• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.143-151
• /
• 2020

The cyber battlefield called the fifth battlefield, is not based on geological information unlike the existing traditional battlefiels in the land, sea, air and space, and has a characteristics that all information has tightly coupled correlation to be anlayized. Because the cyber battlefield has created by the network connection of computers located on the physical battlefield, it is not completely seperated from the geolocational information but it has dependency on network topology and software's vulnerabilities. Therefore, the analysis for cyber battlefield should be provided in a form that can recognize information from multiple domains at a glance, rather than a single geographical or logical aspect. In this paper, we describe a study on the development of the cyber operation COP(Common Operational Picture), which is essential for command and control in the cyber warfare. In particular, we propose an architecure for cyber operation COP to intuitively display information based on visualization techniques applying the multi-layering concept from multiple domains that need to be correlated such as cyber assets, threats, and missions. With this proposed cyber operation COP with multi-layered visualization that helps to describe correlated information among cyber factors, we expect the commanders actually perfcrm cyber command and control in the very complex and unclear cyber battlefield.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.767-780
• /
• 2015

In recent years, as smart phone penetration rate is growing explosively, new forms of cyber crime data is poured out beyond the limits of management system for cyber crime investigation. These new forms of data are collected and stored in police station but, some of data are not systematically managed. As a result, investigators sometimes miss the hidden data which can be critical for a case. Crime data is usually generated by computer which produces complex and huge data and records many logs automatically, so it is necessary to simplify a collected data and cluster by crime pattern. In this paper, we categorize all kinds of cyber crime and simplify crime database and extract critical clues relative to other cases. Through data mining and network-visualization, we found there is correlation between clues of a case. From this result, we conclude cyber crime data mining helps crime prevention, early blocking and increasing the efficiency of the investigation.

• International Journal of Computer Science & Network Security
• /
• v.21 no.11
• /
• pp.338-344
• /
• 2021

The recently continuous enhancement and development in the biomedical side for the betterment of human life. The Wireless Body Area Networks is a significant tool for the current researcher to design and transfer data with greater data rates among the sensors and sensor nodes for biomedical applications. The core area for research in WBANs is power efficiency, battery-driven devices for health and medical, the Charging limitation is a major and serious problem for the WBANs.this research work is proposed to find out the optimal solution for battery-friendly technology. In this research we have addressed the solution to increasing the battery lifetime with variable data transmission rates from medical equipment as Wireless Endoscopy Capsules, this device will analyze a patient's inner body gastrointestinal tract by capturing images and visualization at the workstation. The second major issue is that the Wireless Endoscopy Capsule based systems are currently not used for clinical applications due to their low data rate as well as low resolution and limited battery lifetime, in case of these devices are more enhanced in these cases it will be the best solution for the medical applications. The main objective of this research is to power optimization by reducing the power consumption of the battery in the Wireless Endoscopy Capsule to make it battery-friendly. To overcome the problem we have proposed the algorithm for "Battery Friendly Algorithm" and we have compared the different frame rates of buffer sizes for Transmissions. The proposed Battery Friendly Algorithm is to send the images on average frame rate instead of transmitting the images on maximum or minimum frame rates. The proposed algorithm extends the battery lifetime in comparison with the previous baseline proposed algorithm as well as increased the battery lifetime of the capsule.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.847-857
• /
• 2018

As the number of malicious code increases steeply, cyber attack victims targeting corporations, public institutions, financial institutions, hospitals are also increasing. Accordingly, academia and security industry are conducting various researches on malicious code detection. In recent years, there have been a lot of researches using machine learning techniques including deep learning. In the case of research using Convolutional Neural Network, ResNet, etc. for classification of malicious code, it can be confirmed that the performance improvement is higher than the existing classification method. However, one of the characteristics of the target attack is that it is custom malicious code that makes it operate only for a specific company, so it is not a form spreading widely to a large number of users. Since there are not many malicious codes of this kind, it is difficult to apply the previously studied machine learning or deep learning techniques. In this paper, we propose a method to classify malicious codes when the amount of samples is insufficient such as targeting type malicious code. As a result of the study, we confirmed that the accuracy of 97% can be achieved even with a small amount of data by applying the Memory Augmented Neural Networks model.

• Proceedings of the KSRS Conference
• /
• 1998.09a
• /
• pp.153-158
• /
• 1998

Since the mid-1990′s, researches on 3D GIS have been regarded as one of main issues both in the academic sites and commercial vendors; recently, some prototyped systems or the first versioned software systems of commercial basis are being reported and released. Unlike conventional 2D GIS, which consists in intelligent structured GIS or desktop GIS, every 3D GIS has its own distinguished features according to data structure-supporting capability, GIS-styled functionality, external database accessibility, interfacing extents with 2D GIS, 3D visualization/texture mapping ability, and so forth. In this study, technical aspects related to system development, SERI-Web3D GIS ver. 1.2, are explained. Main features in this revised 3D GIS can be summarized: 2-tier system model(client-server), VGFF(Virtual GIS File Format), internal GIS import, Feature manager(zoning, layering, visualization evironment), Scene manager(manage 3D geographic world), Scene editor, Spatial analyzer(Intersect, Buffering, Network analysis), VRML exporter. While, most other 3D GISes or cartographic mapping systems may be categorized into 3D visualization systems handling terrain height-field processing, 2D GIS extension modules, or 3D geometric feature generation system using orthophoto image: actually, these are eventually considered as several parts of "real 3D GIS". As well as these things, other components, especially web-based 3D GIS, are being implemented in this study: Surface/feature integration, Java/VRML linkage, Mesh/Grid problem, LOD(Level of Detail)/Tiling, Public access security problem, 3-tier architecture extension, Surface handling strategy for VRML.

