• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.7
• /
• pp.613-621
• /
• 2019

Recently, with the development of the Internet of Things (IoT) and cloud computing technologies, security threats have increased as malicious codes infect IoT devices, and new malware spreads ransomware to cloud servers. In this study, we propose a threat-detection technique that checks obfuscated script patterns to compensate for the shortcomings of conventional signature-based and behavior-based detection methods. Proposed is a malicious code-detection technique that is based on malicious script-pattern analysis that can detect zero-day attacks while maintaining the existing detection rate by registering and checking derived distribution patterns after analyzing the types of malicious scripts distributed through websites. To verify the performance of the proposed technique, a prototype system was developed to collect a total of 390 malicious websites and experiment with 10 major malicious script-distribution patterns derived from analysis. The technique showed an average detection rate of about 86% of all items, while maintaining the existing detection speed based on the detection rule and also detecting zero-day attacks.

• International Journal of Knowledge Content Development & Technology
• /
• v.11 no.4
• /
• pp.101-111
• /
• 2021

The world is going through the most unprecedented time with the outbreak of novel Coronavirus disease (COVID-19), which has become a threat to millions. A Coronavirus is a group of viruses that cause a variety of diseases in mammals and birds leading to a range of illnesses in humans including common cold and more severe forms like severe acute respiratory syndrome Coronavirus (SARS-CoV), Middle East respiratory syndrome Coronavirus (MERS-CoV) and COVID-19, which are life-threatening. The virus gets its name from its shape which takes the form of a crown with protrusions around it. In December 2019, a pneumonia outbreak was reported in the Wuhan City of China, which was later traced to a novel strain of Coronavirus and termed as Novel COVID-19. It typically causes flu-like symptoms including fever, cough and shortness of breath and is transmitted through human-to-human and there is no cure for it till now. Thus, this bibliometric study has been carried out to analyze the research progress in Coronavirus and literature published during a period of 30 years (1989-2019). Data for the study were fetched from Web of Science(WoS) multidisciplinary database and the publication trends in terms of total articles, productive countries, institutions, journals, productive authors, most cited articles and authors, etc have been analyzed. In total, 4917 articles were retrieved; these were from 711 sources and were contributed by 14442 authors. The collaboration index was 3.11, which clearly indicates that there has been a lot of collaboration in this field. The most preferred journal for the study period was "Journal of Virology" and the maximum contribution has been from the University of Hong Kong.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.44 no.4
• /
• pp.193-207
• /
• 2021

As Deepfakes phenomenon is spreading worldwide mainly through videos in web platforms and it is urgent to address the issue on time. More recently, researchers have extensively discussed deepfake video datasets. However, it has been pointed out that the existing Deepfake datasets do not properly reflect the potential threat and realism due to various limitations. Although there is a need for research that establishes an agreed-upon concept for high-quality datasets or suggests evaluation criterion, there are still handful studies which examined it to-date. Therefore, this study focused on the development of the evaluation criterion for the Deepfake video dataset. In this study, the fitness of the Deepfake dataset was presented and evaluation criterions were derived through the review of previous studies. AHP structuralization and analysis were performed to advance the evaluation criterion. The results showed that Facial Expression, Validation, and Data Characteristics are important determinants of data quality. This is interpreted as a result that reflects the importance of minimizing defects and presenting results based on scientific methods when evaluating quality. This study has implications in that it suggests the fitness and evaluation criterion of the Deepfake dataset. Since the evaluation criterion presented in this study was derived based on the items considered in previous studies, it is thought that all evaluation criterions will be effective for quality improvement. It is also expected to be used as criteria for selecting an appropriate deefake dataset or as a reference for designing a Deepfake data benchmark. This study could not apply the presented evaluation criterion to existing Deepfake datasets. In future research, the proposed evaluation criterion will be applied to existing datasets to evaluate the strengths and weaknesses of each dataset, and to consider what implications there will be when used in Deepfake research.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.390-399
• /
• 2022

