• 한국통신학회논문지
• /
• 제38C권8호
• /
• pp.651-662
• /
• 2013

본 연구에서는 적용대상체계에 적합한 시큐어 코딩룰을 선정 평가하기 위한 방안으로, 적용대상 체계의 특성에 따른 체계적용적합성(개발언어적합성, 플랫폼적합성), 위협평가(침해의 심각성, 침해의 가능성), 적용기대효과(신뢰성/품질향상, 수정 비용) 등을 종합적으로 고려한 시큐어 코딩룰의 선정 평가 방안을 제시하였다. 이를 활용하여, 전장관리정보체계의 체계 특성에 부합하는 197개의 시큐어 코딩룰을 선정하였다. 또한 선정된 각 코딩룰 별로 대상 체계에 대한 적용을 위한 우선 순위를 산정하였다.

• 융합보안논문지
• /
• 제6권2호
• /
• pp.91-99
• /
• 2006

네트워크의 속도가 빨라지고 인터넷의 보편화로 인하여 웜, 이메일 바이러스 등 악의적인 공격이 급증하였으며. 네트워크의 악의적인 공격에 대한 방어로 기존의 방화벽을 비롯하여 최근 침입방지시스템에 이르기까지 수많은 방어기법이 생겨났다. 또한 악의적인 공격의 형태가 바뀜과 동시에 방어의 기법도 달라지게 된다. 가장 대표적인 방어 기법으로 Snort를 들 수 있으며 공격형태가 바뀜에 따라 Snort의 Rules 파일이 증가하게 된다. 따라서 탐지수행능력이 점점 떨어지게 된다. 본 논문에서는 Snort의 Rule 파일을 O/S별로 구분하여 처리성능 향상을 위한 구조를 제안하고 설계 및 구현한다. 이 시스템은 Snort의 기본 구성보다 처리성능을 향상시킬 수 있다.

• 한국IT서비스학회지
• /
• 제11권sup호
• /
• pp.27-39
• /
• 2012

As many applications are possible now in mobile environment with the trend of mobile convergence, diverse applications in healthcare industry are also possible in mobile devices. Though lots of researches on mobile and health services are introduced, they are limited to specific area or techniques. This study shows possible directions of fusion between mobile technologies and health services in the future using a data mining technique called association rule analysis. The data used in this study is collected from web pages containing key words related to mobile technologies and health services. The analysis shows that current cases of fusion between monitoring based telemedicine and patients. It also shows another case of fusion between mobile hospital and medical screen charts. These show that fusion between mobile technologies and health services already began in industry. Association rules are found between well-being, city, diet, and sleep. The association rules containing security and privacy, though their associations are not so strong, also show that security and privacy of patient information should be protected in the future. The results show that the fusion of mobile technologies and health services is expected to provide health services to more users and larger areas. It is also expected to create new diverse business models in the future.

• 융합보안논문지
• /
• 제8권4호
• /
• pp.1-8
• /
• 2008

최근 해킹 기법들은 기존보다 정교한 기술을 바탕으로 악성화 되어 그 피해 규모가 증가하고 있으며, 인터넷 사용자의 확대와 맞물려 그 위력은 커지고 있다. 특히 정보유출을 목적으로 제작한 해킹메일에 첨부된 악성코드의 피해가 급증하고 있다. 본 논문에서 이러한 정보유출형 악성코드를 효과적으로 분석, 탐지할 수 있는 기술에 관하여 연구한다. 또한 본 연구에서는 기존 악성코드의 탐지규칙과 해킹메일 악성코드 탐지규칙을 비교하였으며 이를 통해 해킹메일 악성코드 뿐 아니라 새로운 악성코드와 변종들에 대해서도 탐지할 수 있는 기술에 대해 설명한다.

• International Journal of Computer Science & Network Security
• /
• 제21권9호
• /
• pp.31-40
• /
• 2021

The increasing number of credit card fraud cases has become a considerable problem since the past decades. This phenomenon is due to the expansion of new technologies, including the increased popularity and volume of online banking transactions and e-commerce. In order to address the problem of credit card fraud detection, a rule-based approach has been widely utilized to detect and guard against fraudulent activities. However, it requires huge computational power and high complexity in defining and building the rule base for pattern matching, in order to precisely identifying the fraud patterns. In addition, it does not come with intelligence and ability in predicting or analysing transaction data in looking for new fraud patterns and strategies. As such, Data Mining and Machine Learning algorithms are proposed to overcome the shortcomings in this paper. The aim of this paper is to highlight the important techniques and methodologies that are employed in fraud detection, while at the same time focusing on the existing literature. Methods such as Artificial Neural Networks (ANNs), Support Vector Machines (SVMs), naïve Bayesian, k-Nearest Neighbour (k-NN), Decision Tree and Frequent Pattern Mining algorithms are reviewed and evaluated for their performance in detecting fraudulent transaction.