• Electronics and Telecommunications Trends
• /
• v.23 no.4
• /
• pp.61-71
• /
• 2008

최근 이루어지는 사이버 공격들의 형태가 점점 더 다양해지고 공격의 전파 속도가 빨라짐에 따라 기존의 침임 탐지 기법으로는 이러한 공격을 신속하게 탐지하고 차단하기에는 한계가 있다. 이와 같은 문제점을 해결하기 위해서 최근에 네트워크 보안 이벤트 시각화 기술에 대한 연구가 활발히 진행되고 있다. 네트워크 보안 이벤트 시각화 기술은 네트워크 상에서 발생되는 방대한 양의 이벤트를 실시간으로 시각화함으로써 네트워크 공격의 탐지, 알려지지 않은 공격 패턴 분류, 네트워크 이상 상태의 발견 등 네트워크 보안 상황을 관리자가 직관적으로 인지할 수 있도록 하는 기술이다. 본 고에서는 보안 이벤트 시각화 기술을 유선 네트워크와 무선 네트워크로 구분하여, 각각의 네트워크 환경에서 현재 개발되고 있는 기술의 동향과 앞으로의 발전 방향에 대해서 다루도록 한다.

• Journal of KIISE:Information Networking
• /
• v.36 no.3
• /
• pp.173-183
• /
• 2009

We present a real-time monitoring system for detecting anomalous network events using the entropy. The entropy accounts for the effects of disorder in the system. When an abnormal factor arises to agitate the current system the entropy must show an abrupt change. In this paper we deliberately model the Internet to measure the entropy. Packets flowing between these two networks may incur to sustain the current value. In the proposed system we keep track of the value of entropy in time to pinpoint the sudden changes in the value. The time-series data of entropy are transformed into the two-dimensional domains to help visually inspect the activities on the network. We examine the system using network traffic traces containing notorious worms and DoS attacks on the testbed. Furthermore, we compare our proposed system of time series forecasting method, such as EWMA, holt-winters, and PCA in terms of sensitive. The result suggests that our approach be able to detect anomalies with the fairly high accuracy. Our contributions are two folds: (1) highly sensitive detection of anomalies and (2) visualization of network activities to alert anomalies.

• Journal of Internet Computing and Services
• /
• v.19 no.5
• /
• pp.67-75
• /
• 2018

According to Symantec's Internet Security Threat Report(2018), Internet security threats such as Cryptojackings, Ransomwares, and Mobile malwares are rapidly increasing and diversifying. It means that detection of malwares requires not only the detection accuracy but also versatility. In the past, malware detection technology focused on qualitative performance due to the problems such as encryption and obfuscation. However, nowadays, considering the diversity of malware, versatility is required in detecting various malwares. Additionally the optimization is required in terms of computing power for detecting malware. In this paper, we present Stream Order(SO)-CNN and Incremental Coordinate(IC)-CNN, which are malware detection schemes using CNN(Convolutional Neural Network) that effectively detect intelligent and diversified malwares. The proposed methods visualize each malware binary file onto a fixed sized image. The visualized malware binaries are learned through GoogLeNet to form a deep learning model. Our model detects and classifies malwares. The proposed method reveals better performance than the conventional method.

• Current Optics and Photonics
• /
• v.6 no.6
• /
• pp.565-575
• /
• 2022

In this paper, we propose a non-fungible token (NFT) transaction method that can commercialize the real 3D property and make property sharing possible using the 3D reconstruction technique. In addition, our proposed method enhances the security of NFT copyright and metadata by using optical encryption. In general, a conventional NFT is used for 2D image proprietorial rights. To expand the scope of the use of tokens, many cryptocurrency industries are currently trying to apply tokens to real three-dimensional (3D) property. However, many token markets have an art copyright problem. Many tokens have been minted without considering copyrights. Therefore, tokenizing real property can cause significant social issues. In addition, there are not enough methods to mint 3D real property for NFT commercialization and sharing property tokens. Therefore, we propose a new token management technique to solve these problems using integral imaging and double random phase encryption. To show our system, we conduct a private NFT market using a test blockchain network that can demonstrate the whole NFT transaction process.

• International Journal of Computer Science & Network Security
• /
• v.22 no.8
• /
• pp.97-104
• /
• 2022

European integration processes have acted as a catalyst for the emergence of a new type of educational environment, which is characterized by competent flexibility of specialists. Therefore, the article focuses on professional training of teachers in the context of European integration processes using information technology and the search for innovative methods of training specialists. One of the educational priorities in Europe is to create a new model of a teacher who has an academic education, knows innovative methods, is able to perform functions and tasks efficiently and professionally, adequately, quickly and correctly respond to changes and innovations. The tasks facing education in the European dimension are formulated. The main trends in the education of teachers in modern Europe are described: the need to deepen and expand subject training programs in pedagogical institutions of Higher Education, which will allow autonomy of activity, awareness of responsibility for independent creative decisions, create favorable conditions for the development of professionalism through the use of Information Technology and the search for innovative methods of training specialists. At the present stage, various models of teacher training are being developed based on the University and practical concept using information technology and searching for innovative methods of training specialists. On this basis, two different theories of perception of teacher education were formed: as preparation of teachers for work throughout their professional career; as preparation for the first years of professional work, which is periodically repeated in the process of continuous professional training and improvement. Among the advantages that the use of Information Technology and the search for innovative methods of training specialists to implement the learning process, it is worth mentioning the following: simultaneous use of several channels of perception of the student or student in the learning process, thanks to which the integration of information processed by different sensory organs is achieved; the ability to simulate complex real experiments; visualization of abstract information by dynamic representation of processes, etc.