• International Journal of Computer Science & Network Security
• /
• v.21 no.12spc
• /
• pp.549-555
• /
• 2021

Machine Learning(ML) splits data into 3 parts, which are usually 60% for training, 20% for validation, and 20% for testing. It just splits quantitatively instead of selecting each set of data by a criterion, which is very important concept for the adequacy of test data. ML measures a model's accuracy by applying a set of validation data, and revises the model until the validation accuracy reaches on a certain level. After the validation process, the complete model is tested with the set of test data, which are not seen by the model yet. If the set of test data covers the model's attributes well, the test accuracy will be close to the validation accuracy of the model. To make sure that ML's set of test data works adequately, we design an experiment and see if the test accuracy of model is always close to its validation adequacy as expected. The experiment builds 100 different SVM models for each of six data sets published in UCI ML repository. From the test accuracy and its validation accuracy of 600 cases, we find some unexpected cases, where the test accuracy is very different from its validation accuracy. Consequently, it is not always true that ML's set of test data is adequate to assure a model's quality.

• Nuclear Engineering and Technology
• /
• v.55 no.1
• /
• pp.25-36
• /
• 2023

Nuclear power plants have recognized the importance of nuclear cybersecurity. Based on regulatory guidelines and security-related standards issued by regulatory agencies around the world including IAEA, NRC, and KINAC, nuclear operating organizations and related systems manufacturing organizations, design companies, and regulatory agencies are considering methods to prepare for nuclear cybersecurity. Cryptographic algorithms have to be developed and applied in order to meet nuclear cybersecurity requirements. This paper presents methodologies for validating cryptographic algorithms that should be continuously applied at the critical control system of I&C in NPPs. Through the proposed schemes, validation programs are developed in the PLC, which is a critical system of a NPP's I&C, and the validation program is verified through simulation results. Since the development of a cryptographic algorithm validation program for critical digital systems of NPPs has not been carried out, the methodologies proposed in this paper could provide guidelines for Cryptographic Module Validation Modeling for Control Systems in NPPs. In particular, among several CMVP, specific testing techniques for ECB mode-based block ciphers are introduced with program codes and validation models.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.69-85
• /
• 2003

In this paper, we discuss a validation test for cryptographic algorithms. The cryptographic algorithms decide on the security and the confidence of a security system protecting sensitive information. So. the implementation of cryptographic algorithms is very critical of the system. The validation lest specifies the procedures involved in validating implementations of the cryptographic standards and provides conformance testing for components or procedures of the algorithm. We propose a SEED Validation System(SVS) to verify that the implementation correctly performs the SEED algorithm. The SVS is composed of two types of validation tests, the Known Answer test and the Monte Carlo test. The System generates the testing data for the Known Answer tests and the random data for the Monte Carlo tests. This system can be used to validate and certify the cryptographic product.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.11
• /
• pp.2459-2464
• /
• 2012

Many companies has led to the damage case being leaked to personal information by taking cyber attack. Also, planned hacking cases continues to increase for the purpose of acquiring monetary gain or causing social disruption induction, etc. Approximately 75% of the Web site attacks exploit the vulnerability of the application. Major security issue is to strengthen the S/W development security according to the legal basis. The members of the project team is the fact that the lack of recognition of application development security. In addition, passive response and security validation/testing, etc. throughout the SDLC to the entire area is insufficient. Therefore, rework due to the belated discovery of a defect has occurs. In this paper, we examine the case of the project step-by-step security activities by performing IT services companies. And, through this, we present security measures that can be applied to the step-wise real-world projects.

