• Journal of Korea Society of Digital Industry and Information Management
• /
• 제16권1호
• /
• pp.67-78
• /
• 2020

Typical security solutions such as intrusion detection system are not suitable for detecting advanced persistent attack(APT), because they cannot draw the big picture from trivial events of security solutions. Researches on techniques for detecting multiple stage attacks by analyzing the correlations between security events or alerts are being actively conducted in academic field. However, these studies still use events from existing security system, and there is insufficient research on the structure of the entire security system suitable for advanced persistent attacks. In this paper, we propose an attack path and intention recognition system suitable for multiple stage attacks like advanced persistent attack detection. The proposed system defines the trace format and overall structure of the system that detects APT attacks based on the correlation and behavior analysis, and is designed with a structure of detection system using deep learning and big data technology, etc.

• International Journal of Computer Science & Network Security
• /
• 제23권5호
• /
• pp.179-192
• /
• 2023

The widespread use of Cloud Computing, Internet of Things (IoT), and social media in the Information Communication Technology (ICT) field has resulted in continuous and unavoidable cyber-attacks on users and critical infrastructures worldwide. Traditional security measures such as firewalls and encryption systems are not effective in countering these sophisticated cyber-attacks. Therefore, Intrusion Detection and Prevention Systems (IDPS) are necessary to reduce the risk to an absolute minimum. Although IDPSs can detect various types of cyber-attacks with high accuracy, their performance is limited by a high false alarm rate. This study proposes a new technique called Fuzzy Logic - Objective Risk Analysis (FLORA) that can significantly reduce false positive alarm rates and maintain a high level of security against serious cyber-attacks. The FLORA model has a high fuzzy accuracy rate of 90.11% and can predict vulnerabilities with a high level of certainty. It also has a mechanism for monitoring and recording digital forensic evidence which can be used in legal prosecution proceedings in different jurisdictions.

• International Journal of Computer Science & Network Security
• /
• 제21권8호
• /
• pp.177-181
• /
• 2021

With the recent advances in information and communication technology, online management of students' learning data has become the norm. Research on learning analysis that predicts the near future (in a few years) of students' careers using machine learning methods and state transition models has been widely conducted. It is important for educators to evaluate the comprehension stability of students to prevent a decrease in their comprehension rate and dropouts in the class. In this study, we measured the comprehension process of university students in different types of lectures. Herein, we report on the results of data analysis using time series and data statistics, and consider several educational approaches.

• International Journal of Computer Science & Network Security
• /
• 제21권9호
• /
• pp.103-108
• /
• 2021

The emergence of new technologies and their implementation by different manufacturers of electronic devices are experiencing an ascending trend. Most of the time, these protocols are expected to reach a certain degree of maturity, and electronic equipment manufacturers use simplified communication standards and interfaces that have already reached maturity in terms of their development such as ModBUS, KNX or CAN. This paper proposes an IoT solution of the Smart Home type based on an Analysis and Prediction System. A data acquisition component was implemented and there was defined an algorithm for the analysis and prediction of actions based on the values collected from the data update component and the data logger records.

• Convergence Security Journal
• /
• 제15권7호
• /
• pp.47-53
• /
• 2015

Recently, the Internet of Things is an important technology with a Cloud computing services and a Big data in the IT fields. and The Internet of Things is widely used in various industries. This trend may be referred to as the emergence of significant based technologies for realizing a ubiquitous times. But the security problems of Internet of things are expected to increase with being realized in a variety of industries. and it will be have to provide a corresponding technology to the security threat for this. Therefore, this paper will be analyzed to the security threats of the Internet of Things by the cases. Thereby this is expected to be utilized as a basis for the countermeasure of Internet of Things in a future.

• Korean Security Journal
• /
• 제59호
• /
• pp.9-35
• /
• 2019

Until now, a lot of research on cyber security have been tried, but there have been few studies on overall relationships, including internal factors and external factors. Therefore, this study examined cyber security management considering not only internal elements of SMEs but also corporate management environment. The first qualitative analysis and the second quantitative analysis were conducted through mixed method research. Qualitative analysis was conducted through a semi-structured interview method, and three themes were found: insufficient cyber security management system, internal noncooperation for cyber security, and problems derived from decision-making system. In the quantitative analysis, multiple regression analysis was conducted on the data obtained through the questionnaire. The perception of cyber threats and internal support among independent variables positively influenced the cyber security management system or the dependent variable. Through this study, internal variables had a causal impact on the cyber security management system rather than external environment variables. This implies that the variables related to the organizational culture such as employees' perception are important. These results are expected to provide practical significance for enhancing the cyber security management system in SMEs.

