• Journal of information and communication convergence engineering
• /
• v.9 no.6
• /
• pp.676-682
• /
• 2011

Sybil attack can disrupt proper operations of wireless sensor network by forging its sensor node to multiple identities. To protect the sensor network from such an attack, a number of countermeasure methods based on RSSI (Received Signal Strength Indicator) and LQI (Link Quality Indicator) have been proposed. However, previous works on the Sybil attack detection do not consider the fact that Sybil nodes can change their RSSI and LQI strength for their malicious purposes. In this paper, we present a Sybil attack detection method based on a transmission power range. Our proposed method initially measures range of RSSI and LQI from sensor nodes, and then set the minimum, maximum and average RSSI and LQI strength value. After initialization, monitoring nodes request that each sensor node transmits data with different transmission power strengths. If the value measured by monitoring node is out of the range in transmission power strengths, the node is considered as a malicious node.

• Journal of information and communication convergence engineering
• /
• v.15 no.2
• /
• pp.91-96
• /
• 2017

PIN-entry interfaces have high risks to leak secret values if the malicious attackers perform shoulder-surfing attacks with advanced monitoring and observation devices. To make the PIN-entry secure, many studies have considered invisible radio channels as a secure medium to deliver private information. However, the methods are also vulnerable if the malicious adversaries find a hint of secret values from user's $na{\ddot{i}}ve$ gestures. In this paper, we revisit the state-of-art radio channel based bimodal PIN-entry method and analyze the information leakage from the previous method by exploiting the sight tracking attacks. The proposed sight tracking attack technique significantly reduces the original password complexities by 93.8% after post-processing. To keep the security level strong, we introduce the advanced bimodal PIN-entry technique. The new technique delivers the secret indicator information through a secure radio channel and the smartphone screen only displays the multiple indicator options without corresponding numbers. Afterwards, the users select the target value by following the circular layout. The method completely hides the password and is secure against the advanced shoulder-surfing attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.260-280
• /
• 2020

Cyber-attacks emerge in a more intelligent way, and various security technologies are applied to respond to such attacks. Still, more and more people agree that individual response to each intelligent infringement attack has a fundamental limit. Accordingly, the cyber threat intelligence analysis technology is drawing attention in analyzing the attacker group, interpreting the attack trend, and obtaining decision making information by collecting a large quantity of cyber-attack information and performing relation analysis. In this study, we proposed relation analysis factors and developed a system for establishing cyber threat intelligence, based on malicious code as a key means of cyber-attacks. As a result of collecting more than 36 million kinds of infringement information and conducting relation analysis, various implications that cannot be obtained by simple searches were derived. We expect actionable intelligence to be established in the true sense of the word if relation analysis logic is developed later.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.11
• /
• pp.75-84
• /
• 2018

Social engineering attack means to get information of Social engineering attack means to get information of opponent without technical attack or to induce opponent to provide information directly. In particular, social engineering does not approach opponents through technical attacks, so it is difficult to prevent all attacks with high-tech security equipment. Each company plans employee education and social training as a countermeasure to prevent social engineering. However, it is difficult for a security officer to obtain a practical education(training) effect, and it is also difficult to measure it visually. Therefore, to measure the social engineering threat, we use the results of social engineering training result to calculate the risk by system asset and propose a attack graph based probability. The security officer uses the results of social engineering training to analyze the security threats by asset and suggests a framework for quick security response. Through the framework presented in this paper, we measure the qualitative social engineering threats, collect system asset information, and calculate the asset risk to generate probability based attack graphs. As a result, the security officer can graphically monitor the degree of vulnerability of the asset's authority system, asset information and preferences along with social engineering training results. It aims to make it practical for companies to utilize as a key indicator for establishing a systematic security strategy in the enterprise.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.9
• /
• pp.4684-4705
• /
• 2019

Collaborative filtering recommender systems are vulnerable to shilling attacks in which malicious users may inject biased profiles to promote or demote a particular item being recommended. To tackle this problem, many robust collaborative recommendation methods have been presented. Unfortunately, the robustness of most methods is improved at the expense of prediction accuracy. In this paper, we construct a robust Bayesian probabilistic matrix factorization model for collaborative filtering recommender systems by incorporating the detection of user anomaly rating behaviors. We first detect the anomaly rating behaviors of users by the modified K-means algorithm and target item identification method to generate an indicator matrix of attack users. Then we incorporate the indicator matrix of attack users to construct a robust Bayesian probabilistic matrix factorization model and based on which a robust collaborative recommendation algorithm is devised. The experimental results on the MovieLens and Netflix datasets show that our model can significantly improve the robustness and recommendation accuracy compared with three baseline methods.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.9
• /
• pp.901-905
• /
• 2008

