• Journal of Convergence Society for SMB
• /
• v.5 no.2
• /
• pp.1-6
• /
• 2015

Small and medium-sized companies lack countermeasures to secure the safety of a information system. In this circumstance, they have difficulties regarding the damage to their images and legal losses, when the information is leaked. This paper examines the information leakage of the system and hacking methods including APT attacks. Especially, APT attack, Advanced Persistent Threats, means that a hacker sneaks into a target and has a latency period of time and skims all the information related to the target, and acts in the backstage and neutralize the security services without leaving traces. Because he attacks the target covering up his traces not to reveal them, the victim remains unnoticed, which increases the damage. This study examines attack methods and the process of them and seeks a countermeasure.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.6
• /
• pp.1-9
• /
• 2015

Recently, with smart device proliferation and providing the various services using this, they have interested in mobile and Smart TV security. Smartphone users are enjoying various service, such as cloud, game, banking. But today's mobile security solutions and Study of Smart TV Security simply stays at the level of malicious code detection, mobile device management, security system itself. Accordingly, there is a need for technology for preventing hacking and leakage of sensitive information, such as certificates, legal documents, individual credit card number. To solve this problem, a variety of security technologies(mobile virtualization, ARM TrustZone, GlobalPlatform, MDM) in mobile devices have been studied. In this paper, we propose an efficient method to implement security technology based on TYPE-I virtualization using ARM TrustZone technology.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1431-1439
• /
• 2017

In the security field, log analysis is important to detect malware or abnormal behavior. Recently, image visualization techniques for malware dectection becomes to a major part of security. These techniques can also be used in online games. Users can leave a game when they felt bad experience from game bot, automatic hunting programs, malicious code, etc. This churning can damage online game's profit and longevity of service if game operators cannot detect this kind of events in time. In this paper, we propose a new technique of PNG image conversion based churn prediction to improve the efficiency of data analysis for the first. By using this log compression technique, we can reduce the size of log files by 52,849 times smaller and increase the analysis speed without features analysis. Second, we apply data mining technique to predict user's churn with a real dataset from Blade & Soul developed by NCSoft. As a result, we can identify potential churners with a high accuracy of 97%.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.45-53
• /
• 2021

When the security monitoring system is performed in a separation network, there is little normal anomaly detection in internal networks or high-risk sections. Therefore, after the establishment of the security network, a model is needed to evaluate state-of-the-art cyber threat anomalies for internal network in separation network to complete the optimized security structure. In this study, We evaluate it by generating datasets of cyber vulnerabilities and malicious code arising from general and separation networks, It prepare for the latest cyber vulnerabilities in internal network cyber attacks to analyze threats, and established a cyber security test evaluation system that fits the characteristics. The study designed an evaluation model that can be applied to actual separation network institutions, and constructed a test data set for each situation and applied a real-time security assessment model.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.11
• /
• pp.46-52
• /
• 2017

Along with the expansion of areas in which ICT and Internet of Things (IoT) devices are utilized, open source software has recently expanded its scope of applications to include computers, smart phones, and IoT devices. Hence, as the scope of open source software applications has varied, there have been increasing malicious attempts to attack the weaknesses of open source software. In order to address this issue, various secure coding programs have been developed. Nevertheless, numerous vulnerabilities are still left unhandled. This paper provides some methods to handle newly raised weaknesses based on the analysis of histories and patterns of previous open source vulnerabilities. Through this study, we have designed a weaknesses analysis system that utilizes weakness histories and pattern learning, and we tested the performance of the system by implementing a prototype model. For five vulnerability categories, the average vulnerability detection time was shortened by about 1.61 sec, and the average detection accuracy was improved by 44%. This paper can provide help for researchers studying the areas of weaknesses analysis and for developers utilizing secure coding for weaknesses analysis.