Digital Library[ Search Result ]
Signature Generation to Detect HWP Malware Based on Threat Factors and Attack Patterns
Minji Choe, Dongjae Jung, Homook Cho, YooJae Won
http://doi.org/10.5626/JOK.2023.50.6.451
A recent increase in telecommuting due to the coronavirus disease 2019 (COVID-19) pandemic has caused ever-increasing incidents of document-type malicious code attacks that insert malicious codes into electronic documents mainly used at work. A Malicious document that spreads through various routes such as messengers, e-mails, and websites can easily bypass existing behavior-based security solutions and internal e-mail monitoring systems because it encodes or obfuscates to conceal the malicious code within documents. In this paper, we identify and classify five core threat factors by analyzing the structure of HWP documents. Furthermore, we generate signatures capable of detecting malicious HWP documents by conducting attack code pattern analysis of the threat factors. Furthermore, we propose a signature generation method to detect the latest malicious HWP documents effectively. In the future, we plan to further expand our research by applying statistical learning techniques to generate signatures automatically.
Analyzing the Effects of API Calls in Android Malware Detection Using Machine Learning
Seonghyun Park, Munyeong Kang, Jihyeon Park, Seong-je Cho, Sangchul Han
http://doi.org/10.5626/JOK.2021.48.3.257
This paper evaluates the effect of preprocessing and representing API call information on the accuracy of the system to detect malicious Android apps. We extract API calls that access or control sensitive data from target apps, and use the calls in machine learning algorithms to detect malicious apps. We then determine which expression of the API calls is most effective in classifying the apps as malicious or benign. Four ways of representing each API call are considered: class/method name with and without arguments/return type, and its presence (whether an API is called or not) and its frequency if called. The detection system has performed slightly better when the arguments/return type and the frequency of each API call were considered together. Its feature size was most efficient when considering the class/method name and the presence of each API call.
Mechanized Proof of Type Preservation for Polymorphic Lambda Calculi Using Abella
http://doi.org/10.5626/JOK.2020.47.5.496
Abella is a proof assistant with several attractive merits including the support for unification over lambda-tree syntax or higher-order abstract syntax (HOAS); due to such merits, a concise solution for the POPLmark Challenge 2A, i.e., mechanized proof of the type preservation for the pure fragment of the call-by-value System F<:, has been developed in Abella. In this work, we explain our completed mechanized proof for the type preservation of the polymorphic lambda-calculus (System F), not necessarily limited to a certain evaluation strategy, and report the status of our ongoing work extending the type preservation proof for the higher-order polymorphic lambda-calculus (System Fω).
Implementation of Web-based High-Throughput Screening Calculation System
Seong-ho Cho, Inhee Kim, Jiwon Kong, Daesan Kim, Namhoon Kwon, Robert E. Burrier, Sunghoon Kim
http://doi.org/10.5626/JOK.2019.46.3.260
In this paper, we describe the development of a web-based HTSCS (High Throughput Screening Calculation System), which is the process for assisting high-speed screening and calculation of drug candidates based on biochemical reactions from Nanoluciferase system. This system calculates and displays large amounts of experimental data with single-dose and multi-dose concentration in-vitro cell experiments through charts and graphs. Therefore, we can utilize the HTSCS to save time and effort required for drug screening.
Search
Journal of KIISE
- ISSN : 2383-630X(Print)
- ISSN : 2383-6296(Electronic)
- KCI Accredited Journal
Editorial Office
- Tel. +82-2-588-9240
- Fax. +82-2-521-1352
- E-mail. chwoo@kiise.or.kr