检索结果-内蒙古大学图书馆

AI-Driven Prioritization and Filtering of Windows Artifacts for Enhanced Digital Forensics

computers, Materials & Continua 2024年第11期81卷 3371-3393页

作者： Juhwan Kim Baehoon Son Jihyeon Yu Joobeom Yun Department of Computer and Information Security and Convergence Engineering for Intelligent DroneSejong UniversitySeoul05006Republic of Korea

Digital forensics aims to uncover evidence of cybercrimes within compromised *** cybercrimes are often perpetrated through the deployment of malware,which inevitably leaves discernible traces within the compromised *** analysts are tasked with extracting and subsequently analyzing data,termed as artifacts,from these systems to gather ***,forensic analysts must sift through extensive datasets to isolate pertinent ***,manually identifying suspicious traces among numerous artifacts is time-consuming and *** studies addressed such inefficiencies by integrating artificial intelligence(AI)technologies into digital *** the efforts in previous studies,artifacts were analyzed without considering the nature of the data within them and failed to prove their efficiency through specific *** this study,we propose a system to prioritize suspicious artifacts from compromised systems infected with malware to facilitate efficient digital *** system introduces a double-checking method that recognizes the nature of data within target artifacts and employs algorithms ideal for anomaly *** key ideas of this method are:(1)prioritize suspicious artifacts and filter remaining artifacts using autoencoder and(2)further prioritize suspicious artifacts and filter remaining artifacts using logarithmic *** evaluation demonstrates that our system can identify malicious artifacts with high accuracy and that its double-checking method is more efficient than alternative *** system can significantly reduce the time required for forensic analysis and serve as a reference for future studies.

关键词： Digital forensics autoencoder logarithmic entropy prioritization anomaly detection windows artifacts artificial intelligence

来源：评论

学校读者我要写书评

暂无评论

Adaptive Emulation Framework for Multi-Architecture IoT Firmware Testing

引用

computers, Materials & Continua 2023年第5期75卷 3291-3315页

作者： Jihyeon Yu Juhwan Kim Youngwoo Lee Fayozbek Rustamov Joobeom Yun Department of Computer and Information Security and Convergence Engineering for Intelligent DroneSejong UniversitySeoul05006Korea Department of Computer and Information Security Sejong UniversitySeoul05006Korea

Internet of things(IoT)devices are being increasingly used in numerous ***,the low priority on security and various IoT types have made these devices vulnerable to *** prevent this,recent studies have analyzed firmware in an emulation environment that does not require actual devices and is efficient for repeated ***,these studies focused only on major firmware architectures and rarely considered exotic *** addition,because of the diversity of firmware,the emulation success rate is not high in terms of large-scale *** this study,we propose the adaptive emulation framework for multi-architecture(AEMA).In the field of automated emulation frameworks for IoT firmware testing,AEMA considers the following issues:(1)limited compatibility for exotic firmware architectures,(2)emulation instability when configuring an automated environment,and(3)shallow testing range resulting from structured *** tackle these problems,AEMAcan emulate not onlymajor firmware architectures but also exotic firmware architectures not previously considered,such as Xtensa,ColdFire,and reduced instruction set computer(RISC)version five,by implementing a minority ***,we applied the emulation arbitration technique and input keyword extraction technique for emulation stability and efficient test case *** compared AEMA with other existing frameworks in terms of emulation success rates and fuzz *** a result,AEMA succeeded in emulating 864 out of 1,083 overall experimental firmware and detected vulnerabilities at least twice as fast as the experimental ***,AEMAfound a 0-day vulnerability in realworld IoT devices within 24 h.

关键词： Internet of things(IoT) emulation framework firmware fuzzing concolic execution vulnerability

来源：评论

学校读者我要写书评

暂无评论

Privacy Enhanced P2P Power Trading Using DID-Based Identity Verification in a Microgrid 1

引用

25th International Conference on information security Applications, WISA 2024

作者： Lee, Taeyang Department of Computer and Information Security and Convergence Engineering for Intelligent Drone Sejong University Seoul Korea Republic of

ISBN: (数字)9789819616244

ISBN: (纸本)9789819616237

Smart meters play a crucial role in accurately measuring power usage and distribution data in microgrids. However, fine-grained data collection raises significant privacy concerns. To address this, it is essential to develop a distributed power trading system that is both trustworthy and privacy-preserving. In this paper, we propose a peer-to-peer power trading mechanism that ensures privacy through identity verification based on decentralized identifiers, zero-knowledge proofs, and pseudonyms. Besides, we introduce an efficient claims verification scheme with Boneh-Lynn-Shacham aggregate signature. We also validate the security of our proposed mechanism through the Real-or-Random model. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2025.

关键词： Differential privacy

来源：评论

学校读者我要写书评

暂无评论

Ransomware Classification Framework Using the Behavioral Performance Visualization of Execution Objects

引用

computers, Materials & Continua 2022年第8期72卷 3401-3424页

作者： Jun-Seob Kim Ki-Woong Park Department of Computer and Information Security and Convergence Engineering for Intelligent DroneSejong UniversitySeoul05006Korea

A ransomware attack that interrupted the operation of Colonial Pipeline(a large *** pipeline company),showed that security threats by malware have become serious enough to affect industries and social infrastructure rather than individuals *** agents and characteristics of attacks should be identified,and appropriate strategies should be established accordingly in order to respond to such *** this purpose,the first task that must be performed is malware *** creators are well aware of this and apply various concealment and avoidance techniques,making it difficult to classify *** study focuses on new features and classification techniques to overcome these *** propose a behavioral performance visualization method using utilization patterns of system resources,such as the central processing unit,memory,and input/output,that are commonly used in performance analysis or tuning of *** extracted the usage patterns of the system resources for ransomware to performbehavioral performance *** results of the classification performance evaluation using the visualization results indicate an accuracy of at least 98.94%with a 3.69%loss ***,we designed and implemented a framework to perform the entire process—from data extraction to behavioral performance visualization and classification performance measurement—that is expected to contribute to related studies in the future.

