Digital Library[ Search Result ]
The Classification Model of Fileless Cyber Attacks
GyungMin Lee, ShinWoo Shim, ByoungMo Cho, TaeKyu Kim, KyoungGon Kim
http://doi.org/10.5626/JOK.2020.47.5.454
Since late 2000, state-sponsored and sophisticated cyber-attacks have continued unabated. Also, preparing countermeasures against cyber-attack techniques based on traces are also in development. Cyber attackers use a variety of techniques to veil their attacks from these analyses and countermeasures. In particular, fileless cyber-attacks that do not create a file used for an attack are increasing. Fileless cyber-attacks are difficult to analyze because there are no executable files to analyze from the defender"s perspective. In this paper, we investigate and analyze fileless cyber-attacks and present a model based on the cyber kill chain to classify fileless cyber-attacks. Through this, it is expected to identify and respond to attack types more quickly than when new fileless cyber-attacks occur.
Analysis and Modeling of Advanced Persistent Threat through Case Study
http://doi.org/10.5626/JOK.2019.46.12.1328
Advanced Persistent Threat(APT) attack is one of the cyber-attack methods that continuously attacks the specific target with advanced tools. Since attackers use various methods that are specialized to targets, it is difficult to prevent the attacks with common security countermeasures. Currently, there exist various the APT attack stage models. However, the models only express APT attacks simply. Consequently, it is difficult to use them for risk assessment or as a recommendation for security requirements for a specific system. In order to overcome the limitations of such models, we derived factors of APT attack through a case study for defining the features of APT attack. We have also analyzed and defined the factors and their relationships to construct the APT attack factor model. For validation purpose, the model applied to the actual attack case has been referred to as ‘APT 1’. Through the proposed model, it would be possible to gain understanding about the overall flow of APT attacks and classify attack factors not only in terms of technical aspects but also with respect to social engineering facets.
An Approach to Detect Macros via Self-similarity of Mobile Input
http://doi.org/10.5626/JOK.2019.46.9.951
Macros that repeats specified in-game actions without the need for human interaction are a major cause of unfairness in computer gaming. For the success of a game service, the organizational use of macros which destroys the game’s economy and can deteriorate a user’s game motivation should be prohibited. It is particularly easy for macros to be generated and used in mobile games, because a mobile game’s design and playing sequence are likely to be relatively simple compared to those of PC games because of the limited hardware resources and, inefficient input methods of mobile devices compared to PCs. At the same time, the current macro detection methods used in mobile games can consume substantial amounts of resources. Thus, macro detection is still a challenge in mobile game services. In this paper, we propose a method to detect macros via self-similarity based on the mobile input. Our proposed method sets the unit for effectively obtaining self-similarity with fewer resources. We applied the proposed method to two mobile games and showed that macro and human activities can be distinguished with high accuracy.
Fast Blockchain Consensus Algorithm with Forward Secure Signatures
Jeonghyuk Lee, Jihye Kim, Hyunok Oh
http://doi.org/10.5626/JOK.2019.46.5.397
Recently blockchain has emerged as an alternative to central data management. Existing blockchains, such as Bitcoin or Ethereum use a PoW(Proof of Work) method to reliably add a new block to the blockchain. Since PoW method performs a hash function calculation and has a high computational cost, fast transactions are impossible with PoW. Therefore, we propose a delegation based blockchain that can replace PoW method and use a forward secure signature to enhance the blockchain security. We implemented a signature scheme that could be used in delegation based blockchains, and analyzed the performance and security of the proposed blockchain.
Privacy Protection Method based on Multi-Object Authentication in Intelligent CCTV Environment
http://doi.org/10.5626/JOK.2019.46.2.154
In the intelligent CCTV surveillance environment, personal identity is confirmed based on face recognition. However, the recognition rate of the current face recognition technology is still faulty. In particular, face recognition may not work correctly due to various causes such as CCTV shot quality, weather, personal pose and facial expression, hairstyle, lighting condition, and so on. In this case, there is a great risk of exposing object`s privacy information in the video surveillance environment due to erroneous object judgment. The proposed method can increase the recognition rate of objects based on the CCTV-RFID hybrid authentication method, and thus protect the privacy of the image object.
Ontology-based Approach to Determine the Conflicts between Security and Usability Requirements in the Requirements Engineering Process
http://doi.org/10.5626/JOK.2018.45.11.1142
Considering the trade-offs or conflicts between security and usability during the requirements engineering (RE) process is a complicated task. This is due to the contrary characteristics of security and usability as well as a lack of research on finding a consensus on the semantics of quality attributes, especially for security and usability. Furthermore, the number of security experts available is decreasing, while a methodology to determine the conflicts between security and usability during the RE process has not yet been developed. We, therefore, propose a novel approach to construct a three-layer ontological knowledge base by linking the keywords from definitions, criteria, and metrics of security and usability. In addition, we discuss the applicability of this knowledge base by examining two case studies with software engineering (SE) students. These case studies show that the participants using the proposed approach (Team A) can derive conflicts that are more precise compared to the participants who did not use the knowledge base (Team B). Moreover, the number of conflicts derived by Team A is half that by Team B. Regardless of the knowledge level, the proposed approach can determine the conflicts between security and usability during the RE process. Also, while practical RE studies have often been considered difficult to handle, the proposed approach can show the applicability of RE research.
An Integrated Analysis Method Considering Security in ISO 26262 for Improving the Safety of the Vehicle
http://doi.org/10.5626/JOK.2018.45.11.1156
Recently, new technologies and services such as autonomous driving, Connected Car, ADAS and V2X have been applied to vehicles. With more than 1G byte of code and more than 70 ECUs, the automotive is continuously getting complex and connected. These situations have led to the emergency of security problems along with increase in security risks. However, there respectively exist safety processes dealing with automobile safety and security processes dealing with security, so that automobile safety problems arising from security threats are not prepared. Furthermore, ISO 26262 Second Edition calls for consideration of the mutual influence of security and security. In this paper, we propose an integrated analysis method considering security in ISO 26262 with aim of contribution towards improvement the safety of the vehicle.
Search
Journal of KIISE
- ISSN : 2383-630X(Print)
- ISSN : 2383-6296(Electronic)
- KCI Accredited Journal
Editorial Office
- Tel. +82-2-588-9240
- Fax. +82-2-521-1352
- E-mail. chwoo@kiise.or.kr