• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.433-441
• /
• 2021

Android applications are released across various categories, including productivity apps and games, and users are exposed to various applications and even malware depending on their usage patterns. On the other hand, most analysis engines train using existing datasets and do not reflect user patterns even if periodic updates are made. Thus, the detection rate for known malware is high, while types of malware such as adware are difficult to detect. In addition, existing engines incur increased service provider costs due to the cost of server farm, and the user layer suffers from problems where availability and real-timeness are not guaranteed. To address these problems, we propose an analysis system that performs on-device malware detection through transfer learning, which requires only one-time communication with the server. In addition, The system has a complete process on the device, including decompiler, which can distribute the load of the server system. As an evaluation result, it shows 90.3% accuracy without transfer learning, while the model transferred with adware catergories shows 95.1% of accuracy, which is 4.8% higher compare to original model.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.346-356
• /
• 2022

The jurisprudential legal rules govern the way Muslims react and interact to daily life. This creates a huge stream of questions, that require highly qualified and well-educated individuals, called Muftis. With Muslims representing almost 25% of the planet population, and the scarcity of qualified Muftis, this creates a demand supply problem calling for Automation solutions. This motivates the application of Artificial Intelligence (AI) to solve this problem, which requires a well-designed Question-Answering (QA) system to solve it. In this work, we propose a QA system, based on retrieval augmented generative transformer model for jurisprudential legal question. The main idea in the proposed architecture is the leverage of both state-of-the art transformer models, and the existing knowledge base of legal sources and question-answers. With the sensitivity of the domain in mind, due to its importance in Muslims daily lives, our design balances between exploitation of knowledge bases, and exploration provided by the generative transformer models. We collect a custom data set of 850,000 entries, that includes the question, answer, and category of the question. Our evaluation methodology is based on both quantitative and qualitative methods. We use metrics like BERTScore and METEOR to evaluate the precision and recall of the system. We also provide many qualitative results that show the quality of the generated answers, and how relevant they are to the asked questions.

• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.83-89
• /
• 2021

The RMF (Cyber Security Risk Management Framework) is a more strengthened U.S. defense cybersecurity framework that is currently used throughout the U.S. federal government beyond the defense sector. In the past decade, the proportion of cyber warfare in non-regular warfare encountered by the United States, especially cyberattacks caused by China and North Korea, has been increasing. In the end, the U.S. is newly establishing an RMF system to prepare a more strengthened cybersecurity policy at the pan-government level, and the U.S. Department of Defense aims to expand the U.S. defense RMF evaluation policy beyond the federal government level. The South Korean military has already applied RMF at the request of the U.S. that notified the policy to apply RMF when obtaining F-35A. The application of RMF by the Korean military is no longer inevitable. Now is the time for the Korean military to seriously think about what to prepare for the early establishment of a successful Korean RMF system.

• International Journal of Computer Science & Network Security
• /
• v.23 no.10
• /
• pp.37-43
• /
• 2023

The hospital situation, timing, and patient restrictions have become obstacles to an optimum therapy session. The crowdedness of the hospital might lead to a tight schedule and a shorter period of therapy. This condition might strike a post-stroke patient in a dilemma where they need regular treatment to recover their nervous system. In this work, we propose an in-house and uncomplex serious game system that can be used for physical therapy. The Kinect camera is used to capture the depth image stream of a human skeleton. Afterwards, the user might use their hand gesture to control the game. Voice recognition is deployed to ease them with play. Users must complete the given challenge to obtain a more significant outcome from this therapy system. Subjects will use their upper limb and hands to capture the 3D objects with different speeds and positions. The more substantial challenge, speed, and location will be increased and random. Each delegated entity will raise the scores. Afterwards, the scores will be further evaluated to correlate with therapy progress. Users are delighted with the system and eager to use it as their daily exercise. The experimental studies show a comparison between score and difficulty that represent characteristics of user and game. Users tend to quickly adapt to easy and medium levels, while high level requires better focus and proper synchronization between hand and eye to capture the 3D objects. The statistical analysis with a confidence rate(α:0.05) of the usability test shows that the proposed gaming is accessible, even without specialized training. It is not only for therapy but also for fitness because it can be used for body exercise. The result of the experiment is very satisfying. Most users enjoy and familiarize themselves quickly. The evaluation study demonstrates user satisfaction and perception during testing. Future work of the proposed serious game might involve haptic devices to stimulate their physical sensation.

• International Journal of Computer Science & Network Security
• /
• v.23 no.10
• /
• pp.135-146
• /
• 2023

An effective educational program warrants the inclusion of an innovative construction which enhances the higher education efficacy in such a way that accelerates the achievement of desired results and reduces the risk of failures. Educational Decision Support System (EDSS) has currently been a hot topic in educational systems, facilitating the pupil result monitoring and evaluation to be performed during their development. Insufficient information systems encounter trouble and hurdles in making the sufficient advantage from EDSS owing to the deficit of accuracy, incorrect analysis study of the characteristic, and inadequate database. DMTs (Data Mining Techniques) provide helpful tools in finding the models or forms of data and are extremely useful in the decision-making process. Several researchers have participated in the research involving distributed data mining with multi-agent technology. The rapid growth of network technology and IT use has led to the widespread use of distributed databases. This article explains the available data mining technology and the distributed data mining system framework. Distributed Data Mining approach is utilized for this work so that a classifier capable of predicting the success of students in the economic domain can be constructed. This research also discusses the Intelligent Knowledge Base Distributed Data Mining framework to assess the performance of the students through a mid-term exam and final-term exam employing Multi-agent system-based educational mining techniques. Using single and ensemble-based classifiers, this study intends to investigate the factors that influence student performance in higher education and construct a classification model that can predict academic achievement. We also discussed the importance of multi-agent systems and comparative machine learning approaches in EDSS development.

