• Title/Summary/Keyword: network threat

Search Result 422, Processing Time 0.024 seconds

Extraction of Network Threat Signatures Using Latent Dirichlet Allocation (LDA를 활용한 네트워크 위협 시그니처 추출기법)

  • Lee, Sungil;Lee, Suchul;Lee, Jun-Rak;Youm, Heung-youl
    • Journal of Internet Computing and Services
    • /
    • v.19 no.1
    • /
    • pp.1-10
    • /
    • 2018
  • Network threats such as Internet worms and computer viruses have been significantly increasing. In particular, APTs(Advanced Persistent Threats) and ransomwares become clever and complex. IDSes(Intrusion Detection Systems) have performed a key role as information security solutions during last few decades. To use an IDS effectively, IDS rules must be written properly. An IDS rule includes a key signature and is incorporated into an IDS. If so, the network threat containing the signature can be detected by the IDS while it is passing through the IDS. However, it is challenging to find a key signature for a specific network threat. We first need to analyze a network threat rigorously, and write a proper IDS rule based on the analysis result. If we use a signature that is common to benign and/or normal network traffic, we will observe a lot of false alarms. In this paper, we propose a scheme that analyzes a network threat and extracts key signatures corresponding to the threat. Specifically, our proposed scheme quantifies the degree of correspondence between a network threat and a signature using the LDA(Latent Dirichlet Allocation) algorithm. Obviously, a signature that has significant correspondence to the network threat can be utilized as an IDS rule for detection of the threat.

Air Threat Evaluation System using Fuzzy-Bayesian Network based on Information Fusion (정보 융합 기반 퍼지-베이지안 네트워크 공중 위협평가 방법)

  • Yun, Jongmin;Choi, Bomin;Han, Myung-Mook;Kim, Su-Hyun
    • Journal of Internet Computing and Services
    • /
    • v.13 no.5
    • /
    • pp.21-31
    • /
    • 2012
  • Threat Evaluation(TE) which has air intelligence attained by identifying friend or foe evaluates the target's threat degree, so it provides information to Weapon Assignment(WA) step. Most of TE data are passed by sensor measured values, but existing techniques(fuzzy, bayesian network, and so on) have many weaknesses that erroneous linkages and missing data may fall into confusion in decision making. Therefore we need to efficient Threat Evaluation system that can refine various sensor data's linkages and calculate reliable threat values under unpredictable war situations. In this paper, we suggest new threat evaluation system based on information fusion JDL model, and it is principle that combine fuzzy which is favorable to refine ambiguous relationships with bayesian network useful to inference battled situation having insufficient evidence and to use learning algorithm. Finally, the system's performance by getting threat evaluation on an air defense scenario is presented.

Response and Threat of Home Network System in Ubiquitous Environment (유비쿼터스 환경에서의 홈네트워크 시스템 침해 위협 및 대응 방안)

  • Oh, Dae-Gyun;Jeong, Jin-Young
    • Convergence Security Journal
    • /
    • v.5 no.4
    • /
    • pp.27-32
    • /
    • 2005
  • Recently The social interest regarding is coming to be high about Home Network accordong to intelligence anger of diffusions and the family home appliance machineries and tools of the superhigh speed Internet In the ubiquitous computing socioty, only neither the threat of the private life which is caused by in cyber attack will be able to increase according to the computer environment dependence degree of the individual increases in the ubiquitous computing socioty, only neither the threat of the private life which is caused by in cyber attack will be able to increase according to the computer environment dependence degree of the individual increases Beacaues of Home network is starting point to go ubiquitous computing enviorment, The Increase of Cyber attack through Internet will raise its head with the obstacle to disrupt the activation of the groove network. So there is a possibility of saying that the counter-measure preparation is urgent, In the various environment like this, It means the threat which present time than is complicated will exist. So it will analyze the Home network system environment of present time and observe the Security threat and attack type in the ubiquitous computing enviorment. So it will analyze the Home network system environment of present time and observe the Security threat and attack type in the ubiquitous computing enviorment.

  • PDF

Threat Classification Schemes for Effective Management based on W-TMS(Wireless-Threat Management System) (W-TMS(Wireless-Threat Management System)에서의 효율적 관리를 위한 위협 분류기법)

  • Seo, Jong-Won;Jo, Je-Gyeong;Lee, Hyung-Woo
    • The Journal of the Korea Contents Association
    • /
    • v.7 no.3
    • /
    • pp.93-100
    • /
    • 2007
  • Internet had spread in all fields with the fast speed during the last 10 years. Lately, wireless network is also spreading rapidly. Also, number of times that succeed attack attempt and invasion for wireless network is increasing rapidly TMS system was developed to overcome these threat on wireless network. Existing TMS system supplies active confrontation mechanism on these threats. However, existent TMS has limitation that new form of attack do not filtered efficiently. Therefor this paper proposes a new method that it automatically compute the threat from the imput packets with vector space model and detect anomaly detection of wireless network. Proposed mechanism in this research analyzes similarity degree between packets, and detect something wrong symptom of wireless network and then classify these threats automatically.

