• Proceedings of the KSRS Conference
• /
• 2008.10a
• /
• pp.410-413
• /
• 2008

Existing Outlier detections have been widely studied in geosensor networks. Recently, machine learning and data mining have been applied the outlier detection method to build a model that distinguishes outliers based on anchored criterion. However, it is difficult for the existing methods to detect outliers against incoming time-variant data, because outlier detection needs to monitor incoming data and classify irregular attacks. Therefore, in order to solve the problem, we propose a time-variant outlier detection using 2-dimensional grid method based on unanchored criterion. In the paper, outliers using geosensor data was performed to classify efficiently. The proposed method can be utilized applications such as network intrusion detection, stock market analysis, and error data detection in bank account.

• Proceedings of the Korean Society of Food Hygiene and Safety Conference
• /
• 2006.05a
• /
• pp.73-96
• /
• 2006

$\square$ A nationwide surveillance including 17 provincial labs has been established $\square$ Noroviruses are involved in recent viral gastroenteritis outbreaks and sproradic viral gastroenteritis cases in Korea $\square$ Analysis of RDRP and capsid regions of norovirus strains shows that various genotypes were circulated in Korea $\square$ Early detection of outbreaks cases (2004 Jeju-cause of epidemic) $\square$ New variant or emerging strain detection: variant GII4 and GIIb $\square$ Detection of Sapoviruses from AGE patients in 2003-4

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.11
• /
• pp.131-138
• /
• 2020

Malware is generally recognized as a computer program that penetrates another computer system and causes malicious behavior intended by the developer. In cyberspace, it is also used as a cyber weapon to attack adversary. The most important factor that a malware must have as a cyber weapon is that it must achieve its intended purpose before being detected by the other's detection system. It requires a lot of time and expertise to create a single malware to avoid the other's detection system. We propose the framework that automatically generates variant malware when a binary code type malware is input using the DCM technique. In this framework, the sample malware was automatically converted into variant malware, and it was confirmed that this variant malware was not detected in the signature-based malware detection system.

• Journal of Information Processing Systems
• /
• v.16 no.4
• /
• pp.882-895
• /
• 2020

The amount of malware increases exponentially every day and poses a threat to networks and operating systems. Most new malware is a variant of existing malware. It is difficult to deal with numerous malware variants since they bypass the existing signature-based malware detection method. Thus, research on automated methods of detecting and processing variant malware has been continuously conducted. This report proposes a method of extracting feature data from files and detecting malware using machine learning. Feature data were extracted from 7,000 malware and 3,000 benign files using static and dynamic malware analysis tools. A malware classification model was constructed using multiple DNN, XGBoost, and RandomForest layers and the performance was analyzed. The proposed method achieved up to 96.3% accuracy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.7
• /
• pp.3756-3777
• /
• 2019

Recent internet development is helping malware researchers to generate malicious code variants through automated tools. Due to this reason, the number of malicious variants is increasing day by day. Consequently, the performance improvement in malware analysis is the critical requirement to stop the rapid expansion of malware. The existing research proved that the similarities among malware variants could be used for detection and family classification. In this paper, a Cross-Platform Malware Variant Classification System (CP-MVCS) proposed that converted malware binary into a grayscale image. Further, malicious features extracted from the grayscale image through Combined SIFT-GIST Malware (CSGM) description. Later, these features used to identify the relevant family of malware variant. CP-MVCS reduced computational time and improved classification accuracy by using CSGM feature description along machine learning classification. The experiment performed on four publically available datasets of Windows OS and Android OS. The experimental results showed that the computation time and malware classification accuracy of CP-MVCS was higher than traditional methods. The evaluation also showed that CP-MVCS was not only differentiated families of malware variants but also identified both malware and benign samples in mix fashion efficiently.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.4A
• /
• pp.403-410
• /
• 2008

In this paper, we propose a variant of the QRM-MLD signal detection method that is used for spatially multiplexed multiple antenna system. The original QRM-MLD signal detection method combines the QR decomposition with the M-algorithm, thereby significantly reduces the prohibitive hardware complexity of the ML signal detection method, still achieving a near ML performance. When the number of transmitter antennas and/or constellation size are increased to achieve higher bit rate, however, its increased complexity makes the hardware implementation challenging. In an effort to overcome this drawback of the original QRM-MLD, a number of variants were proposed. A most strong variant among them, in our opinion, is the ranking method, in which the constellation points are ranked and computation is performed for only highly ranked constellation points, thereby reducing the required complexity. However, the variant using the ranking method experiences a significant performance degradation, when compared with the original QRM-MLD. In this paper, we point out the reasons of the performance degradation, and we propose a novel variant that overcomes the drawbacks. We perform a set of computer simulations to show that the proposed method achieves a near performance of the original QRM-MLD, while its computational complexity is near to that of the QRM-MLD with ranking method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.775-784
• /
• 2019