In this paper, we propose a detection scheme for sinkhole attacks in wireless sensor networks. Sinkhole attack makes packets that flow network pass through attacker. So, Sinkhole attack can be extended to various kind of attacks. We analyze sinkhole attack methods in the networks that use LQI based routing. For the purpose of response to each attack method, we propose methods to detect attacks. Our scheme can work for those sensor networks which use LQI based dynamic routing protocol. And we show the detection of sinkhole attack can be achieved by using a few detector nodes.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.11
• /
• pp.2067-2072
• /
• 2016

Recently, due to the development of attack techniques that can circumvent existing information protection systems, continuous threats in a form unrecognized by the user have threatened information assets. Therefore, it is necessary to support the prompt responses to anticipated attempts of APT attacks, bypass access attacks, and encryption packet attacks, which the existing systems have difficulty defending against through a single response, and to continuously monitor information protection systems with a defense strategy based on Indicators of Attack (IOA). In this paper, I suggest a centralized intelligent information protection system to support the intelligent response to a violation by discerning important assets through prevention control in a performance impact assessment about information properties in order to block the attack routes of APT; establishing information control policies through weakness/risk analyses in order to remove the risks in advance; establishing detection control by restricting interior/exterior bypass networks to server access and monitoring encrypted communications; and lastly, performing related corrective control through backup/restoration.

• Proceedings of the KSR Conference
• /
• 2007.11a
• /
• pp.1031-1035
• /
• 2007

When vehicles running, vertical force and lateral force act except load of vehicles to rail and wheel. This force happens by complex motion at running. If mark vertical force by P and lateral force by Q, derailment coefficient displays Q/P, most important indicator pointer of running safety judgment. If Q is grown than P from derailment coefficient, than arrived to derailment because wheel climb or jumps over rail. Wheel climb derailment among kind of derailment is when attack angle is +, wheel and rail strike and flange rides to rail. This derailment occurs much in curved line and occurs in low speed. In this study, occurred when running at low speed on curved line, analyze cause of derailment and presented the countermeasure plan.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1105-1114
• /
• 2021

Due to the recent surge in popularity of cryptocurrency, the threat of cryptojacking, a malicious code for mining cryptocurrencies, is increasing. In particular, web-based cryptojacking is easy to attack because the victim can mine cryptocurrencies using the victim's PC resources just by accessing the website and simply adding mining scripts. The cryptojacking attack causes poor performance and malfunction. It can also cause hardware failure due to overheating and aging caused by mining. Cryptojacking is difficult for victims to recognize the damage, so research is needed to efficiently detect and block cryptojacking. In this work, we take representative distinct symptoms of cryptojacking as an indicator and propose a new architecture. We utilized the K-Nearst Neighbors(KNN) model, which trained computer performance indicators as behavior-based dynamic analysis techniques. In addition, a K-means model, which trained the frequency of malicious script words for script similarity-based static analysis techniques, was utilized. The KNN model had 99.6% accuracy, and the K-means model had a silhouette coefficient of 0.61 for normal clusters.

• Health Policy and Management
• /
• v.32 no.4
• /
• pp.380-388
• /
• 2022

Background: Emerging infectious diseases, such as Middle East respiratory syndrome or coronavirus disease 2019, pose a continuous threat to public health, making a risk assessment necessary for infectious disease control and prevention. Therefore, we aimed to investigate the risk assessment methods for infectious diseases used by major foreign countries and organizations. Methods: We conducted an investigation and comparative analysis of risk assessment and risk determination methods for infectious diseases. The risk assessment tools included the strategic toolkit for assessing risks, influenza risk assessment tool, pandemic severity assessment framework, and rapid risk assessment methodology. Results: The most frequently reported risk elements were disease severity, antiviral treatment, attack rate, population immunity, and basic productive ratio. The risk evaluation method was evaluated quantitatively and qualitatively by the stakeholders at each institution. Additionally, the final risk level was visualized in a matrix, framework, and x and y-axis. Conclusion: Considering the risk assessment tools, the risk element was classified based on the duplicate of each indicator, and risk evaluation and level of risk assessment were analyzed.