Cyber security and resilience are phrases that describe safeguards of ICTs (information and communication technologies) from cyber-attacks or mitigations of cyber event impacts. The sole purpose of Risk models are detections, analyses, and handling by considering all relevant perceptions of risks. The current research effort has resulted in the development of a new paradigm for safeguarding services offered online which can be utilized by both service providers and users. customers. However, rather of relying on detailed studies, this approach emphasizes task selection and execution that leads to successful risk treatment outcomes. Modelling intelligent CSGs (Cyber Security Games) using MLTs (machine learning techniques) was the focus of this research. By limiting mission risk, CSGs maximize ability of systems to operate unhindered in cyber environments. The suggested framework's main components are the Threat and Risk models. These models are tailored to meet the special characteristics of online services as well as the cyberspace environment. A risk management procedure is included in the framework. Risk scores are computed by combining probabilities of successful attacks with findings of impact models that predict cyber catastrophe consequences. To assess successful attacks, models emulating defense against threats can be used in topologies. CSGs consider widespread interconnectivity of cyber systems which forces defending all multi-step attack paths. In contrast, attackers just need one of the paths to succeed. CSGs are game-theoretic methods for identifying defense measures and reducing risks for systems and probe for maximum cyber risks using game formulations (MiniMax). To detect the impacts, the attacker player creates an attack tree for each state of the game using a modified Extreme Gradient Boosting Decision Tree (that sees numerous compromises ahead). Based on the findings, the proposed model has a high level of security for the web sources used in the experiment.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.10
• /
• pp.1525-1530
• /
• 2022

BGP(Border Gateway Protocol) is a routing protocol that is actively used in inter-AS routing on the Internet. However, BGP routing protocol is vulnerable to BGP hijacking attacks that hijack the network by impersonating normal BGP sessions. BGP Hijacking attacks can lead to causing intercept IP traffic or interference with the normal service operation. Recently, BGP hijacking attacks, which have often occurred overseas, have also occurred in Korea. It means threatening the security of the Internet. In this paper, we analyze the overall process of attack through representative attack cases and virtual scenarios of BGP hijacking and based on the results of analyzing the application status of security technology to prevent BGP hijacking attacks by Korea and global major ISPs. It covers the technical proposal of ISPs and autonomous system operators should take to defend against BGP hijacking attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1105-1114
• /
• 2021

Due to the recent surge in popularity of cryptocurrency, the threat of cryptojacking, a malicious code for mining cryptocurrencies, is increasing. In particular, web-based cryptojacking is easy to attack because the victim can mine cryptocurrencies using the victim's PC resources just by accessing the website and simply adding mining scripts. The cryptojacking attack causes poor performance and malfunction. It can also cause hardware failure due to overheating and aging caused by mining. Cryptojacking is difficult for victims to recognize the damage, so research is needed to efficiently detect and block cryptojacking. In this work, we take representative distinct symptoms of cryptojacking as an indicator and propose a new architecture. We utilized the K-Nearst Neighbors(KNN) model, which trained computer performance indicators as behavior-based dynamic analysis techniques. In addition, a K-means model, which trained the frequency of malicious script words for script similarity-based static analysis techniques, was utilized. The KNN model had 99.6% accuracy, and the K-means model had a silhouette coefficient of 0.61 for normal clusters.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.192-194
• /
• 2022

This paper analyzes the attack method of pastejacking and proposes a clip toaster that can effectively defend it. When programming, developers often copy and paste code from GitHub, Stack Overflow, or blogs. Pastejacking is an attack that injects malicious data into the clipboard when a user copies code posted on the web, resulting in security threats by executing malicious commands that the user does not intend or by inserting dangerous code snippets into the software. In this paper, we propose clip toaster to visualize and alertusers of threats to defend pastejacking that threatens the security of the developer's terminal and program code. Clip Toaster can visualize security threat notifications and effectively detect and respond to attacks without interfering with user actions.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.33-41
• /
• 2023

