• Title/Summary/Keyword: Malicious Code Detection

Search Result 165, Processing Time 0.021 seconds

Countermeasure for Prevention and Detection against Attacks to SMB Information System - A Survey (중소기업 정보시스템의 공격예방 및 탐지를 위한 대응 : 서베이)

  • Mun, Hyung-Jin;Hwang, Yooncheol;Kim, Ho-Yeob
    • Journal of Convergence Society for SMB
    • /
    • v.5 no.2
    • /
    • pp.1-6
    • /
    • 2015
  • Small and medium-sized companies lack countermeasures to secure the safety of a information system. In this circumstance, they have difficulties regarding the damage to their images and legal losses, when the information is leaked. This paper examines the information leakage of the system and hacking methods including APT attacks. Especially, APT attack, Advanced Persistent Threats, means that a hacker sneaks into a target and has a latency period of time and skims all the information related to the target, and acts in the backstage and neutralize the security services without leaving traces. Because he attacks the target covering up his traces not to reveal them, the victim remains unnoticed, which increases the damage. This study examines attack methods and the process of them and seeks a countermeasure.

  • PDF

A Study on Security Technology using Mobile Virtualization TYPE-I (모바일 가상화 TYPE-I을 이용한 보안 기술 연구)

  • Kang, Yong-Ho;Jang, Chang-Bok;Kim, Joo-Man
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.15 no.6
    • /
    • pp.1-9
    • /
    • 2015
  • Recently, with smart device proliferation and providing the various services using this, they have interested in mobile and Smart TV security. Smartphone users are enjoying various service, such as cloud, game, banking. But today's mobile security solutions and Study of Smart TV Security simply stays at the level of malicious code detection, mobile device management, security system itself. Accordingly, there is a need for technology for preventing hacking and leakage of sensitive information, such as certificates, legal documents, individual credit card number. To solve this problem, a variety of security technologies(mobile virtualization, ARM TrustZone, GlobalPlatform, MDM) in mobile devices have been studied. In this paper, we propose an efficient method to implement security technology based on TYPE-I virtualization using ARM TrustZone technology.

Using Image Visualization Based Malware Detection Techniques for Customer Churn Prediction in Online Games (악성코드의 이미지 시각화 탐지 기법을 적용한 온라인 게임상에서의 이탈 유저 탐지 모델)

  • Yim, Ha-bin;Kim, Huy-kang;Kim, Seung-joo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.6
    • /
    • pp.1431-1439
    • /
    • 2017
  • In the security field, log analysis is important to detect malware or abnormal behavior. Recently, image visualization techniques for malware dectection becomes to a major part of security. These techniques can also be used in online games. Users can leave a game when they felt bad experience from game bot, automatic hunting programs, malicious code, etc. This churning can damage online game's profit and longevity of service if game operators cannot detect this kind of events in time. In this paper, we propose a new technique of PNG image conversion based churn prediction to improve the efficiency of data analysis for the first. By using this log compression technique, we can reduce the size of log files by 52,849 times smaller and increase the analysis speed without features analysis. Second, we apply data mining technique to predict user's churn with a real dataset from Blade & Soul developed by NCSoft. As a result, we can identify potential churners with a high accuracy of 97%.

Real-time security Monitroing assessment model for cybersecurity vulnera bilities in network separation situations (망분리 네트워크 상황에서 사이버보안 취약점 실시간 보안관제 평가모델)

  • Lee, DongHwi;Kim, Hong-Ki
    • Convergence Security Journal
    • /
    • v.21 no.1
    • /
    • pp.45-53
    • /
    • 2021
  • When the security monitoring system is performed in a separation network, there is little normal anomaly detection in internal networks or high-risk sections. Therefore, after the establishment of the security network, a model is needed to evaluate state-of-the-art cyber threat anomalies for internal network in separation network to complete the optimized security structure. In this study, We evaluate it by generating datasets of cyber vulnerabilities and malicious code arising from general and separation networks, It prepare for the latest cyber vulnerabilities in internal network cyber attacks to analyze threats, and established a cyber security test evaluation system that fits the characteristics. The study designed an evaluation model that can be applied to actual separation network institutions, and constructed a test data set for each situation and applied a real-time security assessment model.

A Software Vulnerability Analysis System using Learning for Source Code Weakness History (소스코드의 취약점 이력 학습을 이용한 소프트웨어 보안 취약점 분석 시스템)

  • Lee, Kwang-Hyoung;Park, Jae-Pyo
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.18 no.11
    • /
    • pp.46-52
    • /
    • 2017
  • Along with the expansion of areas in which ICT and Internet of Things (IoT) devices are utilized, open source software has recently expanded its scope of applications to include computers, smart phones, and IoT devices. Hence, as the scope of open source software applications has varied, there have been increasing malicious attempts to attack the weaknesses of open source software. In order to address this issue, various secure coding programs have been developed. Nevertheless, numerous vulnerabilities are still left unhandled. This paper provides some methods to handle newly raised weaknesses based on the analysis of histories and patterns of previous open source vulnerabilities. Through this study, we have designed a weaknesses analysis system that utilizes weakness histories and pattern learning, and we tested the performance of the system by implementing a prototype model. For five vulnerability categories, the average vulnerability detection time was shortened by about 1.61 sec, and the average detection accuracy was improved by 44%. This paper can provide help for researchers studying the areas of weaknesses analysis and for developers utilizing secure coding for weaknesses analysis.