Malware infringement attacks are continuously increasing in various environments such as mobile, IOT, windows and mac due to the emergence of new and variant malware, and signature-based countermeasures have limitations in detection of malware. In addition, analytical performance is deteriorating due to obfuscation, packing, and anti-VM technique. In this paper, we propose a system that can detect malware based on machine learning by using similarity hashing-based pattern detection technique and static analysis after file classification according to packing. This enables more efficient detection because it utilizes both pattern-based detection, which is well-known malware detection, and machine learning-based detection technology, which is advantageous for detecting new and variant malware. The results of this study were obtained by detecting accuracy of 95.79% or more for benign sample files and malware sample files provided by the AI-based malware detection track of the Information Security R&D Data Challenge 2018 competition. In the future, it is expected that it will be possible to build a system that improves detection performance by applying a feature vector and a detection method to the characteristics of a packed file.

• Imaging Science in Dentistry
• /
• v.46 no.1
• /
• pp.47-51
• /
• 2016

Herein, we report and discuss the detection of fossa navicularis magna, a close radiographic anatomic variant of canalis basilaris medianus of the basiocciput, as an incidental finding in cone-beam computed tomography (CBCT) imaging. The CBCT data of the patients in question were referred for the evaluation of implant sites and to rule out pathology in the maxilla and mandible. CBCT analysis showed osseous, notch-like defects on the inferior aspect of the clivus in all four cases. The appearance of fossa navicularis magna varied among the cases. In some, it was completely within the basiocciput and mimicked a small rounded, corticated, lytic defect, whereas it appeared as a notch in others. Fossa navicularis magna is an anatomical variant that occurs on the inferior aspect of the clivus. The pertinent literature on the anatomical variations occurring in this region was reviewed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.357-367
• /
• 2020

According to Symantec's 2018 internet security threat report, The number of new mobile malware variants increased by 54 percent in 2017, as compared to 2016. And last year, there were an average of 24,000 malicious mobile applications blocked each day. Existing signature-based technologies of malware detection have limitations. So, malware detection technique through machine learning is being researched to detect malware variant. However, even in the case of applying machine learning, if the proper features of the malware are not properly selected, the machine learning cannot be shown correctly. We are focusing on feature selection method to find the features of malware variant in this research.

• Asian Pacific Journal of Cancer Prevention
• /
• v.17 no.4
• /
• pp.1925-1931
• /
• 2016

Background: The XRCC1 protein facilitates various DNA repair pathways; single-nucleotide polymorphisms (SNPs) in this gene are associated with a risk of gastrointestinal cancer (GIC) with inconsistent results, but no data have been previously reported for the Sabah, North Borneo, population. We accordingly investigated the XRCC1 Arg194Trp and Arg399Gln SNPs in terms of GIC risk in Sabah. Materials and Methods: We performed genotyping for both SNPs for 250 GIC patients and 572 healthy volunteers using a polymerase chain reaction-restriction fragment length polymorphism approach. We validated heterozygosity and homozygosity for both SNPs using direct sequencing. Results: The presence of a variant 194Trp allele in the Arg194Trp SNP was significantly associated with a higher risk of GIC, especially with gastric and colorectal cancers. We additionally found that the variant 399Gln allele in Arg399Gln SNP was associated with a greater risk of developing gastric cancer. Our combined analysis revealed that inheritance of variant alleles in both SNPs increased the GIC risk in Sabah population. Based on our etiological analysis, we found that subjects ${\geq}50years$ and males who carrying the variant 194Trp allele, and Bajau subjects carrying the 399Gln allele had a significantly increased risk of GIC. Conclusions: Our findings suggest that inheritance of variant alleles in XRCC1 Arg194Trp and Arg399Gln SNPs may act as biomarkers for the early detection of GIC, especially for gastric and colorectal cancers in the Sabah population.