• Convergence Security Journal
• /
• v.22 no.3
• /
• pp.25-32
• /
• 2022

Recently, the image processing industry has been activated as deep learning-based technology is introduced in the image recognition and detection field. With the development of deep learning technology, learning model vulnerabilities for adversarial attacks continue to be reported. However, studies on countermeasures against poisoning attacks that inject malicious data during learning are insufficient. The conventional countermeasure against poisoning attacks has a limitation in that it is necessary to perform a separate detection and removal operation by examining the training data each time. Therefore, in this paper, we propose a technique for reducing the attack success rate by applying modifications to the training data and inference data without a separate detection and removal process for the poison data. The One-shot kill poison attack, a clean label poison attack proposed in previous studies, was used as an attack model. The attack performance was confirmed by dividing it into a general attacker and an intelligent attacker according to the attacker's attack strategy. According to the experimental results, when the proposed defense mechanism is applied, the attack success rate can be reduced by up to 65% compared to the conventional method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.549-559
• /
• 2023

As mobile edge computing (MEC) is gaining attention as a core technology of 5G networks, edge AI technology of 5G network environment based on mobile user data is recently being used in various fields. However, as in traditional AI security, there is a possibility of adversarial interference of standard 5G network functions within the core network responsible for edge AI core functions. In addition, research on data poisoning attacks that can occur in the MEC environment of standalone mode defined in 5G standards by 3GPP is currently insufficient compared to existing LTE networks. In this study, we explore the threat model for the MEC environment using NWDAF, a network function that is responsible for the core function of edge AI in 5G, and propose a feature selection method to improve the performance of detecting data poisoning attacks for Leaf NWDAF as some proof of concept. Through the proposed methodology, we achieved a maximum detection rate of 94.9% for Slowloris attack-based data poisoning attacks in NWDAF.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.9
• /
• pp.3243-3257
• /
• 2021

Deep neural networks provide excellent performance in pattern recognition, audio classification, and image recognition. It is important that they accurately recognize input data, particularly when they are used in autonomous vehicles or for medical services. In this study, we propose a data correction method for increasing the accuracy of an unknown classifier by modifying the input data without changing the classifier. This method modifies the input data slightly so that the unknown classifier will correctly recognize the input data. It is an ensemble method that has the characteristic of transferability to an unknown classifier by generating corrected data that are correctly recognized by several classifiers that are known in advance. We tested our method using MNIST and CIFAR-10 as experimental data. The experimental results exhibit that the accuracy of the unknown classifier is a 100% correct recognition rate owing to the data correction generated by the proposed method, which minimizes data distortion to maintain the data's recognizability by humans.

• International Journal of Computer Science & Network Security
• /
• v.22 no.5
• /
• pp.193-203
• /
• 2022

After the everyday use of systems and applications of artificial intelligence in our world. Consequently, machine learning technologies have become characterized by exceptional capabilities and unique and distinguished performance in many areas. However, these applications and systems are vulnerable to adversaries who can be a reason to confer the wrong classification by introducing distorted samples. Precisely, it has been perceived that adversarial examples designed throughout the training and test phases can include industrious Ruin the performance of the machine learning. This paper provides a comprehensive review of the recent research on adversarial machine learning. It's also worth noting that the paper only examines recent techniques that were released between 2018 and 2021. The diverse systems models have been investigated and discussed regarding the type of attacks, and some possible security suggestions for these attacks to highlight the risks of adversarial machine learning.

• Journal of The Korean Society of Clinical Toxicology
• /
• v.2 no.2
• /
• pp.83-89
• /
• 2004

Acute poisoning is one of the diseases which need the most fastest emergency measures at the very beginning. However, at present, The Korea doesn't manage the toxication all over the country, and in particular, there is no guide to medical cure paying due regard to the traits of each area. This paper focused on the issue that the necessary data in preparing the facilities for the treatment of the poisoned patients and materials for medical treatment including antidote would have to be collected, after finding the special features of the symptoms by searching the present conditions of the poisoning in small towns next to farm villages in the North area of Youngseo, Kangwon province. This study was based on the questionnaires from 111 patients who were carried into the emergency room by the poisoning in two university hospitals of the North area of Youngseo, Kangwon, for one year, 2002. Upon investigation, the patients(111) visiting emergency room by the acute poisoning during the research period was found to be 0.37 percent of all patients(30,085) visiting emergency room. Among them, the most high percentage was given in their twenties and thirties at the rate of $39.6\%$, and the ratio($40.5\%$) of the poisoned patients after their fifties was much higher than a research($10\%$) of other areas. Many poisoned patients came to their rescue in an emergency room generally in spring and in winter, from 7 a.m. to 3 p.m. Agricultural chemical of the toxic materials had a majority at a ratio of $57.7\%$, and paraquat of the agricultural chemicals was found to have a lot of toxicity by $31.7\%$. As the trace of the toxication, the oral poisoning was common by $89.2\%$, and $55.9\%$ in the case of operating gastric lavage and nasogastric irrigation, but only $14.4\%$ for prescribing antidote. The mortality of the acute poisoned patients was $17.2\%$, and the toxication by paraquat held a majority. As a result, the acute poisoning of the North area in Youngseo, Kangwon had both of the characteristics of the rural and the city, and the patients over their fifties by the population aging had more attack of the disease than other regions. Also, with the high ratio of the toxication by the agricultural chemicals, especially, the lethal agricultural chemical was used frequently. Therefore, these dangerous situations need to find the ways to cope with.