• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.10a
• /
• pp.166-169
• /
• 2018

캐시 부채널 공격 중 하나인 FLUSH+RELOAD 공격은 높은 해상도와 적은 오류로 그 위험성이 높고, 여러가지 프로그램에서도 적용되어 개인정보의 유출에 대한 위험성까지 증명 되었다. 따라서 이 공격을 막기 위해 실시간으로 감지 할 수 있어야 할 필요성이 있다. 본 연구에서는 4가지 실험을 통하여 이 FLUSH+RELOAD 공격을 받을 때 PCM(Performance Counter Monitor)를 사용해 각각의 counter들의 값의 변화를 관찰하여 3가지 중요한 요인에 의해 공격 탐지를 할 수 있다는 것을 발견하였다. 이를 이용하여 머신 러닝의 logistic regression과 ANN(Artificial Neural Network)를 사용해 결과에 대한 각각 학습을 시킨 뒤, 실시간으로 공격에 대한 탐지를 할 수 있는 프로그램을 제작하였다. 일정한 시간동안 공격을 진행하여 모든 공격을 감지하는데 성공하였고, 상대적으로 적은 오탐률을 보여주었다.

• Journal of information and communication convergence engineering
• /
• v.9 no.1
• /
• pp.21-26
• /
• 2011

In this paper, we suggest the object-oriented methodology for the design and implementation scheme for the program development in the application of control and instrumentation such as the detection system of RFID defective tags which needs the embedded programming. We apply the design methodology of UML in the system design phase, and suggest the implementation scheme of LabVIEW programs using LVOOP(LabVIEW Object Oriented Programming)in which make it possible to write the object-oriented programming. We design the class diagram and the sequence diagram using UML, and write the classes of LVOOP from the designed class diagram and the main VI from the sequence diagram, respectively. We show that it is possible to develop the embedded programs such as the RFID application through the implementation example of the detection system of RFID defective tags in this paper. And, we obtain the advantages based on the object-oriented design and implementation using the LVOOP approach such as the development of LabVIEW programs by adding the classes and the concept of object of the object-oriented language to LabVIEW.

• Proceedings of the Korea Contents Association Conference
• /
• 2008.05a
• /
• pp.431-435
• /
• 2008

Thanks to the development of internet, on-line market expands exponentially and corresponding solid business models are drawn attentions. Most of on-line trading items are limited with selling game related items however, Linden Lab made its turning point by introducing cyber reality game to shape the cyber life with creating his own Avatar in 2003. After 2003, Second life has grown sharply that over 12 million users around the world. While former games are progressed within fixed scenario, the concept of avatars who live his or her own lives at the cyber space that successfully differentiate from former online game. Further, cyber money, Linden Dollar can be used to buy real estate, cloth, shoes just like at real economy system. Not only for using corporate marketing, various areas of activities; promotion of public sector, politics, education are also functioned at the cyber life. In Korea, Korean version of Second life was introduced at the end of 2007 that draws attentions from the users. In this study, I examine various business models of cyber through Second life and suggest feasible culture-contents applying models.

• Communications of Mathematical Education
• /
• v.33 no.1
• /
• pp.1-19
• /
• 2019

This study deals with the case of student-centered discrete mathematics class with cyber lab. First, we provided lecture notes and cyber labs we developed. In particular, discrete mathematics is a course that covers the principles of algorithms. The purpose of this study is to provide students with basic mathematics, aiming to actively participate in the learning process, to improve their abilities and to reach the ultimate goal of student success with confidence. Second, based on interactions, students were able to prepare for the lectures, review, question, answer, and discussion through an usual learning management system of the school. Third, all the students generated materials through one semester, which were reported, submitted, presented and evaluated. It was possible to improve the learning effectiveness through the discussions and implementation of using some easy open source programming language and codes. Our discrete math laboratory could be practiced without any special knowledge of coding. These lecture models allow students to develop critical thinking skills while describing and presenting their learning and problem-solving processes. We share our experience and our materials including lecture note and cyber lab as well as a possible model of student-centered mathematics class that does not give too much of work load for instructors. This study shares a model that demonstrates that any professor will be able to have an individualized, customized, and creative discrete education without spending much of extra time and assistant, unlike previous research.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.527-535
• /
• 2023

To develop experts capable of responding to cyber security incidents, numerous institutions have established cyber training facilities to cultivate security professionals equipped with effective defense strategies. However, these challenges such as limited resources, scenario-based content development, and cost constraints. To address these issues, this paper proposes a virtual infrastructure variation generation framework. It provides customized, diverse IT infrastructure environments for each organization, allowing cyber defense trainers to accumulate a wide range of experiences. By leveraging Infrastructure-as-Code (IaC) containers and employing Word2Vec, a natural language processing model, mutable code elements are extracted and trained, enabling the generation of new code and presenting novel container environments.