In recent years, advanced persistent threat (APT) attack organizations have exploited various vulnerabilities and attack techniques to target companies and institutions with national core technologies, distributing ransomware and demanding payment, stealing nationally important industrial secrets and distributing them on the black market (dark web), selling them to third countries, or using them to close the technology gap, requiring national-level security preparations. In this paper, we analyze the attack methods of attack organizations such as Kimsuky and Lazarus that caused industrial secrets leakage damage through APT attacks in Korea using the MITRE ATT&CK framework, and derive 26 cybersecurity-related administrative, physical, and technical security requirements that a company's security system should be equipped with. We also proposed a security framework and system configuration plan to utilize the security requirements in actual field. The security requirements presented in this paper provide practical methods and frameworks for security system developers and operators to utilize in security work to prevent leakage of corporate industrial secrets. In the future, it is necessary to analyze the advanced and intelligent attacks of various APT attack groups based on this paper and further research on related security measures.

• 한국균학회소식:학술대회논문집
• /
• 2014.10a
• /
• pp.11-11
• /
• 2014

Fungal pathogens have huge impact on health and economic wellbeing of human by causing life-threatening mycoses in immune-compromised patients or by destroying crop plants. A key determinant of fungal pathogenesis is their ability to undergo developmental change in response to host or environmental factors. Genetic pathways that regulate such morphological transitions and adaptation are therefore extensively studied during the last few decades. Given that epigenetic as well as genetic components play pivotal roles in development of plants and mammals, contribution of microbial epigenetic counterparts to this morphogenetic process is intriguing yet nearly unappreciated question to date. To bridge this gap in our knowledge, we set out to investigate histone modifications among epigenetic mechanisms that possibly regulate fungal adaptation and processes involved in pathogenesis of a model plant pathogenic fungus, Magnaporthe oryzae. M. oryzae is a causal agent of rice blast disease, which destroys 10 to 30% of the rice crop annually. Since the rice is the staple food for more than half of human population, the disease is a major threat to global food security. In addition to the socioeconomic impact of the disease it causes, the fungus is genetically tractable and can undergo well-defined morphological transitions including asexual spore production and appressorium (a specialized infection structure) formation in vitro, making it a model to study fungal development and pathogenicity. For functional and comparative analysis of histone modifications, a web-based database (dbHiMo) was constructed to archive and analyze histone modifying enzymes from eukaryotic species whose genome sequences are available. Histone modifying enzymes were identified applying a search pipeline built upon profile hidden Markov model (HMM) to proteomes. The database incorporates 22,169 histone-modifying enzymes identified from 342 species including 214 fungal, 33 plants, and 77 metazoan species. The dbHiMo provides users with web-based personalized data browsing and analysis tools, supporting comparative and evolutionary genomics. Based on the database entries, functional analysis of genes encoding histone acetyltransferases and histone demethylases is under way. Here I provide examples of such analyses that show how histone acetylation and methylation is implicated in regulating important aspects of fungal pathogenesis. Current analysis of histone modifying enzymes will be followed by ChIP-Seq and RNA-seq experiments to pinpoint the genes that are controlled by particular histone modifications. We anticipate that our work will provide not only the significant advances in our understanding of epigenetic mechanisms operating in microbial eukaryotes but also basis to expand our perspective on regulation of development in fungal pathogens.

• Journal of the Korea Convergence Society
• /
• v.6 no.6
• /
• pp.293-299
• /
• 2015

MOOC (Massive Open Online Course) is an online course aimed at limited participation and open access via the web. There is even the prospect that MOOC may break down the existing university system and open a new horizon of education. However, MOOC is going differently from the first prospect that it would threat the existing higher education institutions. So this study wishes to provide a starting point of discussion that we can produce and utilize MOOC to fit our situation of higher education by revealing the inherent problems of MOOC. MOOC is a basically online education, so that it cannot help inheriting the essential weakness of the existing one: the interaction, supervision and evaluation. The newly added concept 'massive' raises the problem of class size which is the most sensitive part in the field of education. The concept 'open' reverses a customized education because MOOC is a kind of video clips of a lecture for unspecific massive learners. As a conclusion, we predicts that MOOC will be positioned as a higher education service for very prominent learners in self-led learning ability and people who cannot access even traditional online higher education institutions. Also MOOC is highly likely to be used as a means of Flipped Learning in universities. Therefore, considering these points in the future, we need to develop MOOC to suit these targets.