Digital Library[ Search Result ]
Signature Generation to Detect HWP Malware Based on Threat Factors and Attack Patterns
Minji Choe, Dongjae Jung, Homook Cho, YooJae Won
http://doi.org/10.5626/JOK.2023.50.6.451
A recent increase in telecommuting due to the coronavirus disease 2019 (COVID-19) pandemic has caused ever-increasing incidents of document-type malicious code attacks that insert malicious codes into electronic documents mainly used at work. A Malicious document that spreads through various routes such as messengers, e-mails, and websites can easily bypass existing behavior-based security solutions and internal e-mail monitoring systems because it encodes or obfuscates to conceal the malicious code within documents. In this paper, we identify and classify five core threat factors by analyzing the structure of HWP documents. Furthermore, we generate signatures capable of detecting malicious HWP documents by conducting attack code pattern analysis of the threat factors. Furthermore, we propose a signature generation method to detect the latest malicious HWP documents effectively. In the future, we plan to further expand our research by applying statistical learning techniques to generate signatures automatically.
A Study on the Architecture of Cyber Public Information Forensic Tools for Investigation to Obtain the Court Evidence Ability
Jeongho Lee, Minchang Kang, HyunSeok Kang, Jaehoon Jang, Homook Cho
http://doi.org/10.5626/JOK.2022.49.6.494
Although recent development in Internet technology has brought many benefits to our lives, numerous dysfunctions, such as Internet-based cybercrime, have also increased. In order to effectively investigate such Internet-based cybercrime, it is essential to collect, store, and process cyber public information from a digital forensics perspective. However, related laws, such as the current Criminal Procedure Act, have not yet explicitly stipulated cyber public information forensics, or deletion of the original data, may also be one of the reasons for this occurrence. In this paper, we propose a novel architecture in processing and disclosing cyber information forensics tool for investigation to secure the legal evidence capability of cyber disclosure information collected between effective investigations and investigations of cybercrime. We also present a technical approach from a digital forensics perspective to demonstrate the integrity, identity, reproducibility, and authenticity of digital evidence to be observed while collecting and storing cyber disclosure information using the proposed tool.
Survey on Feature Attribution Methods in Explainable AI
Gihyuk Ko, Gyumin Lim, Homook Cho
http://doi.org/10.5626/JOK.2020.47.12.1181
As artificial intelligence (AI)-based technologies are increasingly being used in areas that can have big socioeconomic effects, there is a growing effort to explain decisions made by AI models. One important direction in such eXplainable AI (XAI) is the ‘feature attribution’ method, which explains AI models by assigning a contribution score to each input feature. In this work, we surveyed nine recently developed feature attribution methods and categorized them using four different criteria. Based on the categorizations, we found that the current methods focused only on specific settings such as generating local, white-box explanations of neural networks and lacked theoretical foundations such as axiomatic definitions. We suggest future research directions toward a unified feature attribution method based on our findings.
Search
Journal of KIISE
- ISSN : 2383-630X(Print)
- ISSN : 2383-6296(Electronic)
- KCI Accredited Journal
Editorial Office
- Tel. +82-2-588-9240
- Fax. +82-2-521-1352
- E-mail. chwoo@kiise.or.kr