• Journal of Korea Multimedia Society
• /
• v.23 no.5
• /
• pp.641-649
• /
• 2020

As the usage of mobile devices extremely increases, malicious mobile apps(applications) that target mobile users are also increasing. It is challenging to detect these malicious apps using traditional malware detection techniques due to intelligence of today's attack mechanisms. Deep learning (DL) is an alternative technique of traditional signature and rule-based anomaly detection techniques and thus have actively been used in numerous recent studies on malware detection. In order to develop DL-based defense mechanisms against intelligent malicious apps, feeding recent datasets into DL models is important. In this paper, we develop a DL-based model for detecting intelligent malicious apps using KU-CISC 2018-Android, the most up-to-date dataset consisting of benign and malicious Android apps. This dataset has hardly been addressed in other studies so far. We extract OPcode sequences from the Android apps and preprocess the OPcode sequences using an N-gram model. We then feed the preprocessed data into LSTM and apply the concept of Information Gain to improve performance of detecting malicious apps. Furthermore, we evaluate our model with numerous scenarios in order to verify the model's design and performance.

• The KIPS Transactions:PartB
• /
• v.14B no.1 s.111
• /
• pp.59-64
• /
• 2007

In these days, malicious codes have become reality and evolved significantly to become one of the greatest threats to the modern society where important information is stored, processed, and accessed through the internet and the computers. Computer virus is a common type of malicious codes. The standard techniques in anti-virus industry is still based on signatures matching. The detection mechanism searches for a signature pattern that identifies a particular virus or stain of viruses. Though more accurate in detecting known viruses, the technique falls short for detecting new or unknown viruses for which no identifying patterns present. To cope with this problem, anti-virus software has to incorporate the learning mechanism and heuristic. In this paper, we propose a fuzzy diagnosis system(FDS) using fuzzy c-means algorithm(FCM) for the cluster analysis and a decision status measure for giving a diagnosis. We compare proposed system FDS to three well known classifiers-KNN, RF, SVM. Experimental results show that the proposed approach can detect unknown viruses effectively.

• The Bulletin of The Korean Astronomical Society
• /
• v.35 no.1
• /
• pp.34.2-34.2
• /
• 2010

Cosmic rays registered by Neutron Monitors on the surface of the Earth are believed to be coming from outer space, and sometimes also from the exotic objects of the Sun. Ground level enhancement (GLE) is the sudden, sharp and short-lived increase in cosmic rays originated from the Sun. Since GLE is the signature in solar cosmic ray intensity, different solar factors erupted from the Sun can be responsible for causing it. In this context, an attempt has been made to determine quantitative relationships of GLEs > 5% with simultaneous solar, interplanetary and geophysical factors from 1997 through 2006 thereby searching the perpetrators which seem to be causing them. The study has revealed that solar flares are stronger ($0.71{\times}10-4$ w/m2) during GLE peaks than the solar flares ($1.10{\times}10-5$ w/m2) during GLE non-peaks and backgrounds. On the average, the solar wind plasma velocity and interplanetary magnetic field are found stronger during the GLE peaks than the GLE non-peaks and backgrounds indicating that the solar flares, in conjunction with interplanetary shocks, sometimes may cause GLE peaks. Direct proportionality of GLE peaks to simultaneous solar energetic particle (SEP) fluxes imply that the GLE peaks may often be caused by SEP fluxes. Although the high intensity of SEP fluxes are also seen extended few minutes even after GLE peaks, the mean (373.62 MeV) of the GLE associated SEP fluxes is much stronger than the mean (10.35 MeV) of the non-GLE associated SEP fluxes. Evidences are also supported by corresponding SEP fluences that the the mean fluence (${\sim}5.32{\times}107/cm2$) across GLE event was more intense than the mean fluence (${\sim}2.53{\times}106/cm2$) of SEP fluxes across non-GLE event.

