• Journal of Advanced Navigation Technology
• /
• v.13 no.3
• /
• pp.419-425
• /
• 2009

The amount of incoming e-mails is increasing rapidly due to the wide usage of Internet. Therefore, it is more required to classify incoming e-mails efficiently and accurately. Currently, the e-mail classification techniques are focused on two way classification to filter spam mails from normal ones based mainly on Bayesian and Rule. The clustering method has been used for the multi-way classification of e-mails. But it has a disadvantage of low accuracy of classification and no category labels. The classification methods have a disadvantage of training and setting of category labels by user. In this paper, we propose a novel multi-way e-mail hierarchy classification method that uses PCA for automatic category generation and dynamic category hierarchy for high accuracy of classification. It classifies a huge amount of incoming e-mails automatically, efficiently, and accurately.

• Journal of KIISE:Computing Practices and Letters
• /
• v.15 no.1
• /
• pp.47-55
• /
• 2009

Bot is a kind of worm/virus that is remotely controlled by a herder. Bot can be used to launch distributed denial-of-service(DDoS) attacks or send spam e-mails etc. Launching cyber attacks using malicious Bots is motivated by increased monetary gain which is not the objective of worm/virus. However, it is very difficult for infected user to detect this infection of Botnet which becomes more serious problems. This is why botnet is a dangerous, malicious program. The Bot DNS Sinkhole is a domestic bot mitigation scheme which will be proved in this paper as one of an efficient ways to prevent malicious activities caused by bots and command/control servers. In this paper, we analysis botnet activities over more than one-year period, including Bot's lifetime, Bot command/control server's characterizing. And we analysis more efficient ways to prevent botnet activities. We have showed that DNS sinkhole scheme is one of the most effective Bot mitigation schemes.

• Journal of Internet Computing and Services
• /
• v.15 no.1
• /
• pp.125-134
• /
• 2014

As the social media which was simple communication media is activated on account of twitter and facebook, it's usability and importance are growing recently. Although many companies are making full use of its the capacity of information diffusion for marketing, the adverse effects of this capacity are growing. Because social network is formed and communicates based on friendships and relationships, the spreading speed of the spam and mal-ware is very swift. In this paper, we draw parameters affecting malicious data diffusion in social network environment, and compare and analyze the diffusion capacity of each parameters by propagation experiment with XSS Worm and Koobface Worm. In addition, we discuss the structural characteristics of social network environment and then proposed malicious data propagation model based on parameters affecting information diffusion. n this paper, we made up BA and HK models based on SI model, dynamic model, to conduct the experiments, and as a result of the experiments it was proved that parameters which effect on propagation of XSS Worm and Koobface Worm are clustering coefficient and closeness centrality.

• The Korean Journal of Applied Statistics
• /
• v.30 no.5
• /
• pp.681-690
• /
• 2017

Various imbalanced binary classification problems exist such as fraud detection in banking operations, detecting spam mail and predicting defective products. Several sampling methods such as over sampling, under sampling, SMOTE have been developed to overcome the poor prediction performance of binary classifiers when the proportion of one group is dominant. In order to overcome this problem, several sampling methods such as over-sampling, under-sampling, SMOTE have been developed. In this study, we investigate prediction performance of logistic regression, Lasso, random forest, boosting and support vector machine in combination with the sampling methods for binary imbalanced data. Four real data sets are analyzed to see if there is a substantial improvement in prediction performance. We also emphasize some precautions when the sampling methods are implemented.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.3
• /
• pp.113-120
• /
• 2012

VoIP provides voice data service using existing IP networks and has received much attention recently. VoIP service has a variety of security vulnerabilities. Types of main attacks on VoIP service are tapping/interception, DoS attacks, spam, misuse of service attacks and the like. Of these, confidential information leak because of tapping/interception has been considered as a critical problem. Encryption techniques, such as SRTP and ZRTP, are mostly used to prevent tap and intercept on VoIP media information. In general, VoIP service has two service scenarios. First, VoIP service operates within a single private network. Second, VoIP service operates between different private networks. Both SRTP and ZRTP for VoIP media information within a single private network can perform encryption. But they can not perform encryption between different private networks. In order to solve this problem, in this paper, we modify SRTP protocol. And then, we propose an encryption method that can perform encryption of VoIP media information between the different private networks.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.1
• /
• pp.69-74
• /
• 2018

