• International Journal of Computer Science & Network Security
• /
• 제21권8호
• /
• pp.1-12
• /
• 2021

An operation of an organization is currently using a digital environment which opens to potential cyber-attacks. These phenomena become worst as the cyberattack landscape is changing rapidly. The impact of cyber-attacks varies depending on the scope of the organization and the value of assets that need to be protected. It is difficult to assess the damage to an organization from cyberattacks due to a lack of understanding of tools, metrics, and knowledge on the type of attacks and their impacts. Hence, this paper aims to identify domains and sub-domains of cyber-attack taxonomy to facilitate the understanding of cyber-attacks. Four phases are carried in this research: identify existing cyber-attack taxonomy, determine and classify domains and sub-domains of cyber-attack, and construct the enhanced cyber-attack taxonomy. The existing cyber-attack taxonomies are analyzed, domains and sub-domains are selected based on the focus and objectives of the research, and the proposed taxonomy named AVOIDITALS Cyber-attack Taxonomy is constructed. AVOIDITALS consists of 8 domains, 105 sub-domains, 142 sub-sub-domains, and 90 other sub-sub-domains that act as a guideline to assist administrators in determining cyber-attacks through cyber-attacks pattern identification that commonly occurred on digital infrastructure and provide the best prevention method to minimize impact. This research can be further developed in line with the emergence of new types and categories of current cyberattacks and the future.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제31권6호
• /
• pp.1171-1179
• /
• 2021

Image forensic is performed to check image limpidness. In this paper, a robust scheme is discussed to detect median filtering in low quality images. Detection of median filtering assists in overall image forensic. Improved spatial statistical features are extracted from the image to classify pristine and median filtered images. Image array data is rescaled to enhance the spatial statistical information. Features are extracted using Markov model on enhanced spatial statistics. Multiple difference arrays are considered in different directions for robust feature set. Further, texture operator features are combined to increase the detection accuracy and SVM binary classifier is applied to train the classification model. Experimental results are promising for images of low quality JPEG compression.

• International Journal of Computer Science & Network Security
• /
• 제23권11호
• /
• pp.21-31
• /
• 2023

In this paper, we focused on the problem of evaluating multi-class classification accuracy and simulation of multiple classifier performance metrics. Multi-class classifiers for sentiment analysis involved many challenges, whereas previous research narrowed to the binary classification model since it provides higher accuracy when dealing with text data. Thus, we take inspiration from the non-linear Support Vector Machine to modify the algorithm by embedding dynamic hyperplanes representing multiple class labels. Then we analyzed the performance of multi-class classifiers using macro-accuracy, micro-accuracy and several other metrics to justify the significance of our algorithm enhancement. Furthermore, we hybridized Enhanced Convolution Neural Network (ECNN) with Dynamic Support Vector Machine (DSVM) to demonstrate the effectiveness and efficiency of the classifier towards multi-class text data. We performed experiments on three hybrid classifiers, which are ECNN with Binary SVM (ECNN-BSVM), and ECNN with linear Multi-Class SVM (ECNN-MCSVM) and our proposed algorithm (ECNNDSVM). Comparative experiments of hybrid algorithms yielded 85.12 % for single metric accuracy; 86.95 % for multiple metrics on average. As for our modified algorithm of the ECNN-DSVM classifier, we reached 98.29 % micro-accuracy results with an f-score value of 98 % at most. For the future direction of this research, we are aiming for hyperplane optimization analysis.

• International Journal of Computer Science & Network Security
• /
• 제24권1호
• /
• pp.119-126
• /
• 2024

Disease caused by the coronavirus (COVID-19) is sweeping the globe. There are numerous methods for identifying this disease using a chest imaging. Computerized Tomography (CT) chest scans are used in this study to detect COVID-19 disease using a pretrain Convolutional Neural Network (CNN) ResNet50. This model is based on image dataset taken from two hospitals and used to identify Covid-19 illnesses. The pre-train CNN (ResNet50) architecture was used for feature extraction, and then fully connected layers were used for classification, yielding 97%, 96%, 96%, 96% for accuracy, precision, recall, and F1-score, respectively. When combining the feature extraction techniques with the Back Propagation Neural Network (BPNN), it produced accuracy, precision, recall, and F1-scores of 92.5%, 83%, 92%, and 87.3%. In our suggested approach, we use a preprocessing phase to improve accuracy. The image was enhanced using the Contrast Limited Adaptive Histogram Equalization (CLAHE) algorithm, which was followed by cropping the image before feature extraction with ResNet50. Finally, a fully connected layer was added for classification, with results of 99.1%, 98.7%, 99%, 98.8% in terms of accuracy, precision, recall, and F1-score.