• The Journal of the Korea Contents Association
• /
• v.5 no.4
• /
• pp.180-187
• /
• 2005

In this paper, we developed an online lecture for digital logic circuit which is a basic course in electric/electronic education. Because of importance of the laboratory experiences in this course and to reflect industrial requests, we have selected most effective experimental examples in each chapter and inserted instructions for basic usags of ORCAD and digial clock design. Moreover, we developed cyber lab to design students' own circuit using Flash animation. Two features of this cyber lab are real-like graphics for devices and breadboards to improve reality and patented new IC chip objects for easy experiments, which help the students understand digital logic easily.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.11a
• /
• pp.208-209
• /
• 2023

IT(Information Technology) 기술이 고도화됨에 따라 금융 분야에서는 스마트 컨트랙트에 기반하여 자산을 거래할 수 있는 DeFi(Decentralized Finance)가 발전하고 있다. 또한, 다양한 IoT(Internet of Things) 기기들로 구성된 융합환경이 상호 연결되며 IoBE(Internet of Blended Environment)가 조성되고 있다. IoBE의 구성요소 중 의료융합환경인 디지털 헬스케어는 스마트 의료 기기를 통해 진료서비스를 제공한다. 최근에는 디지털 헬스케어 내 자산 거래 수단으로 DeFi를 활용하기 위한 연구가 진행되고 있다. 그러나, 디지털 헬스케어 서비스에 DeFi가 활용될 수 있음에 따라 DeFi 내 보안 위협이 전파될 수 있다. 전파된 보안 위협은 DeFi에서의 디지털 화폐 탈취뿐만 아니라, 디지털 헬스케어 내민감 정보 탈취, 서비스 거부 공격 등 복합 위협으로 이어질 수 있다. 따라서, 본 논문에서는 DeFi의 취약점을 분석하고 이를 기반으로 디지털 헬스케어에서 발생 가능한 공격 시나리오를 도출한다.

• Journal of Information Processing Systems
• /
• v.15 no.4
• /
• pp.865-889
• /
• 2019

The need for cyber resilience is increasingly important in our technology-dependent society where computing devices and data have been, and will continue to be, the target of cyber-attackers, particularly advanced persistent threat (APT) and nation-state/sponsored actors. APT and nation-state/sponsored actors tend to be more sophisticated, having access to significantly more resources and time to facilitate their attacks, which in most cases are not financially driven (unlike typical cyber-criminals). For example, such threat actors often utilize a broad range of attack vectors, cyber and/or physical, and constantly evolve their attack tactics. Thus, having up-to-date and detailed information of APT's tactics, techniques, and procedures (TTPs) facilitates the design of effective defense strategies as the focus of this paper. Specifically, we posit the importance of taxonomies in categorizing cyber-attacks. Note, however, that existing information about APT attack campaigns is fragmented across practitioner, government (including intelligence/classified), and academic publications, and existing taxonomies generally have a narrow scope (e.g., to a limited number of APT campaigns). Therefore, in this paper, we leverage the Cyber Kill Chain (CKC) model to "decompose" any complex attack and identify the relevant characteristics of such attacks. We then comprehensively analyze more than 40 APT campaigns disclosed before 2018 to build our taxonomy. Such taxonomy can facilitate incident response and cyber threat hunting by aiding in understanding of the potential attacks to organizations as well as which attacks may surface. In addition, the taxonomy can allow national security and intelligence agencies and businesses to share their analysis of ongoing, sensitive APT campaigns without the need to disclose detailed information about the campaigns. It can also notify future security policies and mitigation strategy formulation.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.10a
• /
• pp.456-458
• /
• 2019

정보보안을 달성하기 위해서 컴퓨터가 보급된 이래로 많은 노력이 이루어졌다. 그중 메모리 보호 기법에 대한 연구가 가장 많이 이루어졌지만, 컴퓨터의 성능 향상으로 이전의 메모리 보호 기법들의 문제들이 발견되고, 부채널 공격의 등장으로 새로운 방어책이 필요 되었다. 본 논문에서는 프로그램에 정적 바이너리 재작성(Static Binary Rewriting) 기법을 통해 페이지(Page)마다 4~8byte 의 난수를 삽입하여 메모리 공유 기반 부채널 공격을 방어할 수 있는 2 가지 방법을 제시한다. 최근 아키텍처는 분기 예측(Branch Prediction)을 통해 jmp 명령어에 대한 분기처리가 매우 빠르고 정확하게 처리되기 때문에 난수를 삽입할 때 사용하는 jmp+rand 방식은 오버헤드가 매우 낮다. 또한 특정 프로그램에만 난수 삽입이 가능하므로 특히 클라우드 환경에서 중복제거 기능과 함께 사용하면 높은 효율성을 보일 수 있다고 예상한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.7
• /
• pp.2459-2472
• /
• 2022

With the increase in copyright content exports to overseas markets due to the recent globalization of the Korean culture, the added value of the Korean digital content market is increasing at a significant rate. As such, as the size of the copyright market increases, different piracy sites have emerged that generate profits by illegally distributing works without the permission of the copyright holders, resulting in direct and indirect damage to these copyright holders. The existing copyright detection methods used in public institutions for solving this problem are limited, while the piracy sites are ever-changing. Methods are being continuously developed to achieve better detection results. To this end, it is possible to detect the latest infringement site domain by detecting the infringement site domain that is constantly changed through the search engine. This paper proposes an improved piracy site detection method using a search engine to prevent the damage caused by piracy sites.