• The Journal of the Korea Contents Association
• /
• v.21 no.2
• /
• pp.121-129
• /
• 2021

In this study, we try to minimize the tariff risk by constructing a hazardous cargo screening model by applying Association Rule Mining, one of the data mining techniques. For this, the risk level between supply chains is calculated using the Apriori Algorithm, which is an association analysis algorithm, using the big data of the import declaration form of the Korea Customs Service(KCS). We perform data preprocessing and association rule mining to generate a model to be used in screening the supply chain. In the preprocessing process, we extract the attributes required for rule generation from the import declaration data after the error removing process. Then, we generate the rules by using the extracted attributes as inputs to the Apriori algorithm. The generated association rule model is loaded in the KCS screening system. When the import declaration which should be checked is received, the screening system refers to the model and returns the confidence value based on the supply chain information on the import declaration data. The result will be used to determine whether to check the import case. The 5-fold cross-validation of 16.6% precision and 33.8% recall showed that import declaration data for 2 years and 6 months were divided into learning data and test data. This is a result that is about 3.4 times higher in precision and 1.5 times higher in recall than frequency-based methods. This confirms that the proposed method is an effective way to reduce tariff risks.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.1
• /
• pp.85-94
• /
• 2014

This paper studied the detection technique using file DNA-based behavior pattern analysis in order to minimize damage to user system by malicious programs before signature or security patch is released. The file DNA-based detection technique was applied to defend against zero day attack and to minimize false detection, by remedying weaknesses of the conventional network-based packet detection technique and process-based detection technique. For the file DNA-based detection technique, abnormal behaviors of malware were splitted into network-related behaviors and process-related behaviors. This technique was employed to check and block crucial behaviors of process and network behaviors operating in user system, according to the fixed conditions, to analyze the similarity of behavior patterns of malware, based on the file DNA which process behaviors and network behaviors are mixed, and to deal with it rapidly through hazard warning and cut-off.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.6
• /
• pp.387-396
• /
• 2014

Recently, there have been continuous efforts and progresses regarding the research on diverse network control and management platforms for SDN (Software Defined Networking). SDN is defined as a new technology to enable service providers/network operators easily to control and manage their networks by writing a simple application program. In SDN, incomplete or malicious programmable entities could cause break-down of underlying networks shared by heterogeneous devices and stake-holders. In this sense, any misunderstanding or diverse interpretations should be completely avoided. This paper proposes a new framework for SDN application verification and a prototype based on the formal method, especially with process algebra called pACSR which is an extended version of Algebra of Communicating Shared Resources (ACSR).

• Journal of Korea Multimedia Society
• /
• v.24 no.6
• /
• pp.768-788
• /
• 2021

The reversible data hiding technique safely transmits secret data to the recipient from malicious attacks by third parties. In addition, this technique can completely restore the image used as a transmission medium for secret data. The reversible data hiding schemes have been proposed in various forms, and recently, the reversible data hiding schemes based on interpolation are actively researching. The reversible data hiding scheme based on the interpolation method expands the original image into the cover image and embed secret data. However, the existing interpolation-based reversible data hiding schemes did not embed secret data during the interpolation process. To improve this problem, this paper proposes embedding the first secret data during the image interpolation process and embedding the second secret data into the interpolated cover image. In the embedding process, the original image is divided into blocks without duplicates, and the maximum and minimum values are determined within each block. Three way searching based on the maximum value and two way searching based on the minimum value are performed. And, image interpolation is performed while embedding the first secret data using the PVD scheme. A stego image is created by embedding the second secret data using the maximum difference value and log function in the interpolated cover image. As a result, the proposed scheme embeds secret data twice. In particular, it is possible to embed secret data even during the interpolation process of an image that did not previously embed secret data. Experimental results show that the proposed scheme can transmit more secret data to the receiver while maintaining the image quality similar to other interpolation-based reversible data hiding schemes.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.11
• /
• pp.5496-5505
• /
• 2012

As the IT industry develops, the smart-phone technology and functions which are actively being studied at the moment greatly influence the entire living environment. With the smart-phone technology and functions, people's interest for the wireless LAN which can be used to get access to the Internet anytime anywhere is gradually increasing. However, since the malicious attacker can easily carry out hacking or approach the contents due to the characteristics of the wireless radio wave, the personal information with a high level of importance for data security is easily exposed due to Spoofing, Denial of Service attack and Man in the Middle attack. Therefore, the demand for security is gradually increasing. In this paper, the safe wireless network service environment is provided by supplementing the vulnerability in regard to Spoofing, Session Hijacking and Man in the Middle attack after executing the client's authentication process, the AP authentication process and the Mobile Agency authentication process with the client's information in the USIM, the AP information and the Mobile Agency information when the client uses the wireless Internet through the Mobile Agency AP access in the smart phone environment.