Threat Map Generation Scheme based on Neural Network for Robot Path Planning (로봇 전역경로계획을 위한 신경망 기반 위협맵 생성 기법)

  • Kwak, Hwy-Kuen;Kim, Hyung-Jun
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.15 no.7
    • /
    • pp.4482-4488
    • /
    • 2014
  • This paper proposes the creation scheme of a threat map for robot global path planning. The threat map was generated using neural network theory by analyzing the robot's armament state and the menace information of an enemy or obstacle. In addition, the performance of the suggested method was verified using the compared result of the damage amount and existing robot path data.

Using Machine Learning Techniques for Accurate Attack Detection in Intrusion Detection Systems using Cyber Threat Intelligence Feeds

  • Ehtsham Irshad;Abdul Basit Siddiqui
    • International Journal of Computer Science & Network Security
    • /
    • v.24 no.4
    • /
    • pp.179-191
    • /
    • 2024
  • With the advancement of modern technology, cyber-attacks are always rising. Specialized defense systems are needed to protect organizations against these threats. Malicious behavior in the network is discovered using security tools like intrusion detection systems (IDS), firewall, antimalware systems, security information and event management (SIEM). It aids in defending businesses from attacks. Delivering advance threat feeds for precise attack detection in intrusion detection systems is the role of cyber-threat intelligence (CTI) in the study is being presented. In this proposed work CTI feeds are utilized in the detection of assaults accurately in intrusion detection system. The ultimate objective is to identify the attacker behind the attack. Several data sets had been analyzed for attack detection. With the proposed study the ability to identify network attacks has improved by using machine learning algorithms. The proposed model provides 98% accuracy, 97% precision, and 96% recall respectively.

Security Threat Evaluation for Smartgrid Control System (스마트그리드 제어시스템 보안 위협 평가 방안 연구)

  • Ko, Jongbin;Lee, Seokjun;Shon, Taeshik
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.5
    • /
    • pp.873-883
    • /
    • 2013
  • Security vulnerability quantification is the method that identify potential vulnerabilities by scoring vulnerabilities themselves and their countermeasures. However, due to the structural feature of smart grid system, it is difficult to apply existing security threat evaluation schemes. In this paper, we propose a network model to evaluate smartgrid security threat for AMI and derive attack scenarios. Additionally, we show that the result of security threat evaluation for proposed network model and attack scenario by applying MTTC scheme.

Threat Modeling and Risk Analysis: PS4 Remote Play with PC (Threat Modeling을 이용한 PS4와 PC간의 Remote Play 상황 속 위험 분석)

  • Kim, Hye Min;Kim, Huy Kang
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.1
    • /
    • pp.135-143
    • /
    • 2018
  • Sony has recently launched a remote play service that connects PC and PlayStation4 using the Internet. This service enables the network connection between the external network and PS4 network. After the service released, additional security threats may arise in remote environments with new services. Therefore, those threats should have been analyzed. In this paper, as applying threat modeling to remote play system, threats have been analyzed and identified. After cost-effective and usability analysis, finally, reasonable security measure of each threat has been suggested.

A Study on the Insider Behavior Analysis Framework for Detecting Information Leakage Using Network Traffic Collection and Restoration (네트워크 트래픽 수집 및 복원을 통한 내부자 행위 분석 프레임워크 연구)

  • Kauh, Janghyuk;Lee, Dongho
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.13 no.4
    • /
    • pp.125-139
    • /
    • 2017
  • In this paper, we developed a framework to detect and predict insider information leakage by collecting and restoring network traffic. For automated behavior analysis, many meta information and behavior information obtained using network traffic collection are used as machine learning features. By these features, we created and learned behavior model, network model and protocol-specific models. In addition, the ensemble model was developed by digitizing and summing the results of various models. We developed a function to present information leakage candidates and view meta information and behavior information from various perspectives using the visual analysis. This supports to rule-based threat detection and machine learning based threat detection. In the future, we plan to make an ensemble model that applies a regression model to the results of the models, and plan to develop a model with deep learning technology.

A Study on the Analysis of Security Requirements through Literature Review of Threat Factors of 5G Mobile Communication

  • DongGyun Chu;Jinho Yoo
    • Journal of Information Processing Systems
    • /
    • v.20 no.1
    • /
    • pp.38-52
    • /
    • 2024
  • The 5G is the 5th generation mobile network that provides enhanced mobile broadband, ultra-reliable & low latency communications, and massive machine-type communications. New services can be provided through multi-access edge computing, network function virtualization, and network slicing, which are key technologies in 5G mobile communication. However, these new technologies provide new attack paths and threats. In this paper, we analyzed the overall threats of 5G mobile communication through a literature review. First, defines 5G mobile communication, analyzes its features and technology architecture, and summarizes possible security issues. Addition, it presents security threats from the perspective of user devices, radio access network, multi-access edge computing, and core networks that constitute 5G mobile communication. After that, security requirements for threat factors were derived through literature analysis. The purpose of this study is to conduct a fundamental analysis to examine and assess the overall threat factors associated with 5G mobile communication. Through this, it will be possible to protect the information and assets of individuals and organizations that use 5G mobile communication technology, respond to various threat situations, and increase the overall level of 5G security.