• Journal of the Korea Society of Computer and Information
• /
• v.8 no.3
• /
• pp.130-137
• /
• 2003

This paper proposes protocol design that can do user authentication efficiently in current systems that client-server environment is developed. And proposes a password-based authentication protocol suitable to certification through trustless network or key exchange. While the existing password-base protocols certify users through certification authority (CA) between client and server, the proposed protocol in this paper, users and server exchange keys and perform authentication without help of CA. To ameliorate the drawback of password-based protocols causing by the short length and randomness of password, the proposed protocol uses the signature techniques of ECDSA and the SRP protocol based on Diffie-Hellman key exchange method. Also, by with compare to round number and Hash function number and exponential operation of existing protocols, we explained efficiency of proposed protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.95-109
• /
• 2006

Elliptic Curve Cryptosystem (ECC) is suitable for resource-constrained devices such as smartcards, and sensor motes because of its short key size. This paper presents an efficient multi-scalar multiplication algorithm which is the main component of the verification procedure in Elliptic Curve Digital Signature Algorithm (ECDSA). The proposed algorithm can make use of a precomputed table of variable size and provides an optimal efficiency for that precomputed table. Furthermore, the given scalar is receded on-the-fly so that it can be merged with the main multiplication procedure. This can achieve more savings on memory than other receding algorithms. Through experiments, we have found that the optimal sizes of precomputed tables are 7 and 15 when uP+vQ is computed for u, v of 163 bits and 233 bits integers. This is shown by comparing the computation time taken by the proposed algorithm and other existing algorithms.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1043-1052
• /
• 2020

Signature-based malicious code detection methods share a common limitation; it is very hard to detect modified malicious codes or new malware utilizing zero-day vulnerabilities. To overcome this limitation, many studies are actively carried out to classify malicious codes using N-gram. Although they can detect malicious codes with high accuracy, it is difficult to identify malicious codes that uses very short codes such as Spectre. We propose a function level N-gram comparison algorithm to effectively identify the Spectre binary. To test the validity of this algorithm, we built N-gram data sets from 165 normal binaries and 25 malignant binaries. When we used Random Forest models, the model performance experiments identified Spectre malicious functions with 99.99% accuracy and its f1-score was 92%.

• International Journal of Computer Science & Network Security
• /
• v.24 no.8
• /
• pp.85-104
• /
• 2024

The DNA (Deoxyribonucleic Acid) database size increases tremendously transmuting from millions to billions in a year. Ergo for storing, probing the DNA database requires efficient lossless compression and encryption algorithm for secure communication. The DNA short pattern repetitions are of paramount characteristics in biological sequences. This algorithm is predicated on probing exact reiterate, substring substitute by corresponding ASCII code and engender a Library file, as a result get cumulating of the data stream. In this technique the data is secured utilizing ASCII value and engendering Library file which acts as a signature. The security of information is the most challenging question with veneration to the communication perspective. The selective encryption method is used for security purpose, this technique is applied on compressed data or in the library file or in both files. The fractional part of a message is encrypted in the selective encryption method keeping the remaining part unchanged, this is very paramount with reference to selective encryption system. The Huffman's algorithm is applied in the output of the first phase reiterate technique, including transmuting the Huffman's tree level position and node position for encryption. The mass demand is the minimum storage requirement and computation cost. Time and space complexity of Repeat algorithm are O(N²) and O(N). Time and space complexity of Huffman algorithm are O(n log n) and O(n log n). The artificial data of equipollent length is additionally tested by this algorithm. This modified Huffman technique reduces the compression rate & ratio. The experimental result shows that only 58% to 100% encryption on actual file is done when above 99% modification is in actual file can be observed and compression rate is 1.97bits/base.

• Journal of the Korean Society of Food Culture
• /
• v.28 no.4
• /
• pp.348-355
• /
• 2013

