the detection is not taken into consideration. This paper divides virus behaviors into separate function modules by introducing DLLs into detection. APIs in different modules have different importance. DLLs and APIs are both considered program calling resources. Based on the calling relationships between DLLs and APIs, program calling resources can be pictured as a tree named program behavior resource tree. Important block structures are selected from the tree as program behavior features. Finally, a virus detection model based on behavior the resource tree is proposed and verified by experiment which provides a helpful reference to virus detection.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.11 no.9
• /
• pp.801-806
• /
• 2001

According as many people use a computer newly, damage of computer virus and hacking is rapidly increasing by the crucial users A computer virus is one of program in computer and has abilities of self reproduction ad destruction like a virus of biology. And hacking is to rob a person's data in a intruded computer and to delete data in a person s computer from the outside. To block hacking that is intrusion of a person s computer and the computer virus that destroys data, a study for intrusion-detection of system and virus detection using a biological immune system is in progress. In this paper, we make a model of positive selection and negative selection of self-recognition process that is ability of T-cytotoxic cell that plays an important part in biological immune system. So we embody a self-nonself distinction algorithm in computer, which is an important part when we detect an infected data by computer virus and a modified data by intrusion from the outside. The composed self-recognition process distinguishes self-file from the changed files. To prove the efficacy of self-recognition algorithm, we use simulation by a cell change and a string change of self file.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.07a
• /
• pp.99-103
• /
• 2003

Introduction SWING and progress of research activities. Then I will explain about Anti-Virus research concretely. It will deal with Computer Virus infection route, Computer Virus diagnostic methods, exsisting Anti-Virus Engine operation principle, performming research activities and future research course.

• Proceedings of the Korean Institute of Intelligent Systems Conference
• /
• 2001.12a
• /
• pp.185-188
• /
• 2001

According as many people use a computer newly, damage of computer virus and hacking is rapidly increasing by the crucial users. To block hacking that is intrusion of a person's computer and the computer virus that destroys data, a study for intrusion-detection of system and virus detection using a biological immune system is in progress. In this paper, we make a model of positive selection and negative selection of self-recognition process that is ability of T-cytotoxic cell that plays an important part in biological immune system. So we embody a self-nonself distinction algorithm in computer. To prove the efficacy of self-recognition algorithm, we use simulations by a cell change and a string change of self file.