• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.937-939
• /
• 2014

Recently, an intelligent APT(Advanced Persistent Threat) attack which aims to a special target is getting to be greatly increased. It is very hard to protect with existing intrusion detection methods because of the difficulties to protect the initial intrusion of malicious code. In this paper, we analyze out-bound traffics to prevent call-back step after malicious code intrusion, and propose an APT malicious traffic detection method with considering of trust. The proposed method is expected to provide a basement to improve the detection rate in comparing with that of existing detection methods.

• Convergence Security Journal
• /
• v.7 no.1
• /
• pp.19-27
• /
• 2007

Detecting unknown threats is a paradox ; how do you detect a threat if it is not known to exist? The answer is that unknown threat detection is the process of making a previously unknown threat identifiable in the shortest possible time frame. This paper examines the possibility of creating an unknown threat detection mechanism that security experts can use for developing a flexible protection system for networks. A system that allows the detection of unknown threats through monitoring system and the incorporation of dynamic and flexible logics with situational knowledge is described as well as the mechanisms used to develop such a system is illustrated. The system not only allows the detection of new threats but does so in a fast and efficient manner to increase the available time for responding to these threats.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.868-871
• /
• 2005

We proposed the detection method and security threat under ubiquitous surroundings. We described the problems that must be faced in the design of such a wireless protocol model. The internet is a natural and universal means of providing this interconnection. The networking of these ubiquitous computing devices is driven by the synergy between three trends. In this paper, we analysed the security model under ubiquitous surroundings.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.1
• /
• pp.131-138
• /
• 2024

The ability of Combat Management System(CMS) to respond quickly and accurately to threat to a naval vessel is directly related to the survivability and combat power of the vessel. However, current method for detecting enemy submarine periscope in CMS rely on manual and subjective method that require operators to manually verify and analyze information received from sensor. This delays the response time to the threat, making the vessel less viable. This paper introduces a periscope detection algorithm that classifies the plot information generated by High Resolution Range Profile(HRRP) into probability-based suspicion classes and dramatically reduces threat response time through classified notifications. Algorithm validation showed 133.3791 × 10⁶ times faster and 12.78%p higher detection rate than operator, confirming the potential for reduces threat response time to increase vessel survivability.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.4
• /
• pp.125-139
• /
• 2017

In this paper, we developed a framework to detect and predict insider information leakage by collecting and restoring network traffic. For automated behavior analysis, many meta information and behavior information obtained using network traffic collection are used as machine learning features. By these features, we created and learned behavior model, network model and protocol-specific models. In addition, the ensemble model was developed by digitizing and summing the results of various models. We developed a function to present information leakage candidates and view meta information and behavior information from various perspectives using the visual analysis. This supports to rule-based threat detection and machine learning based threat detection. In the future, we plan to make an ensemble model that applies a regression model to the results of the models, and plan to develop a model with deep learning technology.

• Convergence Security Journal
• /
• v.3 no.2
• /
• pp.67-70
• /
• 2003

Since IT industries grew, The information security of both individual and company has come to the front. But, nowadays, It is very hard to satisfy the diversity of security Protection Profile with simple Intrusion Detection System, because of highly developed Intrusion Skills. The Intrusion Detection System is the system that detects, reports and copes with of every kind of Intrusion actions immediately. In this paper, we compare the concept of IDS PPs and analyze the threat of PP.

• Science of Emotion and Sensibility
• /
• v.25 no.1
• /
• pp.21-28
• /
• 2022

People differ greatly in their capacity to persist in the face of challenges. Despite significant research, relatively little is known about cognitive factors that might be involved in perseverance. Building upon human threat-management mechanism, we predicted that perseverant people would be characterized by reduced sensitivity (i.e., longer detection latency) to threat cues. Our data from 5,898 job applicants showed that highly perseverant individuals required more time to correctly identify anger in faces, regardless of stimulus type (dynamic or static computer-morphed faces). Such individual differences were not observed in response to other facial expressions (happiness, sadness), and the effect was independent of gender, dispositional anxiety, or conscientiousness. Discussions were centered on the potential role of threat sensitivity in effortful pursuit of goals.

• Journal of IKEEE
• /
• v.23 no.4
• /
• pp.1134-1139
• /
• 2019

One of the most important applications of computer vision algorithms is the detection of threat objects in x-ray security images. However, in the practical setting, this task is complicated by two properties inherent to the dataset, namely, the problem of class imbalance and visual complexity. In our previous work, we resolved the class imbalance problem by using a GAN-based anomaly detection to balance out the bias induced by training a classification model on a non-practical dataset. In this paper, we propose a new method to alleviate the visual complexity problem by using a KNN-based automatic cropping algorithm to remove distracting and irrelevant information from the x-ray images. We use the cropped images as inputs to our current model. Empirical results show substantial improvement to our model, e.g. about 3% in the practical dataset, thus further outperforming previous approaches, which is very critical for security-based applications.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1887-1898
• /
• 2018

In this paper, a method to classify insider threat activity is introduced. The internal threats help detecting anomalous activity in the procedure performed by the user in an organization. When an anomalous value deviating from the overall behavior is displayed, we consider it as an inside threat for classification as an inside intimidator. To solve the situation, Markov Chain Model is employed. The Markov Chain Model shows the next state value through an arbitrary variable affected by the previous event. Similarly, the current activity can also be predicted based on the previous activity for the insider threat activity. A method was studied where the change items for such state are defined by a transition probability, and classified as detection of anomaly of the inside threat through values for a probability variable. We use the properties of the Markov chains to list the behavior of the user over time and to classify which state they belong to. Sequential data sets were generated according to the influence of n occurrences of Markov attribute and classified by machine learning algorithm. In the experiment, only 15% of the Cert: insider threat dataset was applied, and the result was 97% accuracy except for NaiveBayes. As a result of our research, it was confirmed that the Markov Chain Model can classify insider threats and can be fully utilized for user behavior classification.

• Science of Emotion and Sensibility
• /
• v.23 no.3
• /
• pp.47-62
• /
• 2020

The snake detection theory posits that, due to competition with snakes, the primate visual system has been evolved to detect camouflaged snakes. Specifically, one of its hypotheses states that the subcortical visual pathway mainly consisting of koniocellular cells enables humans to automatically detect the threat of snakes without consuming mental resources. Here we tested the hypothesis by comparing human participants' responses to snakes with those to fearful faces and flowers. Participants viewed either original images or converted ones, which lacked the differences in color, luminance, contrast, and spatial frequency energies between categories. While participants in Experiment 1 produced valence and arousal ratings to each image, those in Experiment 2 detected target images in the breaking continuous flash suppression (bCFS) paradigm. As a result, visual factors influenced the responses to snakes most strongly. After minimizing visual differences, snakes were rated as being less negative and less arousing, and detected more slowly from suppression. In contrast, the images of the other categories were less affected by image conversion. In particular, fearful faces were rated as greater threats and detected more quickly than other categories. In addition, for snakes, changes in arousal ratings and those in bCFS response times were negatively correlated: Those snake images, the arousal ratings of which decreased, produced increased detection latency. These findings suggest that the influence of snakes on human responses to threat is limited relative to fearful faces, and that detection responses in bCFS share common processing mechanisms with conscious ratings. In conclusion, the current study calls into question the assumption that snake detection in humans is a product of unconscious subcortical visual processing.