• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.53-60
• /
• 2020

At the present stage of the fourth industrial revolution, machine learning and artificial intelligence technologies are rapidly developing, and there is a movement to apply machine learning technology in the security field. Malicious code, including new and transformed, generates an average of 390,000 a day worldwide. Statistics show that security companies ignore or miss 31 percent of alarms. As many malicious codes are generated, it is becoming difficult for humans to detect all malicious codes. As a result, research on the detection of malware and network intrusion events through machine learning is being actively conducted in academia and industry. In international conferences and journals, research on security data analysis using deep learning, a field of machine learning, is presented. have. However, these papers focus on detection accuracy and modify several parameters to improve detection accuracy but do not consider the ratio of dataset. Therefore, this paper aims to reduce the cost and resources of many machine learning research by finding the ratio of dataset that can derive the highest detection accuracy in CNN Mobile net-based malware detection model.

• Journal of the Society of Disaster Information
• /
• v.11 no.4
• /
• pp.615-621
• /
• 2015

Man-made disasters are disastrous event, which can be reduced the damage through preventive measures and thorough inspections, unlike natural disasters. Thus, safety consciousness of citizens is not only important, but also safety consciousness of security guard who are involved with facility safety management. In other words, safety consciousness and fostering professionalism of security guards could reduce the damage, including human disaster and it enables the effective safety management. Therefore, this study selected the training and the organizational safety as variables with the influencing factors for improving the disaster safety consciousness of facility guard. After the analysis, the following results were confirmed. First, the training content and its environment would have a significant impact on the disaster safety consciousness. Second, organizational safety would have a significant impact on disaster safety consciousness. In other words, the improvement of training program and the formation of safety culture in organizational level will have a positive impact on the disaster safety awareness and enable effective safety management.

• The Journal of Society for e-Business Studies
• /
• v.23 no.4
• /
• pp.137-152
• /
• 2018

It is a measure to overcome limitations that occur in the activity of detecting and blocking abnormal information leakage activity by collecting the activity log generated by the security solution to detect the leakage of existing financial information and analyzing it by pattern analysis. First, it monitors real-time execution programs in PC that are used as information leakage path (read from the outside, save to the outside, transfer to the outside, etc.) in the PC. Second, it determines whether it is a normal controlled exception control circumvention by interacting with the related security control process at the time the program is executed. Finally, we propose a risk management model that can control the risk of financial information leakage through the process procedure created on the basis of scenario.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.177-186
• /
• 2011

Mobile services which are applied PC performance and mobile characteristics are increased with spread of the smartphone. Recently, mobile cloud service is getting the spotlight as a solution of mobile service problems that mobile device is lack of memory, computing power and storage and mobile services are subordinate to a particular mobile device platform. However, mobile cloud service has more potential security threats by the threat inheritance of mobile service, wireless network and cloud computing service. Therefore, security threats of mobile cloud service has to be removed in order to deploy secure mobile cloud services and user and manager should be able to respond appropriately in the event of threat. In this paper, We define mobile cloud service threats by threat analysis of mobile device, wireless network and cloud computing and we propose mobile cloud service countermeasures in order to respond mobile cloud service threats and threat scenarios in order to respond and predict to potential mobile cloud service threats.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.390-399
• /
• 2022

Cyber security and resilience are phrases that describe safeguards of ICTs (information and communication technologies) from cyber-attacks or mitigations of cyber event impacts. The sole purpose of Risk models are detections, analyses, and handling by considering all relevant perceptions of risks. The current research effort has resulted in the development of a new paradigm for safeguarding services offered online which can be utilized by both service providers and users. customers. However, rather of relying on detailed studies, this approach emphasizes task selection and execution that leads to successful risk treatment outcomes. Modelling intelligent CSGs (Cyber Security Games) using MLTs (machine learning techniques) was the focus of this research. By limiting mission risk, CSGs maximize ability of systems to operate unhindered in cyber environments. The suggested framework's main components are the Threat and Risk models. These models are tailored to meet the special characteristics of online services as well as the cyberspace environment. A risk management procedure is included in the framework. Risk scores are computed by combining probabilities of successful attacks with findings of impact models that predict cyber catastrophe consequences. To assess successful attacks, models emulating defense against threats can be used in topologies. CSGs consider widespread interconnectivity of cyber systems which forces defending all multi-step attack paths. In contrast, attackers just need one of the paths to succeed. CSGs are game-theoretic methods for identifying defense measures and reducing risks for systems and probe for maximum cyber risks using game formulations (MiniMax). To detect the impacts, the attacker player creates an attack tree for each state of the game using a modified Extreme Gradient Boosting Decision Tree (that sees numerous compromises ahead). Based on the findings, the proposed model has a high level of security for the web sources used in the experiment.