This study intends to provide preliminary data for improving dining experience in the restaurants of Bamboo food village and help draw up guidelines for the improvement of these dining venues by surveying customer perception and satisfaction in 15-restaurants of the food village. The restaurants were surveyed mainly for satisfaction of the menu, especially, on the signature dishes of Damyang, "ddeokgalbi" (grilled short rib balls) and "daetongbab"-the grilled short rib balls and bamboo rice. The two dishes were more liked by people in the the 20- to 29-year age group with a score of 3.92 and 4.11, respectively. Although the 30-49 age group showed the highest satisfaction score on the fixed price menu, there was no statistically significant difference. The age group of 20-29 also showed the highest satisfaction on plating and table setting with a score of 4.09 and 4.04, respectively, and there was significant difference among age groups in this regard (p<0.05). All the age groups surveyed answered "time-honored taste" should be captured when working on menus, which suggests it should be the first choice for the restaurants in the food village when they develop their menus. When it comes to the restaurant environment, satisfaction on sanitary conditions was significantly different among the groups with a score of 4.21 given by 30-49 age group and 3.88 by the 50 and over group (p<0.05). In the category of service satisfaction, the two aforementioned age groups again showed significant difference in catering to customer needs with a score of 3.99 and 3.63, respectively (p<0.05), whereas welcoming customers and serving food was scored without statistical difference by age. Being asked what needs to be done to strengthen competitive advantage of the restaurants, all the age groups answered "taste" would matter the most while the 20 to 29 and 30 to 49 age groups picked "hygiene" and the 50 and over selected "table setting and ambience" next, which was statistically different with a p value of <0.05. Regarding the competitive advantage of the Korean restaurants in Damyang Bamboo food village, the first two younger groups (20 to 29 and 30 to 49) chose "table setting and ambience" and the eldest (50 and over) age group answered "location wise advantage," indicating significant difference by age. More than 80 percent of the people surveyed were willing to revisit the venues, which suggests improving restaurant environment in Bamboo food village and offering customers a better experience are very likely to build a image of culinary tourism for Damyang.

• Bulletin of the Korean Space Science Society
• /
• 2008.10a
• /
• pp.27.1-27.1
• /
• 2008

KASI (Korea Astronomy and Space Science Institute) is developing a compact wide-field survey space telescope system, MIRIS (The Multi-purpose IR Imaging System) to be launched in 2010 as the main payload of the Korea Science and Technology Satellite 3. Through recent System Design Review (SDR) and Preliminary Design Review (PDR), most of the system design concept was reviewed and confirmed. The near IR imaging system adopted short F/2 optics for wide field low resolution observation at wavelength band 0.9~2.0 um minimizing the effect of attitude control system. The mechanical system is composed of a cover, baffle, optics, and detector system using a $256\times256$ Teledyne PICNIC FPA providing a $3.67\times3.67$ degree field of view with a pixel scale of 51.6 arcsec. We designed a support system to minimize heat transfer with Muti-Layer Insulation. The electronics of the MIRIS system is composed of 7 boards including DSP, control, SCIF. Particular attention is being paid to develop mission operation scenario for space observation to minimize IR background radiation from the Earth and Sun. The scientific purpose of MIRIS is to survey the Galactic plane in the emission line of Pa$\alpha$ ($1.88{\mu}m$) and to detect the cosmic infrared background (CIB) radiation. The CIB is being suspected to be originated from the first generation stars of the Universe and we will test this hypothesis by comparing the fluctuations in I (0.9~1.2 um) and H (1.2~2.0 um) bands to search the red shifted Lyman cutoff signature.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.46 no.1
• /
• pp.64-77
• /
• 2009

A proxy re-encryption scheme allows Alice to temporarily delegate the decryption rights to Bob via a proxy. Alice gives the proxy a re-encryption key so that the proxy can convert a ciphertext for Alice into the ciphertext for Bob. Recently, ID-based proxy re-encryption schemes are receiving considerable attention for a variety of applications such as distributed storage, DRM, and email-forwarding system. And a non-interactive identity-based proxy re-encryption scheme was proposed for achieving CCA-security by Green and Ateniese. In the paper, we show that the identity-based proxy re-encryption scheme is unfortunately vulnerable to a collusion attack. The collusion of a proxy and a malicious user enables two parties to derive other honest users' private keys and thereby decrypt ciphertexts intended for only the honest user. To solve this problem, we propose two ID-based proxy re-encryption scheme schemes, which are proved secure under CPA and CCA in the random oracle model. For achieving CCA-security, we present self-authentication tag based on short signature. Important features of proposed scheme is that ciphertext structure is preserved after the ciphertext is re-encrypted. Therefore it does not lead to ciphertext expansion. And there is no limitation on the number of re-encryption.