• The Journal of Korean Association of Computer Education
• /
• v.14 no.4
• /
• pp.53-61
• /
• 2011

Recently, the importance of information security is emphasized in IT related field. The agency related to information security implements the policies to emphasize the security and protection of the privacy. However, the issue in many companies and users is that awareness of security is still poor. Therefore, in this paper, we develope the learning program for AES(advanced encryption standard) block cipher, to raise the awareness of security. Also, wish to cause interest about AES cipher because user confirms process that is encryption/decryption through program of this paper directly and prove awareness about information security.

• Journal of Korea Multimedia Society
• /
• v.23 no.5
• /
• pp.650-657
• /
• 2020

The rapid growth of internet users and faster network speed are driving the new ICT services. ICT Technology has improved our way of thinking and style of life, but it has created security problems such as malware, ransomware, and so on. Therefore, we should research against the increase of malware and the emergence of malicious code. For this, it is necessary to accurately and quickly detect and classify malware family. In this paper, we analyzed and classified visualization technology, which is a preprocessing technology used for deep learning-based malware classification. The first method is to convert each byte into one pixel of the image to produce a grayscale image. The second method is to convert 2bytes of the binary to create a pair of coordinates. The third method is the method using LSH. We proposed improving the technique of using the entire existing malicious code file for visualization, extracting only the areas where important information is expected to exist and then visualizing it. As a result of experimenting in the method we proposed, it shows that selecting and visualizing important information and then classifying it, rather than containing all the information in malicious code, can produce better learning results.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.05a
• /
• pp.264-267
• /
• 2022

Recently, federated learning (FL) has increased prominence as a viable approach for enhancing user privacy and data security by allowing collaborative multi-party model learning without exchanging sensitive data. Despite this, most present FL systems still depend on a centralized aggregator to generate a global model by gathering all submitted models from users, which could expose user privacy and the risk of various threats from malicious users. To solve these issues, we suggested a safe FL framework that employs differential privacy to counter membership inference attacks during the collaborative FL model training process and empowers blockchain to replace the centralized aggregator server.

• KIPS Transactions on Software and Data Engineering
• /
• v.2 no.1
• /
• pp.7-18
• /
• 2013

These days, the teaching and learning system has been increasing for the rapid advancement of the information technologies. We can access education systems of good quality anytime, anywhere and we can use the individually personalized teaching and learning system depending on developing the wireless communication technology and the multimedia processing technology. The more the various systems develop, the more software security systems become important. There are a lot kind of fault analysis methods to evaluate software security systems. However, the only assessment method to evaluate software security system is not enough to analysis properly on account of the various types and characteristic of software systems by progressing information technology. Therefore, this paper proposes an integrative method of Fault Tree Analysis (FTA) and Fault Modes and Effect Analysis(FMEA) to evaluate the security of e-teaching and learning system as an illustration.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.321-330
• /
• 2019

Prevention of corporate confidentiality leakage by insiders in enterprises is an essential task for the survival of enterprises. In order to prevent information leakage by insiders, companies have adopted security solutions, but there is a limit to effectively detect abnormal behavior of insiders with access privileges. In this study, we use the Unsupervised Learning algorithm of the machine learning technique to effectively and efficiently cluster the normal and abnormal access logs of the worker's work screen in the manufacturing information system, which includes the company's product manufacturing history and quality information. We propose an optimal feature selection model for anomaly detection by studying clustering methods.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.12
• /
• pp.4308-4325
• /
• 2021

The importance and necessity of artificial intelligence, particularly machine learning, has recently been emphasized. In fact, artificial intelligence, such as intelligent surveillance cameras and other security systems, is used to solve various problems or provide convenience, providing solutions to problems that humans traditionally had to manually deal with one at a time. Among them, information security is one of the domains where the use of artificial intelligence is especially needed because the frequency of occurrence and processing capacity of dangerous codes exceeds the capabilities of humans. Therefore, this study intends to examine the definition of artificial intelligence and machine learning, its execution method, process, learning algorithm, and cases of utilization in various domains, particularly the cases and contents of artificial intelligence technology used in the field of information security. Based on this, this study proposes a method to apply machine learning technology to the method of classifying and detecting malware that has rapidly increased in recent years. The proposed methodology converts software programs containing malicious codes into images and creates training data suitable for machine learning by preparing data and augmenting the dataset. The model trained using the images created in this manner is expected to be effective in classifying and detecting malware.

• International Journal of Computer Science & Network Security
• /
• v.22 no.5
• /
• pp.193-203
• /
• 2022

After the everyday use of systems and applications of artificial intelligence in our world. Consequently, machine learning technologies have become characterized by exceptional capabilities and unique and distinguished performance in many areas. However, these applications and systems are vulnerable to adversaries who can be a reason to confer the wrong classification by introducing distorted samples. Precisely, it has been perceived that adversarial examples designed throughout the training and test phases can include industrious Ruin the performance of the machine learning. This paper provides a comprehensive review of the recent research on adversarial machine learning. It's also worth noting that the paper only examines recent techniques that were released between 2018 and 2021. The diverse systems models have been investigated and discussed regarding the type of attacks, and some possible security suggestions for these attacks to highlight the risks of adversarial machine learning.

• International Journal of Computer Science & Network Security
• /
• v.23 no.12
• /
• pp.91-100
• /
• 2023

As SDN devices and systems hit the market, security in SDN must be raised on the agenda. SDN has become an interesting area in both academics and industry. SDN promises many benefits which attract many IT managers and Leading IT companies which motivates them to switch to SDN. Over the last three decades, network attacks becoming more sophisticated and complex to detect. The goal is to study how traffic information can be extracted from an SDN controller and open virtual switches (OVS) using SDN mechanisms. The testbed environment is created using the RYU controller and Mininet. The extracted information is further used to detect these attacks efficiently using a machine learning approach. To use the Machine learning approach, a dataset is required. Currently, a public SDN based dataset is not available. In this paper, SDN based dataset is created which include legitimate and non-legitimate traffic. Classification is divided into two categories: binary and multiclass classification. Traffic has been classified with or without dimension reduction techniques like PCA and LDA. Our approach provides 98.58% of accuracy using a random forest algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.51-59
• /
• 2021

The deep learning model can produce false prediction results due to inputs that deviate from training data through variation, which leads to fatal accidents in areas such as autonomous driving and security. To ensure reliability of the model, the model's coping ability for exceptional situations should be verified through various mutations. However, previous studies were carried out on limited scope of models and used several mutation types without separating them. Based on the CIFAR10 data set, widely used dataset for deep learning verification, this study carries out reliability verification for total of six models including various commercialized models and their additional versions. To this end, six types of input mutation algorithms that may occur in real life are applied individually with their various parameters to the dataset to compare the accuracy of the models for each of them to rigorously identify vulnerabilities of the models associated with a particular mutation type.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1722-1737
• /
• 2019

We developed an insider threat detection model to be used by organizations that repeat tasks at regular intervals. The model identifies the best combination of different feature selection algorithms, unsupervised learning algorithms, and standard scores. We derive a model specifically optimized for the organization by evaluating each combination in terms of accuracy, AUC (Area Under the Curve), and TPR (True Positive Rate). In order to validate this model, a four-year log was applied to the system handling sensitive information from public institutions. In the research target system, the user log was analyzed monthly based on the fact that the business process is processed at a cycle of one year, and the roles are determined for each person in charge. In order to classify the behavior of a user as abnormal, the standard scores of each organization were calculated and classified as abnormal when they exceeded certain thresholds. Using this method, we proposed an optimized model for the organization and verified it.