Recently, personal information leakage has caused phishing and spam. Previously developed systems focus on preventing personal information leakage. Therefore, there is a problem that the leakage of personal information can not be discriminated if there is already leaked personal information. In this paper, we propose a personal information hazard classification system based on web document analysis that calculates the hazard. The system collects web documents from the Twitter server and checks whether there are any user-entered search terms in the web documents. And we calculate the hazard classification weighting of the personal information leaked in the web documents and confirm the authority of the Twitter account that distributed the personal information. Based on this, the hazard can be derived and the user can be informed of the leakage of personal information of the web document.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.237-240
• /
• 2011

Voice over Internet Protocol calls using administrative agency to build a national information and communication service, 'C' group, providers, the KT, SK Broadband, LG U+, Samsung SDS, as there are four operators. To prepare for an attack on Voice over Internet Protocol for administrative agency, security is a need for research to support the model. In this paper, the Internet telephone business of Administrative Agency to investigate and analyze the specific security measures to respond. Should set priorities around confidentiality about five security threats from NIS to Study of Voice over Internet Protocol Security Response Model for Administrative Agency. (1) Illegal wiretapping, (2) call interception, (3) service misuse, (4) denial of service attacks, (5) spam attacks, write about and analyze attack scenarios. In this paper, an analysis of protection by security threats and security breaches through a step-by-step system to address the research study is a step-by-step development of the corresponding model.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.3
• /
• pp.25-32
• /
• 2019

The core of the block chain technology is solving the problem of agreement on double payment, and the PoW, PoS and DPoS algorithms used for this have been studied. PoW in-process proofs are consensus systems that require feasible efforts to prevent minor or malicious use of computing capabilities, such as sending spam e-mail or initiating denial of service (DoS) attacks. The proof of the PoS is made to solve the Nothing at stake problem as well as the energy waste of the proof of work (PoW) algorithm, and the decision of the sum of each node is decided according to the amount of money, not the calculation ability. DPoS is that a small number of authorized users maintain a trade consensus through a distributed network, whereas DPS provides consent authority to a small number of representatives, whereas PoS has consent authority to all users. If PoS is direct democracy, DPoS is indirect democracy. This study aims to contribute to the continuous development of the related field through the study of the algorithm of the block chain agreement.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2004.05a
• /
• pp.1087-1090
• /
• 2004

인터넷이 발전함에 따라 기업의 업무, 커뮤니케이션 등이 온라인으로 전환되고 있으며, 정보 전달의 통로로써 전자 메일의 사용이 나날이 늘어남과 동시에 전자 메일을 통한 스팸메일의 폭발적인 증가로 인한 심각성 또한 대두되고 있다. 현재 스팸메일을 막기 위한 여러 가지 방법이 제안되었으나, 대부분 메일 서버내의 정책에 따른 메일 필터링 방식으로써 완벽한 스팸메일 탐지를 제공하지 못하며, 스팸메일로 인한 메일서버 및 네트워크 자원 손실 문제는 여전히 해결되지 않고 있다. 본 논문에서는 스팸메일 탐지율을 높이고 네트워크 내 자원 손실을 예방할 수 있는 SMTP 보안 게이트웨이를 제안하고자 한다. 본 SMTP 보안 게이트웨이는 스팸메일 차단 규칙에 의한 메일 필터링을 기본적으로 제공하고, 룰에 정의되지 않은 메일에 대해서는 사용자 선택에 기반한 메일 전송을 제공한다. 이는 규칙에 정의되지 않은 스팸메일에 대한 탐지 가능성을 높이며, 궁극적으로 메일서버의 자원 및 네트워크 자원의 가용성을 높일 수 있다.

• KIPS Transactions on Software and Data Engineering
• /
• v.8 no.7
• /
• pp.275-288
• /
• 2019

In this paper, we consider a rumor source inference problem when sufficiently many nodes heard the rumor in the network. This is an important problem because information spread in networks is fast in many real-world phenomena such as diffusion of a new technology, computer virus/spam infection in the internet, and tweeting and retweeting of popular topics and some of this information is harmful to other nodes. This problem has been much studied, where it has been shown that the detection probability cannot be beyond 31% even for regular trees if the number of infected nodes is sufficiently large. Motivated by this, we study the impact of query that is asking some additional question to the candidate nodes of the source and propose budget assignment algorithms of a query when the network administrator has a finite budget. We perform various simulations for the proposed method and obtain the detection probability that outperforms to the existing prior works.