• Journal of the Korean Society for Railway
• /
• v.11 no.4
• /
• pp.349-356
• /
• 2008

Put Safety-critical systems related to the railway communications are currently undergoing changes. Mechanical and electro-mechanical devices are being replaced by programmable electronics that are often controlled remotely via communication networks. Therefore designers and operators now not only have to contend with component failures and user errors, but also with the possibility that malicious entities are seeking to disrupt the services provided by theirs systems. Recognizing the safety-critical nature of the types of communications required in rail control operations, the communications infrastructure will be required to meet a number of safety requirements such as system faults, user errors and the robustness in the presence of malicious attackers who are willing to take determined action to interfere in the correct operation of a system. This paper discusses the safety strategies employed in the railway communications and proposes a security mechanism for Korean railway communication system. We present the developed communication safety evaluation tool based on the proposed security mechanism and also evaluate its protecting capability against the threats of masquerading, eavesdropping, and unauthorized message manipulation.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.727-738
• /
• 2003

Much research efforts are being exerted for the study of intrusion detection system(IDS). However little work has been for the communication medels and performance eveluation of the IDS. Here we present a communication framework for doing hybrid intrusion detection in which agents are used for local intrusion detections with a centralized data anaysis componenta for a global intrusion detection at multiple domains environment. We also assume the combination of host-based and network-based intrusion detection systems in the oberall framework. From the local domain, a set of information such as alert, and / or log data are reported to the upper level. At the root of the hierarchy, there is a global manager where data coalescing is performed. The global manager delivers a security policy to its lower levels as the result of aggregation and correlation of intrusion detection alerts. In this paper, we model the communication mechanisms for the hybrid IDS and develop a simular using OPNET modeller for the performance evaluation of transmission capabillities for the delivery of data and policy. We present and compare simulation results based on several scenarios focuding on communication delay.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.2
• /
• pp.659-679
• /
• 2015

Distributed applications are composed of multiple nodes, which exchange information with individual nodes through message passing. Compared with traditional applications, distributed applications have more complex behavior patterns because a large number of interactions and concurrent behaviors exist among their distributed nodes. Thus, it is difficult to detect anomalous behaviors and determine the location and scope of abnormal nodes, and some attacks and misuse cannot be detected. To address this problem, we introduce a method for detecting anomalous behaviors based on process algebra. We specify the architecture of the behavior detection model and the detection algorithm. The anomalous behavior detection and analysis demonstrate that our method is a good discriminator between normal and anomalous behavior characteristics of distributed applications. Performance evaluation shows that the proposed method enhances efficiency without security degradation.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.3
• /
• pp.552-557
• /
• 2003

This paper presents an algorithm for evaluating power wheeling effects considering contingency using Monte-Carlo simulation. The effects of power wheeling on generating cost, transmission losses, and system security are considered. And, for a specific operating condition, the effects are quantified by the sensitivity of specific quantities of interest with respect to wheeling level. This model is utilized to calculate probability distribution functions of the incremental effects of power wheeling with a Monte-Carlo simulation. The proposed method is applied to IEEE RTS-96 system and the results are presented.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.04a
• /
• pp.259-262
• /
• 2016

최근 중요 인프라 업계에서 주로 다뤄지는 제어시스템을 표적으로 한 사이버 공격으로 Stuxnet에 이어 Havex RAT, BlackEnergy2 라고 하는 멀웨어(Malware)를 이용한 사건이 많이 증가하고 있다. 제어시스템의 새로운 공격 방법에 대한 대책으로 시스템 입구와 내부조직에 대한 대책을 강화하기 위한 필요성이 요구되어 왔지만 그러한 대책은 한정되어 있다. 본 논문에서는 보안대책에 필요한 인증 취득에 있어서 기준이 되는 국제 표준인 ISASecure(R)EDSA 인증제도에 착목했다. 인증평가는 요구요건이 중복되는 불필요한 인증평가 작업을 최소화 하는 것으로 인증 취득 시 발생되는 코스트를 절감할 수 있으며 기존의 정보 보안 관리체계(lSMS)의 인증을 취득하고 있는 기업이나 조직이면 제어시스템의 인증 기준으로 추가된 차분 요건만으로 취득이 가능 할 수 있을 것으로 상정된다. 이러한 제어시스템의 보안을 구현하기 위해 IACS(Industrial Automation and Control System)에서 표준화로 제정한 IEC62443 시리즈를 참조하여 세계각국에서 사용되는 제어시스템을 대상으로 인증(EDSA) 요구사항의 차분을 도출하는 수법을 제안하고자 한다.