• Journal of Internet Computing and Services
• /
• v.23 no.5
• /
• pp.135-143
• /
• 2022

As the world has implemented social distancing and telecommuting due to the spread of COVID-19, real-time streaming sessions based on routing protocols have increased dependence on the Internet due to the activation of video and voice-related content services and cloud computing. BGP is the most widely used routing protocol, and although many studies continue to improve security, there is a lack of visual analysis to determine the real-time nature of analysis and the mis-detection of algorithms. In this paper, we analyze BGP data, which are powdered as normal and abnormal, on a real-world basis, using an anomaly detection algorithm that combines statistical and post-processing statistical techniques with Rule-based techniques. In addition, we present an interactive spatio-temporal analysis plan as an intuitive visualization plan and analysis result of the algorithm with a map and Sankey Chart-based visualization technique.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.847-857
• /
• 2018

As the number of malicious code increases steeply, cyber attack victims targeting corporations, public institutions, financial institutions, hospitals are also increasing. Accordingly, academia and security industry are conducting various researches on malicious code detection. In recent years, there have been a lot of researches using machine learning techniques including deep learning. In the case of research using Convolutional Neural Network, ResNet, etc. for classification of malicious code, it can be confirmed that the performance improvement is higher than the existing classification method. However, one of the characteristics of the target attack is that it is custom malicious code that makes it operate only for a specific company, so it is not a form spreading widely to a large number of users. Since there are not many malicious codes of this kind, it is difficult to apply the previously studied machine learning or deep learning techniques. In this paper, we propose a method to classify malicious codes when the amount of samples is insufficient such as targeting type malicious code. As a result of the study, we confirmed that the accuracy of 97% can be achieved even with a small amount of data by applying the Memory Augmented Neural Networks model.

• Journal of Internet Computing and Services
• /
• v.19 no.5
• /
• pp.67-75
• /
• 2018

According to Symantec's Internet Security Threat Report(2018), Internet security threats such as Cryptojackings, Ransomwares, and Mobile malwares are rapidly increasing and diversifying. It means that detection of malwares requires not only the detection accuracy but also versatility. In the past, malware detection technology focused on qualitative performance due to the problems such as encryption and obfuscation. However, nowadays, considering the diversity of malware, versatility is required in detecting various malwares. Additionally the optimization is required in terms of computing power for detecting malware. In this paper, we present Stream Order(SO)-CNN and Incremental Coordinate(IC)-CNN, which are malware detection schemes using CNN(Convolutional Neural Network) that effectively detect intelligent and diversified malwares. The proposed methods visualize each malware binary file onto a fixed sized image. The visualized malware binaries are learned through GoogLeNet to form a deep learning model. Our model detects and classifies malwares. The proposed method reveals better performance than the conventional method.

• Journal of Korean Society of societal Security
• /
• v.2 no.1
• /
• pp.81-89
• /
• 2009

A web-based information management system to share engineering data of truss bridge is developed through construction of standardized database of truss bridge. 3D shape information is stored in database according to AP 203 of STEP, and 3D visualization on the web is implemented by using the web 3D technology that helps users to understand geometrical shape of structures, directly. AP209 is used to store structural analysis information such as finite elements, material properties, and analysis result into relational database. Based on the developed database, a prototype of integrated information management system for truss bridge is developed, and it provides additional information such as specifications and inspection information related with shape object to end users.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.3
• /
• pp.117-127
• /
• 2020

Recently, proving insurance fraud has become increasingly difficult because it occurs intentionally and secretly via organized and intelligent conspiracy by specialists such as medical personnel, maintenance companies, insurance planners, and insurance subscribers. In the case of car accidents, it is difficult to prove intentions; in particular, an insurance company with no investigation rights has practical limitations in proving the suspicions. This paper aims reveal that the detection of organized and conspired insurance fraud, which had previously been difficult, could be dramatically improved through conspiring insurance fraud detection modeling using social network analysis and visualization of the relation between suspected group entities and by seeking developmental research possibilities of data analysis techniques.

