• International Journal of Computer Science & Network Security
• /
• 제23권8호
• /
• pp.177-189
• /
• 2023

Malware detection is an increasingly important operational focus in cyber security, particularly given the fast pace of such threats (e.g., new malware variants introduced every day). There has been great interest in exploring the use of machine learning techniques in automating and enhancing the effectiveness of malware detection and analysis. In this paper, we present a deep recurrent neural network solution as a stacked Long Short-Term Memory (LSTM) with a pre-training as a regularization method to avoid random network initialization. In our proposal, we use global and short dependencies of the inputs. With pre-training, we avoid random initialization and are able to improve the accuracy and robustness of malware threat hunting. The proposed method speeds up the convergence (in comparison to stacked LSTM) by reducing the length of malware OpCode or bytecode sequences. Hence, the complexity of our final method is reduced. This leads to better accuracy, higher Mattews Correlation Coefficients (MCC), and Area Under the Curve (AUC) in comparison to a standard LSTM with similar detection time. Our proposed method can be applied in real-time malware threat hunting, particularly for safety critical systems such as eHealth or Internet of Military of Things where poor convergence of the model could lead to catastrophic consequences. We evaluate the effectiveness of our proposed method on Windows, Ransomware, Internet of Things (IoT), and Android malware datasets using both static and dynamic analysis. For the IoT malware detection, we also present a comparative summary of the performance on an IoT-specific dataset of our proposed method and the standard stacked LSTM method. More specifically, of our proposed method achieves an accuracy of 99.1% in detecting IoT malware samples, with AUC of 0.985, and MCC of 0.95; thus, outperforming standard LSTM based methods in these key metrics.

• 한국전자거래학회지
• /
• 제26권2호
• /
• pp.83-94
• /
• 2021

컴퓨터 비전 적용 분야에서 부분적으로 가려진 물체 인식의 필요성은 증가하고 있다. 물체를 확인하고 위치를 지정하는 데에 물체가 가려진 것은 심각한 문제를 야기한다. 이 논문은 여행자 소지 수하물에서 위험 물건을 발견하기 위하여 어닐드 홉필드 네트워크를 제안한다. 어닐드홉필드 네트워크는 하이브리드 홉필드 네트워크와 어닐링 이론에 기초한 확정적 근사방법이다. 하이브리드 홉필드 네트워크는 위험 물체의 이미지에서 발췌한 경계 점들과 코너 점들을 이용한다. 또한 어닐드 홉필드 네트워크의 런타임을 줄이기 위해 임계 온도를 조사하였다. 어닐드 홉필드 네트워크와 하이브리드 홉필드 네트워크의 성능을 비교하기 위하여 광범위한 컴퓨터 실험이 실행되었다.

• International Journal of Computer Science & Network Security
• /
• 제21권1호
• /
• pp.97-106
• /
• 2021

Social networking platforms have become a smart way for people to interact and meet on internet. It provides a way to keep in touch with friends, families, colleagues, business partners, and many more. Among the various social networking sites, Twitter is one of the fastest-growing sites where users can read the news, share ideas, discuss issues etc. Due to its vast popularity, the accounts of legitimate users are vulnerable to the large number of threats. Spam and Malware are some of the most affecting threats found on Twitter. Therefore, in order to enjoy seamless services it is required to secure Twitter against malicious users by fixing them in advance. Various researches have used many Machine Learning (ML) based approaches to detect spammers on Twitter. This research aims to devise a secure system based on Hybrid Similarity Cosine and Soft Cosine measured in combination with Genetic Algorithm (GA) and Artificial Neural Network (ANN) to secure Twitter network against spammers. The similarity among tweets is determined using Cosine with Soft Cosine which has been applied on the Twitter dataset. GA has been utilized to enhance training with minimum training error by selecting the best suitable features according to the designed fitness function. The tweets have been classified as spammer and non-spammer based on ANN structure along with the voting rule. The True Positive Rate (TPR), False Positive Rate (FPR) and Classification Accuracy are considered as the evaluation parameter to evaluate the performance of system designed in this research. The simulation results reveals that our proposed model outperform the existing state-of-arts.

• International Journal of Computer Science & Network Security
• /
• 제24권6호
• /
• pp.41-48
• /
• 2024

Existing PoS (Point of Sale) based payment frameworks are vulnerable as the Payment Application's integrity in the smart phone and PoS are compromised, vulnerable to reverse engineering attacks. In addition to these existing PoS (Point of Sale) based payment frameworks do not perform point-to-point encryption and do not ensure communication security. We propose a Smart and Secure PoS (SSPoS) Framework which overcomes these attacks. Our proposed SSPoS framework ensures point-to-point encryption (P2PE), Application hardening and Application wrapping. SSPoS framework overcomes repackaging attacks. SSPoS framework has very less communication and computation cost. SSPoS framework also addresses Heartbleed vulnerability. SSPoS protocol is successfully verified using Burrows-Abadi-Needham (BAN) logic, so it ensures all the security properties. SSPoS is threat modeled and implemented successfully.

