• 융합보안논문지
• /
• 제23권2호
• /
• pp.37-45
• /
• 2023

사이버 기만 기술은 공격자의 활동을 모니터링하고 새로운 유형의 공격을 탐지하는 데 중요한 역할을 한다. 그러나 기만 기술의 발전과 더불어 Anti-honeypot 기술 또한 발전하여 기만환경임을 알아챈 공격자가 기만환경에서의 활동을 중단하거나 역으로 기만환경을 이용하는 사례들도 존재하지만 현재 기만 기술은 이러한 상황을 식별하거나 대응하지 못하고 있다. 본 연구에서는 마코프 체인 분석 기법을 이용하여 기만환경에 침입한 공격자의 기만환경 식별 여부 예측 모델을 제안한다. 본 연구에서 제안하는 기만 여부 판단 모델은 확인한 바로는 공격자의기만환경 식별 여부를 판단하기 위한 최초의 시도이며 기만환경을 식별한 공격자를 고려하지 않는 기존의 기만기술 기반 공격자 분석에 대한 연구의 제한사항을 극복할 수 있을 것으로 예상한다. 본 연구에서 제안한 분류 모델은 기만환경임을 식별하고 활동하는 공격자 분류에 97.5%의 높은 정확도를 보였으며 공격자의 기만환경 식별여부 예측을 통해 수많은 기만환경 침입 데이터 분석 연구에 정제된 데이터를 제공할 수 있을 것으로 기대된다.

• Journal of Information Processing Systems
• /
• 제15권1호
• /
• pp.100-115
• /
• 2019

Malicious code distribution on the Internet is one of the most critical Internet-based threats and distribution technology has evolved to bypass detection systems. As a new defense against the detection bypass technology of malicious attackers, this study proposes the automated tracing of malicious websites in a malware distribution network (MDN). The proposed technology extracts automated links and classifies websites into malicious and normal websites based on link structure. Even if attackers use a new distribution technology, website classification is possible as long as the connections are established through automated links. The use of a real web-browser and proxy server enables an adequate response to attackers' perception of analysis environments and evasion technology and prevents analysis environments from being infected by malicious code. The validity and accuracy of the proposed method for classification are verified using 20,000 links, 10,000 each from normal and malicious websites.

• 정보처리학회논문지C
• /
• 제10C권6호
• /
• pp.675-682
• /
• 2003

공격자는 시스템에 침입하기 위해 시스템 취약점을 수집한 후, 여러 공격 방법을 통해 루트권한을 획득하여 시스템 정보를 유출 및 변조하며 더 나아가선느 시스템을 파괴한다. 이러한 공격에 대응하기 위해 침입 탐지 및 차단을 위한 보안 시스템들이 많이 개발디어 왔지만, 최근 공격자들은 보안 시스템들을 우회하여 시스템에 침입하기 때문에 많은 문제가 되고 있다. 본 논문에서는 루트권한을 획득한 공격자의 불법행위를 막기 위한 보안커널모듈을 제안한다. 보안커널모듈은 추가적인 패스워드를 통해 시스템의 관리자 인증을 강화하여, 공격자가 중요 파일을 변조하고 루트킷을 설치하는 행위를 막는다. 또한 공격자의 불법 행위에 대한 경고메일을 관리자에게 실시간으로 보내서, 관리자가 메일에 포함된 정보를 통해 새로운 보안 정책을 수립하도록 한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권5호
• /
• pp.2067-2080
• /
• 2016

Cooperative spectrum sensing (CSS) for vacant licensed bands is one of the key techniques in cognitive radio networks. Currently, sequential probability ratio test scheme (SPRT) is considered as a powerful soft decision approach to improve the sensing result for CSS. However, SPRT assumes all secondary users (SU) are honest, and thus offering opportunities for malicious SUs to launch the spectrum sensing data falsification attack (SSDF attack). To combat such misbehaved behaviors, recent efforts have been made to trust mechanism. In this paper, we argue that powering SPRT with traditional trust mechanism is not enough. Dynamic SSDF attackers can maintain high trust in an alternant process of submitting honest or false sensing data, resulting in difficultly detecting them. Noting that the trust value of dymamic SSDF attackers behave highly volatile, a novel trusted SPRT scheme (VSPRT) based on volatility decay analysis is proposed in this paper to mitigate the harmful effect of dynamic SSDF attackers in the process of the soft-decision data fusion, and thus improving the accuracy of the final sensing result. Simulation results show that the VSPRT scheme outperforms the conventional SPRT schemes.