• The Magazine of the IEIE
• /
• v.30 no.6
• /
• pp.624-637
• /
• 2003

CMVP(Cryptographic Module Validation Program) validates cryptographic modules to FIPS 140-1, 2, and other FIPS cryptography based standards. This paper gives an overview of the CMVP, cryptographic modules, cryptographic algorithms, and the applicable standards. This provides a brief overview of the security requirements that must be met by each cryptographic module that is submitted to a CMT laboratory for conformance testing and describes the Cryptographic Algorithm Testing.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.151-163
• /
• 2019

As smart devices and communication technologies have developed rapidly, the healthcare industry in the globe is seeing remarkable issues on medical security. At the same time, personal medical records are being shared in the network, which would raise the risk of information security. This thesis aims to develop the curriculum to raise the awareness of information security among workers in medical institutions by referring to NCS(National Competency Standards) International standards, medical institutions' requirements and educational institutions' curriculums on information security based on proven results from medical devices and systems introduced in the public health centers, territorial branches, community health posts and primary, secondary, tertiary hospitals. Thus, this thesis offers the method to improve information security in healthcare institutions through validation testing conducted by medical practitioners and ICT experts.

• The KIPS Transactions:PartC
• /
• v.14C no.4
• /
• pp.313-320
• /
• 2007

In this paper, we propose a method to analyze security vulnerabilities of MS word-processor by checking the validation of its input files. That is, this study is to detect some vulnerabilities in the input file of the word processor by analyzing the header information of its input file. This validation test can not be conducted by the existing software fault injection tools including Holodeck and CANVAS. The proposed method can be also applied to identify the input file vulnerabilities of Hangul and Microsoft Excel which handle a data file with a header as an input. Moreover, our method can provide a means for assessing the fault tolerance and trustworthiness of the target software.

• Convergence Security Journal
• /
• v.16 no.6_2
• /
• pp.33-42
• /
• 2016

This study was set up hypothesis "NCS recognition ➩ NCS training needs ➩ Performance of the NCS training". The survey was conducted to explore the need for Security-related NCS education at university and awareness of the NCS for Security Studies students. Results of analyzing the internal consistency, this study showed that ensure internal consistency is calculated Chronbach's Alpha coefficient of more than 0.8. Validation of the survey was investigated by secured Convergent validity and discriminant validity among the variables calculated all over the reference value. This study showed that the model is appropriate with results using the structural equation modeling to validate the research model The correlation analysis of this hypothesis was very high as calculated the standardization factor 0.726 and 0.870 for each relationship by hypothesis testing results.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.51-62
• /
• 2021

Plant disease is one of the issues that can create losses in the production and economy of the agricultural sector. Early detection of this disease for finding solutions and treatments is still a challenge in the sustainable agriculture field. Currently, image processing techniques and machine learning methods have been applied to detect plant diseases successfully. However, the effectiveness of these methods still needs to be improved, especially in multiclass plant diseases classification. In this paper, a convolutional neural network with a batch normalization-based deep learning approach for classifying plant diseases is used to develop an automatic diagnostic assistance system for leaf diseases. The significance of using deep learning technology is to make the system be end-to-end, automatic, accurate, less expensive, and more convenient to detect plant diseases from their leaves. For evaluating the proposed model, an experiment is conducted on a public dataset contains 20654 images with 15 plant diseases. The experimental validation results on 20% of the dataset showed that the model is able to classify the 15 plant diseases labels with 96.4% testing accuracy and 0.168 testing loss. These results confirmed the applicability and effectiveness of the proposed model for the plant disease detection task.

• International Journal of Computer Science & Network Security
• /
• v.23 no.6
• /
• pp.107-114
• /
• 2023

Successful implementations of DevOps practices significantly improvise software efficiency, collaboration and security. Most of the organizations are adopting DevOps for faster and quality software delivery. DevOps brings development and operation teams together to overcome all kind of communication gaps responsible for software failures. It relies on different sets of alternative tools to automate the tasks of continuous integration, testing, delivery, deployment and monitoring. Although DevOps is followed for being very reliable and responsible environment for quality software delivery yet it lacks many quantifiable aspects to prove it on the top of other traditional and agile development methods. This research evaluates quantitative performance of DevOps and traditional/ agile development methods based on software metrics. This research includes three sample projects or code repositories to quantify the results and for DevOps integrated selective tool chain; current research considers our earlier proposed and implemented DevOps hybrid model of integrated automation tools. For result discussion and validation, tabular and graphical comparisons have also been included to retrieve best performer model. This comparative and evaluative research will be of much advantage to our young researchers/ students to get well versed with automotive environment of DevOps, latest emerging buzzword of development industries.