• The KIPS Transactions:PartC
• /
• v.12C no.6 s.102
• /
• pp.855-864
• /
• 2005

In this paper, we propose an intrusion detection system(IDS) architecture which can detect and respond against the generation of abnormal traffic such as malicious code and Internet worms. We model the system, design and implement a simulator using OPNET Modeller, for the performance analysis on the response capacity of alert information in the proposed system. At first, we model the arrival process of alert information resulted from abnormal traffic. In order to model the situation in which alert information is intensively produced, we apply the IBP(Interrupted Bernoulli Process) which may represent well the burstiness of traffic. Then we perform the simulation in order to gain some quantitative understanding of the system for our performance parameters. Based on the results of the performance analysis, we analyze factors which may hinder in accelerating the speed of security node, and would like to present some methods to enhance performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1339-1350
• /
• 2019

Ransomware is a malicious software which requires money to decrypt files that were encrypted. As the number of ransomware grows, the encryption process in ransomware has been more sophisticated and the strength of security has been more stronger. As a result, analysis of ransomware becomes more difficult and the number of decryptable ransomware is getting smaller. So, research on encryption process and decryption method of ransomware is necessary. In this paper, we show encryption processes of 5 ransomwares which were revealed in 2019, and analyze whether or not those ransomwares are decryptable.

• Journal of Information Technology and Architecture
• /
• v.11 no.2
• /
• pp.143-155
• /
• 2014

In recent years, domestic electronics, banking, electricity, services, manufacturing, pharmaceutical, corporate type and malicious hackers is corporate security through the accident occurred and the resulting loss of corporate information and the damage each year is steadily increasing. Many companies have responded to domestic business activities and to protect critical information related to laptops, smart phones, tablets, and introduced a variety of Endpoint security solutions within. However, being introduced to senselessly Endpoint security solution across the over-budget, with the same features and performance, such as conflicts and problems arise, resulting in additional maintenance costs, in an effort to resolve the conflict in the operational security of the IT department's new difficulty in becoming. Here is the introduction and operation of these Endpoint security solutions in order to solve the problem on employees's PC into the center of the information security governance based on Endpoint security solution to provide the process for determining the solutions presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.3-10
• /
• 2004

A Wireless Lan has an importance of access control, because we can use wireless Internet via AP(Access Point). Moreover, to use wireless LAN, we will go through authentication process of EAP. DoS(Denial of Service) attack is one of the fatal attack about these AP access and authentication process. That is, if malicious attacker keeps away access of AP or consumes memory of server and calculation ability of CPU and etc. compulsorily in authentication process, legal user can't get any services. In this paper, we presents the way of protection against the each attack that is classified into access control, allocation of resource, attack on authentication protocol. The first thing, attack to access control, is improved by pre-verification and the parameter of security level. The second, attack of allocation of resource, is done by partial stateless protocol. And the weak of protocol is done by time-stamp and parameter of access limitation.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.3
• /
• pp.1144-1156
• /
• 2014

In Internet, IP multicast has been used successfully to provide an efficient, best-effort delivery service for group communication applications. However, applications such as multiparty private conference, distribution of stock market information, pay per view and other subscriber services may require secure multicast to protect integrity and confidentiality of the group traffic, and validate message authenticity. Providing secure multicast for group communication is problematic without a robust group key management. In this paper, we propose a group key management scheme based on the secret sharing technology to require each member by itself to generate the group key when receiving a rekeying message multicast by the group key distributor. The proposed scheme enforces mutual authentication between a member and the group key distributor while executing the rekeying process, and provides forward secrecy and backward secrecy properties, and resists replay attack, impersonating attack, group key disclosing attack and malicious insider attack.