• Convergence Security Journal
• /
• v.22 no.5
• /
• pp.115-126
• /
• 2022

This study studied the working relationship between national crisis management and national defense elements from a comprehensive security perspective. The elements of national defense are presented in the Integrated Defense Act. Therefore, by presenting the principles, problems, and alternatives of integrated defense, the study was conducted with the aim of protecting the lives and property of the people in the event of a national crisis and strengthen national security. As a theoretical background, an analysis frame was envisioned based on the four stages of crisis management in the 'Comprehensive Crisis Management Model' and the 'Basic Guidelines for National Crisis Management'. Through this, four domestic and foreign case studies were conducted. As a result of the study, it can be confirmed that related laws, organizations, and public awareness must be provided in order for the national defense elements at each stage of national crisis management to work well. For the completeness of national crisis management, it was suggested that the enactment of the Framework Act on National Crisis Management, the establishment of an integrated defense plan, linked training, C4I for communication, strengthening the capabilities of local government heads, and national defense elements of firefighters.

• Korean Security Journal
• /
• no.46
• /
• pp.7-30
• /
• 2016

This study found the strategies for activating the security industry to utilize social network services based on the platform business model. This research was utilized for in-depth interview and IPA analysis. And use it was to check the contents and strategic improvement projects that can actually materialize and direction of the strategy. First, run a priority need area is a private center of community policing related portal development and operation, universal social networking service(SNS) utilizing expanded, professional training, IT-based security content management and operation of IT infrastructure security guards and security professionals up educational content development, online security guards and security professionals-up refresher training program development. Second, the area over the inventory capabilities increase the effectiveness of the security guards was constructed open-type comprehensive public information system. Third, the area needed to be reviewed are the individual security industry experts workers operating information channels, dedicated customer service and expanding the event of a private security guard & security service providers up. Fourth, the effectiveness of the insufficient area are discuss system improvements, the sharing of community policing closed Cameras for proposals for the expanded utilization of social networking services, private development organizations Social Network Service(SNS).

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.9 no.6
• /
• pp.95-100
• /
• 2009

Nowadays there are many studies and there's huge development about USN/RFID which have great developmental potential to many kinds of applications. More and more real time application apply USN/RFID technology to identify data collect and locate objects. Wide deployment of USN/RFID will generate an unprecedented volume of primitive data in a short time. Duplication and redundancy of primitive data will affect real time performance of application. Thus, security applications must filter primitive data and correlate them for complex pattern detection and transform them to events that provide meaningful, actionable information to end application. In this paper, we design a ECA Rule system for security monitoring of exhibition. This system will process USN/RFID primitive data and event and perform data transformation. It's had applied each now in exhibition hall through this study and efficient data transmission and management forecast that is possible.

• ETRI Journal
• /
• v.44 no.6
• /
• pp.903-914
• /
• 2022

Mobile and telecommunication networking uses temporary and random identifiers (IDs) to protect user privacy. For greater intelligence and security o the communications between the core network and the mobile user, we design and build a dynamic randomization scheme for the temporary IDs for mobile networking, including 5G and 6G. Our work for ID randomization (ID-RZ) advances the existing state-of-the-art ID re-allocation approach in 5G in the following ways. First, ID-RZ for ID updates is based on computing, as opposed to incurring networking for the re-allocation-based updates, and is designed for lightweight and low-latency mobile systems. Second, ID-RZ changes IDs proactively (as opposed to updating based on explicit networking event triggers) and provides stronger security (by increasing the randomness and frequency of ID updates). We build on the standard cryptographic primitives for security (e.g., hash) and implement our dynamic randomization scheme in the 5G networking protocol to validate its design purposes, which include time efficiency (two to four orders of magnitude quicker than the re-allocation approach) and appropriateness for mobile applications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.471-484
• /
• 2018

Recently, cyber threats are frequently occurring in ICS(industrial control systems) of government agencies, infrastructure, and manufacturing companies. In order to cope with such cyber threats, it is necessary to apply CTI to ICS. For this purpose, a security information collection system is needed. However, it is difficult to install security solution in control devices such as PLC. Therefor, it is difficult to collect security information of ICS. In addition, there is a problem that the security information format generated in various assets is different. Therefore, in this paper, we propose an efficient method to collect ICS security information. We utilize CybOX/STIX/TAXII CTI models that are easy to apply to ICS. Using this model, we designed the formats to collect security information of ICS assets. We created formats for system logs, IDS logs, and EWS application logs of ICS assets using Windows and Linux. In addition, we designed and implemented a security information collection system that reflects the designed formats. This system can be used to apply monitoring system and CTI to future ICS.