• International Journal of Computer Science & Network Security
• /
• 제21권12호
• /
• pp.316-322
• /
• 2021

The problem of corruption and the spread of corruption crime today is not only one of the main social problems, but also an obstacle to the implementation of reforms in Ukraine. Given the complexity, scale and diversity of the impact of corruption, it is an undisputed threat to national security. At the state level, corruption threatens, firstly, state security as a result of its spread in public authorities and the combination of political and business spheres; secondly, in the domestic political sphere as a result of non-compliance and violation by officials of public authorities and local governments of the laws of Ukraine; thirdly, in the economic sphere as a result of the dominance of personal interests of civil servants over national ones; fourthly, in other spheres, namely, military, social, ecological, informational, foreign policy, etc. The origins of corruption are diverse and are formed not only in the country but also abroad. The current corruption threat is the result of the country's ineffective domestic and foreign anticorruption policies. Acceleration of the spread and manifestation of external corruption threats is associated with a number of unresolved foreign policy issues against the background of the development of globalization and integration processes, in particular: economic and financial dependence of the country on international financial institutions and organizations; as well as from foreign countries that pose a potential threat due to their ambitious plans to expand our country; unresolved issues regarding the international legal consolidation of borders, etc. It is noted that the current conditions for the development of state security, due to new challenges and threats, need to improve and implement new measures to prevent corruption as a negative impact of the main threats to national economic security. As a result of the study, the main measures to counter the main threats to the economic security of the state were identified.

• 한국항행학회논문지
• /
• 제27권1호
• /
• pp.16-22
• /
• 2023

항공 테러는 역사적으로 다양한 형태의 공격 방법으로 민간항공의 취약한 부분을 공격해왔다. 최근 테러 수법은 승객과 별개의 전용 통로 사용, 개인물품 운반, 민감한 정보 접근 등의 권한을 가진 항공업계 종사자로 인한 것으로 보안 위협이 높아지고 있다. 또한, 전 세계적으로 인터넷과 소셜 미디어 등을 통한 급진화 현상으로 인한 내부자 위협은 더욱 고조되고 있는 실정이다. 대한민국 정부는 해외에서 발생한 내부자 보안 사례와 국제민간항공기구 및 미국, 영국 등에서 수립, 권고한 지침 등을 참고하여 항공보안의 불법방해행위에 직간접적으로 악용될 수 있는 내부자 위협에 대해 보안 규정을 사전에 수립하여 대처하여야 한다.

• 정보보호학회논문지
• /
• 제26권5호
• /
• pp.1313-1322
• /
• 2016

최근 인터넷을 통한 공공 기관이나 금융권에 대한 바이러스 및 해킹 공격이 더욱 지능화, 고도화되고 있다. 특히, 지능형 지속 공격인 APT(Advanced Persistent Threat)가 중요한 사이버 위협으로 주목을 받았는데 이러한 APT 공격은 기본적으로 네트워크상에서 악성 코드의 유포를 통해 이루어진다. 본 논문에서는 스마트 제조 산업에서 사용할 수 있도록 네트워크상에서 전송되는 PE(Portable Executable) 파일을 효과적으로 탐지하고 추출하여 악성코드 분석을 효과적으로 할 수 있는 방법을 제안하였다. PE 파일만 고속으로 추출하여 저장하는 기능을 공개 침입 탐지 툴인 Snort의 전처리기단에서 구현한 후 이를 하드웨어 센서 장치에 탑재하여 실험한 결과, 네트워크상에서 전송되는 악성 의심 코드인 PE 파일을 정상적으로 탐지하고 추출할 수 있음을 확인하였다.

• International Journal of Computer Science & Network Security
• /
• 제23권10호
• /
• pp.107-114
• /
• 2023

The study provides the identification of vulnerabilities in the security issues by Wireless Network. To achieve it the research focus on packet flow analysis, end to end data communication, and the security challenges (Cybercrime, insider threat, attackers, hactivist, malware and Ransomware). To solve this I have used the systematic literature review mechanisms and demonstrative tool namely Wireshark network analyzer. The practical demonstration identifies the packet flow, packet length time, data flow statistics, end- to- end packet flow, reached and lost packets in the network and input/output packet statics graphs. Then, I have developed the proposed model that used to secure the Wireless network solution and prevention vulnerabilities of the network security challenges. And applying the model that used to investigate the security challenges and vulnerabilities of cloud computing services is used to fulfill the network security goals in Wireless network. Finally the research provides the model that investigate the security challenges and vulnerabilities of cloud computing services in wireless networks

• 제어로봇시스템학회:학술대회논문집
• /
• 제어로봇시스템학회 2005년도 ICCAS
• /
• pp.1568-1570
• /
• 2005

The internet is already a part of life. It is very convenient and people can do almost everything with internet that should be done in real life. Along with the increase of the number of internet user, various network attacks through the internet have been increased as well. Also, Large-scale network attacks are a cause great concern for the computer security communication. These network attack becomes biggest threat could be down utility of network availability. Most of the techniques to detect and analyze abnormal traffic are statistic technique using mathematical modeling. It is difficult accurately to analyze abnormal traffic attack using mathematical modeling, but network simulation technique is possible to analyze and simulate under various network simulation environment with attack scenarios. This paper performs modeling and simulation under virtual network environment including $NGSS^{1}$ system to analyze abnormal traffic-flooding attack.

• International Journal of Computer Science & Network Security
• /
• 제21권5호
• /
• pp.168-174
• /
• 2021

The Cognitive radio (CR) is evolving technology for managing the spectrum bandwidth in wireless network. The security plays a vital role in wireless network where the secondary users are trying to access the primary user's bandwidth. During the allocation the any malicious user either he pretends to be primary user or secondary user to access the vital information's such as credentials, hacking the key, network jam, user overlapping etc. This research paper discusses on various types of attack and to prevent the attack in cognitive radio network. In this research, secondary users are identified by the primary user to access the primary network by the secondary users. The secondary users are given authorization to access the primary network. If any secondary user fails to provide the authorization, then that user will be treated as the malicious user. In this paper two approaches are suggested one by applying elliptic curve cryptography and the other method by using priority-based service access.