• International Journal of Computer Science & Network Security
• /
• 제21권12호
• /
• pp.213-218
• /
• 2021

This paper proposes a technique for detecting a significant threat that attempts to get sensitive and confidential information such as usernames, passwords, credit card information, and more to target an individual or organization. By definition, a phishing attack happens when malicious people pose as trusted entities to fraudulently obtain user data. Phishing is classified as a type of social engineering attack. For a phishing attack to happen, a victim must be convinced to open an email or a direct message [1]. The email or direct message will contain a link that the victim will be required to click on. The aim of the attack is usually to install malicious software or to freeze a system. In other instances, the attackers will threaten to reveal sensitive information obtained from the victim. Phishing attacks can have devastating effects on the victim. Sensitive and confidential information can find its way into the hands of malicious people. Another devastating effect of phishing attacks is identity theft [1]. Attackers may impersonate the victim to make unauthorized purchases. Victims also complain of loss of funds when attackers access their credit card information. The proposed method has two major subsystems: (1) Data collection: different websites have been collected as a big data corresponding to normal and phishing dataset, and (2) distributed detection system: different artificial algorithms are used: a neural network algorithm and machine learning. The Amazon cloud was used for running the cluster with different cores of machines. The experiment results of the proposed system achieved very good accuracy and detection rate as well.

• 가정과삶의질연구
• /
• 제13권4호
• /
• pp.71-84
• /
• 1995

This study discusses whether conflict-coping types of marital couples affect marital satisfaction. There are 5 conflict-coping types of husbands and wives which can be distinguished from each other by attitudes based on partners' answers. Women's conflict-coping types are : compromisors passives apathetics attackers and blamers. Men's conflict-coping types are : reasoners passives jubeniles attackers and volatiles. Each type of husband and wife affects their marital satisfaction. All married coulpes are categorized again by the index of withdraw/demand. As result there is a difference among 3 groups : resoner-husbadn/ any type of wife demand-husband/ withdraw-wife and demand-husband/ demand-wife. In other words when a husband is resoner-husband regardless of the type of wife their marital satisfaction is the highest. And the demand-husband / withdraw-wife type shows a more positive effect on marital satisfaction than the demand-husband/ demand-wife type.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권2호
• /
• pp.906-918
• /
• 2018

The advent of the Internet of Things (IoT) technology, which brings many benefits to our lives, has resulted in numerous IoT devices in many parts of our living environment. However, to adapt to the rapid changes in the IoT market, numerous IoT devices were widely deployed without implementing security by design at the time of development. As a result, malicious attackers have targeted IoT devices, and IoT devices lacking security features have been compromised by attackers, resulting in many security incidents. In particular, an attacker can take control of an IoT device, such as Mirai Botnet, that has insufficient security features. The IoT device can be used to paralyze numerous websites by performing a DDoS attack against a DNS service provider. Therefore, this study proposes a scheme to minimize security vulnerabilities and threats in IoT devices to improve the security of the IoT service environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권4호
• /
• pp.2171-2195
• /
• 2017

When purchasing an online product, a customer tends to be influenced strongly by its reputation, the aggregation of other customers' ratings on it. The reputation, however, is not always trustable since it can be manipulated easily by attackers who intentionally give unfair ratings to their target products. In this paper, we first address identifying trustable users who tend to give fair ratings to products in online rating systems and then propose a method of computing true reputation of a product by aggregating only those trustable users' ratings. In order to identify the trustable users, we list some candidate features that seem related significantly to the trustworthiness of users and verify the robustness of each of the features through extensive experiments. By finding and exploiting these robust features, we are able to identify trustable users and to compute true reputation effectively and efficiently based on fair ratings of those trustable users.

• 한국정보통신설비학회:학술대회논문집
• /
• 한국정보통신설비학회 2009년도 정보통신설비 학술대회
• /
• pp.387-390
• /
• 2009

Wireless Sensor Network (WSN) can easily compromised from attackers because it has the limited resource and deployed in exposed environments. When the sensitive packets are occurred such as enemy's movement or fire alarm, attackers can selectively drop them using a compromised node. It brings the isolation between the basestation and the sensor fields. To detect selective forwarding attack, Xiao, Yu and Gao proposed checkpoint-based multi-hop acknowledgement scheme (CHEMAS). The check-point nodes are used to detect the area which generating selective forwarding attacks. However, CHEMAS has static probability of selecting check-point nodes. It cannot achieve the flexibility to coordinate between the detection ability and the energy consumption. In this paper, we propose the control method for the number fo check-point nodes. Through the control method, we can achieve the flexibility which can provide the sufficient detection ability while conserving the energy consumption.

• 디지털융복합연구
• /
• 제12권10호
• /
• pp.259-264
• /
• 2014

본 논문은 디렉토리 리스팅이란 서버 시스템의 파일을 볼 수 있는 것으로 디렉토리 리스팅의 취약점을 갖고 있는 사이트를 찾는 방법과 보완하는 방법이 무엇이 있는지 알아본다. 검색 사이트인 구글을 이용하여 디렉토리 리스팅 취약점이 있는 사이트를 찾는 법, 구글 검색에 내가 운영하는 사이트가 검색되지 않는 방법과 웹 서버의 운영자가 할 수 있는 취약점 제거 방법을 제시한다.