• Journal of Korean Society of Disaster and Security
• /
• v.7 no.2
• /
• pp.1-8
• /
• 2014

Smart Pole Measurement System was constructed with not only the core sensors of a GNSS receiver, a TRS sensor and a soil moisture sensor but supplementary installation of power supply and radio communication for monitoring steep slope sites. Also a data processing software for displacement extraction and visualization was developed. Smart Pole Measurement sensor is composed of a GNSS antenna at the top of the pole, a TRS sensor and a gyro sensor vertical below right of the antenna and a soil moisture sensor at the bottom of the pole. The sensor combination extracts not only ground combination in real time but transltion, slide, settlement and soil moisture content. This measuring/monitoring system which cosists of data receiving part, data collection/transfer part and data processing part was built to exercise their functions and then test measuring/monitoring was conducted by introducing artificial displacement and the results were analyzed to evaluate field applicability.

• Journal of KIISE
• /
• v.45 no.3
• /
• pp.294-302
• /
• 2018

With the emergence of the new service industry due to the development of information and communication technology, cyber space risks such as personal information infringement and industrial confidentiality leakage have diversified, and the security problem has emerged as a critical issue. In this paper, we propose a behavior-based anomaly detection method that is suitable for real-time and large-volume data analysis technology. We show that the proposed detection method is superior to existing signature security countermeasures that are based on large-capacity user log data according to in-company personal information abuse and internal information leakage. As the proposed behavior-based anomaly detection method requires a technique for processing large amounts of data, a real-time search engine is used, called Elasticsearch, which is based on an inverted index. In addition, statistical based frequency analysis and preprocessing were performed for data analysis, and the DBSCAN algorithm, which is a density based clustering method, was applied to classify abnormal data with an example for easy analysis through visualization. Unlike the existing anomaly detection system, the proposed behavior-based anomaly detection technique is promising as it enables anomaly detection analysis without the need to set the threshold value separately, and was proposed from a statistical perspective.

• Korean Security Journal
• /
• no.60
• /
• pp.91-111
• /
• 2019

Violent crimes have increased continuously due to the development of urban society and have become a threatening factor against the residential safety of citizens. The prevention of these crimes is always a major topic in human society and one of the fundamental elements of the quality of life and safety of citizens. In recent years, much attention has been paid to environmental design through the Crime Prevention Through Environmental Design (CPTED) as a preventive measure. Currently, South Korea is promoting the openness and utilization of public data, and crime prevention is one of the fields that can utilize public data actively. This approach to crime prevention utilizing public data will be helpful for the proposal of policies from new viewpoints departing from the general utilization measures of CPTED that improve streetlights and closed-circuit television (CCTV) installations, whose limitations have been pointed out as they are only mechanical surveillance. Thus, this study sets the research scope based on the statistics of the status of five criminal offenses by administrative district in recent years provided by the data portal in Seoul City, the capital of South Korea, as the utilization data and concentrates on the analysis. Based on the analysis results, this study proposes a method to utilize classical music as a new policy for regions where the improvements are most needed. The open-source Python analysis program was employed as the main data analysis and visualization method.

• Journal of Digital Convergence
• /
• v.14 no.11
• /
• pp.125-133
• /
• 2016

In recent years, various crimes such as "random killing' crime continue to rise. Despite the government's crime prevention efforts and crime related researches, crime increases and a different approach is needed. Therefore, this study proposes the alternative for crime prevention by analyzing big data. To achieve this objective, this study was to perform visualization utilizing the histogram, the bubble chart and the hit map and association analysis. To analyze the relationship between crime and some variables, this study analyzed data of Seongnam city, Korea National Police Agency and etc. The results of analysis showed that CCTV will be to reduce the crime rate and security light is not significantly relevant. And the result showed that other types of crime focused by time of the day and day of the week and showed that an increase of the foreigners and crime increase are associated. This study presents a scheme for reducing the crime rate on the basis of this analysis result.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.12
• /
• pp.2601-2608
• /
• 2010

It is difficult to merge text document and to remake use of documents on the most collaborative document authoring system using text document, and also to provide the storage place for saving and keeping documents. It has vulnerable drawbacks about the security though it provides the accessible abilities due to basing it on Web. In this paper, we design and implementation the collaborative document authoring system for XML document to improve a couple of problems on these systems. For these, we based on the DOM to manipulate the modeling object documents and utilized RMI on this system without considering socket communication when it transmits and receives Java objects. We improved the security through processes of authentication. By providing templates and editing functions such as annotation, visualization of document structures, we made easier making collaborative document authoring more than ever.