• International Journal of Computer Science & Network Security
• /
• 제23권10호
• /
• pp.81-88
• /
• 2023

In the present scenario, enormous amounts of data are produced every second. These data also contain private information from sources including media platforms, the banking sector, finance, healthcare, and criminal histories. Data mining is a method for looking through and analyzing massive volumes of data to find usable information. Preserving personal data during data mining has become difficult, thus privacy-preserving data mining (PPDM) is used to do so. Data perturbation is one of the several tactics used by the PPDM data privacy protection mechanism. In Perturbation, datasets are perturbed in order to preserve personal information. Both data accuracy and data privacy are addressed by it. This paper will explore and compare several perturbation strategies that may be used to protect data privacy. For this experiment, two perturbation techniques based on random projection and principal component analysis were used. These techniques include Improved Random Projection Perturbation (IRPP) and Enhanced Principal Component Analysis based Technique (EPCAT). The Naive Bayes classification algorithm is used for data mining approaches. These methods are employed to assess the precision, run time, and accuracy of the experimental results. The best perturbation method in the Nave-Bayes classification is determined to be a random projection-based technique (IRPP) for both the cardiovascular and hypothyroid datasets.

• Journal of the Korean Mathematical Society
• /
• 제59권1호
• /
• pp.35-51
• /
• 2022

We give secure parameter suggestions to use sparse secret vectors in LWE based encryption schemes. This should replace existing security parameters, because homomorphic encryption (HE) schemes use quite different variables from the existing parameters. In particular, HE schemes using sparse secrets should be supported by experimental analysis, here we summarize existing attacks to be considered and security levels for each attacks. Based on the analysis and experiments, we compute optimal scaling factors for CKKS.

• Journal of the Society of Disaster Information
• /
• 제4권2호
• /
• pp.40-50
• /
• 2008

The purpose of this study is to analyze the job of the security and secretary, to offer useful basic data throughout human resources management by withdrawing the ability required from the security and secretary based on the analyzed results. In this regard, this study intended to look into the job of the security and secretary, the necessary ability for the job of the security and secretary. To achieve the research goals, the study selected the research participants, composed of 5 secretaries for security with more than 5-year careers after graduating from a security and secretarial service department in a college and conducted an in-depth interview with them concerning their jobs. The in-depth interview data from the 5 participants was applied with a classification analysis used by Spradley (1980). In order to enhance the dependability and validity of the research, the study held an expert meeting composed of 2 persons with a doctoral degree in securities service studies and 1 person with a master's degree in secretarial information studies, twice. Also, the study drew results concerning the job of the security and secretary and the necessary ability of the job. Though the above process, the following conclusions were drawn; the job of the security and secretary includes the areas of job safety, a housing residence job, a health care job, an interpersonal relationships job, an assistant' s job, document and office works, general affairs, and an education job. The necessary ability for the job of the security and secretary involves martial arts abilities, risk management ability, the strict keeping of secrets, decision-making ability, information processing ability, foreign language proficiency, understanding other cultures, communications skills and office work ability.

• Journal of Information Technology Applications and Management
• /
• 제23권2호
• /
• pp.177-194
• /
• 2016

This study analyzed President Park's speeches and the government's industry policy in the field of information security using cognitive map. The relationship analysis between policy tool variables and policy goal variables was employed to derive revitalization strategy of information security. This paper found that entrepreneurship revitalization has very strong causality with expansion of domestic market and global market. But, on the other hand, HR development has very weak causality with job creation and future growth driver because the labor market in the information security industry is poor and its transfer rate to other industry is very high. This study showed that this cognitive map could be characterized by a scarcity of feedback loops and a strong emphasis on the positive loops in the structure of virtuous circle. In this paper, we also constructed a comprehensive cognitive map on the policy vision of information security, showing that there are a risk of cyber threat, an opportunity of new fusion security market, information security reinforcing circle, global economic circle, and domestic market circle.