• International Journal of Computer Science & Network Security
• /
• 제22권6호
• /
• pp.339-345
• /
• 2022

Outcome-based education (OBE) is a tried-and-true teaching technique based on a set of predetermined goals. Program Educational Objectives (PEOs), Program Outcomes (POs), and Course Outcomes (COs) are the components of OBE. At the end of each year, the Program Outcomes are evaluated, and faculty members can submit many recommended measures which dependent on the relationship between the program outcomes and its courses outcomes to improve the quality of program and hence the overall educational program. When a vast number of courses are considered, bad actions may be proposed, resulting in unwanted and incorrect decisions. In this paper, a recommender system, using collaborative filtering and association rules algorithms, is proposed for predicting the best relationship between the program outcomes and its courses in order to improve the attributes of the graduates. First, a parallel algorithm is used for Collaborative Filtering on Data Model, which is designed to increase the efficiency of processing big data. Then, a parallel similar learning outcomes discovery method based on matrix correlation is proposed by mining association rules. As a case study, the proposed recommender system is applied to the Computer Information Systems program, College of Computer Sciences and Information Technology, Al-Baha University, Saudi Arabia for helping Program Quality Administration improving the quality of program outcomes. The obtained results revealed that the suggested recommender system provides more actions for boosting Graduate Attributes quality.

• 한국멀티미디어학회논문지
• /
• 제23권1호
• /
• pp.24-30
• /
• 2020

As the number of internet-connected appliances and the variety of IoT services are rapidly increasing, it is hard to protect IT assets with traditional network security techniques. Most traditional network log analysis systems use rule based mechanisms to reduce the raw logs. But using predefined rules can't detect new attack patterns. So, there is a need for a mechanism to reduce congested raw logs and detect new attack patterns. This paper suggests enterprise security management for IoT services using graph and network measures. We model an event network based on a graph of interconnected logs between network devices and IoT gateways. And we suggest a network clustering algorithm that estimates the attack probability of log clusters and detects new attack patterns.

• 대한전기학회:학술대회논문집
• /
• 대한전기학회 2006년도 추계학술대회 논문집 전력기술부문
• /
• pp.21-23
• /
• 2006

As a general rule for evaluating dependability of a system, reliability is commonly considered which barely rays attention to the system behavior, however the estimation is based on the assumption of a fault-frost system, which may be impracticable and inaccurate especially for complicated system. This paper introduces a security and dependability integrated approach to analyze the availability of a fault-active system both from dependability and security points of view. Two fault modes involved are discussed about the impairment to the system reliance. The approach can be well applied to estimate and quantify the attribute of system robustness with the help of Markov chain process, which is good at solving status related problem. The comparison result between dual system and IEC61850-based almighty backup system is shown to sup-port the suggested approach.

• 디지털산업정보학회논문지
• /
• 제8권2호
• /
• pp.59-65
• /
• 2012

Emergency medical information center performs role of medical direction about disease consult and pre-hospital emergency handling scheme work to people. Emergency medical information system plays a major role to be decreased mortality and disability of emergency patient by providing information of medical institution especially when emergency patient has appeared. But, various attacks as a hacking have been happened in Emergency medical information system recently. In this paper, we proposed security structure which can protect the system securely by detecting attacks from outside effectively. Intrusion detection was performed using rule based detection technique according to protocol for every packet to detect attack and intrusion was reported to control center if intrusion was detected also. Intrusion detection was performed again using decision tree for packet which intrusion detection was not done. We experimented effectiveness using attacks as TCP-SYN, UDP flooding and ICMP flooding for proposed security structure in this paper.

• 정보보호학회논문지
• /
• 제22권1호
• /
• pp.93-98
• /
• 2012

이동 노드로만 구성된 MANET은 유비쿼터스 컴퓨팅 환경을 구축하기 위한 핵심 기술로 많은 관심을 받고 있다. 또한 중앙 기반 시설이 없기 때문에 보안에 더욱 취약하다. 따라서 악의적인 공격을 탐지해 낼 수 있는 침입탐지 시스템이 반드시 필요하다. 본 논문에서는 안정된 침입탐지를 위해 클러스터를 이용하였으며, 네트워크 문제인 것처럼 보이는 공격도 정확히 탐지할 수 있도록 다양한 공격에 대해 규칙을 정의하였다. 실험을 통해 본 논문에서 제안한 기법이 노드의 수가 증가하더라도 안정된 탐지율을 보이는 것을 확인하였다.