• The Journal of Korean Association of Computer Education
• /
• 제20권6호
• /
• pp.95-104
• /
• 2017

The damage caused by information spill, forgery, falsification, and deletion by cyber infringement in educational institutions and universities is very large. In this study, we analyzed the types, causes, and problems of cyber infringement in educational administrative institutions and universities. As a result, administrative, physical and technical information protection activities were weak. In this paper, we propose a security enhancement method for each domain by dividing them into Internet zone, network-neutral zone (DMZ: Demilitarized Zone), general server zone, internal server zone (Server Farm), and user zone so that these vulnerabilities can be easily identified, supplemented or security enhanced. In addition, we have proposed a method to apply security information system architecture and information protection technology correctly for educational administration institutions and universities. This study is meaningful not to provide conceptual guidance but to suggest specific action and procedure oriented security management plan.

• The Journal of the Korea Contents Association
• /
• 제16권2호
• /
• pp.243-250
• /
• 2016

Recently, with the rise of the mobile device, from mobile devices the user who owns the security, speed up the implementation of the guarantee management environment as businesses and individual equipment for the effcient management of the existing system, but the introduction of the MDM MDM App management features administrators to register the App until you can't prvent the security threat. Therefore, this paper addresses these issues in order to improve the security of your application for the control system. The proposed system is a function of the MDM authentication technology to design analysis, and system architecture to help prevent information disclosure within the design and implementation of Mobile-based application control system. Implementation of the control system to assess the security of the international common criteria security evaluation complete the test scenarios on the basis of the test items. An average of 40% of the test results to verify the results of this enhanced security.

• Journal of the Korea Convergence Society
• /
• 제8권11호
• /
• pp.63-69
• /
• 2017

The middleware in the IoT system is software that acts as a messenger to connect and exchange data between humans and objects, objects and objects. IoT middleware exists in various forms in all areas, including hardware, protocol, and communication of different kinds, which are different in form and purpose. However, IoT middleware exists in various forms across different areas, including hardware, protocol, and communication of different types and purposes. Therefore, even if the system is designed differently for each role, it is necessary to strengthen the security in common. In this paper, we analyze the structure of IoT middleware using Service Oriented Architecture(SOA) approach and design system security requirements based on it. It was defined: Target Of Evaluation(TOE) existing system development method and the object is evaluated by Common Criteria(CC) for verification based otherwise. The proposed middleware system will be correlated with the security problem definition and the security purpose, which will be the basis for implementing the security enhanced IoT system.

• The Journal of Society for e-Business Studies
• /
• 제27권2호
• /
• pp.137-152
• /
• 2022

Consumers' enhanced intention to adopt the Mydata service or their voluntary provision of personal information is a very essential element in the stable growth of the Mydata industry along with the creation of corporate values. The growing leakage of customer information according to the rising value of data can have negative impacts on the use of Mydata service and shrink quality custom service needs based on the personal information provided by financial consumers. This study set out to identify security risks that financial consumers could recognize and security factors that could supplement them and investigate the effects of these security factors on consumers' intention to adopt the Mydata service, thus providing useful implications for increasing the acceptance of financial consumers and finding a strategy to expand safe utilization. The findings raise a need to guarantee the stability and transparency of information provided by customers as information subjects, and they should be essential requirements for the Mydata service. The security factors applied to guarantee them should include convenience in terms of financial service.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제34권5호
• /
• pp.1073-1088
• /
• 2024

This study proposes a novel model to address the security, usability, and scalability challenges of cryptocurrency wallets. The model is implemented as a web application that combines FIDO2 (Fast Identity Online v2) with Account Abstraction (AA), offering enhanced security by storing private keys within the Trusted Execution Environment (TEE) of users' mobile devices. By utilizing two types of private keys, the model supports three account types, allowing users to flexibly select security levels and functionalities according to their needs. The research findings show that the proposed model provides strong security against various attack scenarios while also improving usability and scalability. By integrating hardware wallet-level security with the convenience of software wallets, this new paradigm for cryptocurrency wallets is expected to contribute to the widespread adoption of blockchain technology

• Korean Security Journal
• /
• 제25호
• /
• pp.63-87
• /
• 2010

Our society nowadays sees the increase in damage from crime on lives and properties by leaps and bounds in line with the economic take-off, and as a result, the raise of individual income. When considering such a hike in crime, it is desirable that the police framework be enhanced. However, thanks to the failure to correspond to this, it could be safely said that a good portion of accountability was shifted to the private security industry in regard to security for the people. Accordingly, the request for escort security business is on the increase regarding expansion and improvement about this industrial sector. As such, it is necessary to get the related system rearranged for authority on the part of escort guards, who are directly exposed to numerous crimes. On top of this, dispersion is required for the escort security businesses centralized in the metropolitan area. It is also necessary for the security guard system to be strengthened and disintegrated into details so that the escort security services are available to people in more safe and easily manners than ever before. When the qualification regime is operated based on this refreshed system, the efficient escort security work would be realized. The dichotomy into act on Special Security Guard and act on Security Business should be dealt with once again for integration as an issue on the front burner in the academic area, and through which the escort security market could be fit for the globalization as well. This paper would provide the solution that leads to more professional and efficient results from comprehension of progress situations in reality by starting from the concept on private security to the analysis of the conditions in this industrial sector.