关键词： Behavioral performance visualization ransomware malware classification

来源：评论

学校读者我要写书评

暂无评论

ARP Spoofing Mitigation for the E2 Interface in Open RAN: An xApp Approach 1

引用

25th International Conference on information security Applications, WISA 2024

作者： Kim, Jihye Park, Jaehyoung Lee, Jong-Hyouk Department of Computer and Information Security Sejong University Seoul05006 Korea Republic of Department of Computer and Information Security and Convergence Engineering for Intelligent Drone Sejong University Seoul05006 Korea Republic of

ISBN: (数字)9789819616244

ISBN: (纸本)9789819616237

In the 5G-Advanced and 6G era, the Open Radio Access Network (Open RAN) will support hardware and software interoperability between different vendors. The O-RAN Alliance, which leads the Open RAN initiative, has released standards addressing potential threats and mitigation requirements to the framework. While the standards specify Man-in-the-Middle (MitM) attacks on the E2 interface and recommend using IPsec, a Layer 3 security protocol, they do not cover defenses against Layer 2 attacks, such as Address Resolution Protocol (ARP) spoofing. This paper proposes an xApp with preventive and reactive mechanisms to protect the E2 interface from ARP spoofing in Open RAN. The xApp proactively prevents attacks through a static ARP table and continuously monitors the E2 interface to detect and react to the ARP spoofing, offering better network resilience than existing methods. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2025.

关键词： Radio access networks

来源：评论

学校读者我要写书评

暂无评论

security Function for 5G-Advanced and 6G: Malicious UE Detection in Network Slicing 1

引用

25th International Conference on information security Applications, WISA 2024

作者： Park, Jaehyoung Kim, Jihye Lee, Jong-Hyouk Department of Computer and Information Security and Convergence Engineering for Intelligent Drone Sejong University Seoul05006 Korea Republic of Department of Computer and Information Security Sejong University Seoul05006 Korea Republic of

ISBN: (数字)9789819616244

ISBN: (纸本)9789819616237

Starting with Software Defined Networking (SDN) and Network Functions Virtualization (NFV) technologies, network slicing is emerging as a critical technology in 5G-Advanced and 6G mobile communications to allocate logical networks end-to-end, meeting diverse service requirements. However, the advent of network slicing introduces new security threats, including inter-slice security, intra-slice security, and lifecycle security of network slicing. While recent research has focused on security orchestration technologies using SDN/NFV for network slicing and AI-based attack detection, there remains a gap in research on security by design within the components of 3GPP 5G systems. Therefore, this paper investigates security by design in the 5G-Advanced and 6G architectures. To address these issues, we propose a malicious User Equipment (UE) detection function to identify attacks within the network-slicing environment. We illustrate the interaction between the detection function and other 3GPP 5G system components for network slicing security with its algorithm for detecting malicious UEs in network slices. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2025.

关键词： Malicious UE Network Slicing security by Design

来源：评论

学校读者我要写书评

暂无评论

A Method for De-Identification Analysis of Encrypted Video 9

A Method for De-Identification Analysis of Encrypted Video

引用

Joint 9th International Conference on Digital Arts, Media and Technology with 7th ECTI Northern Section Conference on Electrical, Electronics, computer and Telecommunications engineering, ECTI DAMT and NCON 2024

作者： Kim, Deok-Han Kim, Young-Gab Sejong University Dept. of Computer and Information Security and Convergence Engineering for Intelligent Drone Seoul Korea Republic of

ISBN: (纸本)9798350318241

As the variety of video content increases, so does the likelihood of data breaches of sensitive personal information. Consequently, several video de-identification techniques have been developed to protect personal data, alongside ongoing research into video encryption technology, which offers the advantage of decryption to obtain the original video without storing a separate video copy. While it is possible to visually evaluate whether individual encrypted frames have been correctly de-identified, human interpretation makes this method vulnerable to subjective bias. Many video encryption studies employ traditional image quality evaluation metrics, such as peak signal-to-noise ratio and structural similarity index measure (SSIM), to objectively demonstrate the de-identification of encrypted videos. However, these metrics prove to be insufficiently effective for this purpose. These image metrics can measure the de-identification rate of a single frame in encrypted videos, but not the entire video. This study introduces a quantitative analysis method to confirm de-identification in fully encrypted videos. In this study, we measured the de-identification rates of all frames of encrypted videos using a weighted sum of SSIM and edge differential ratio. We also measured the de-identification rate of a fully encrypted video. Finally, we graphically analyzed these data using line charts. This objective methodology enabled the identification of portions of the encrypted video where de-identification techniques may not have been appropriately applied. © 2024 IEEE.

关键词： Quality control

来源：评论

学校读者我要写书评

暂无评论

Simulation of an ARP Spoofing Attack on the E2 Interface in Open RAN 35

Simulation of an ARP Spoofing Attack on the E2 Interface in ...

引用

35th IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC 2024

作者： Kim, Jihye Park, Jaehyoung Lee, Jong-Hyouk Sejong University Dept. of Computer and Information Security Seoul Korea Republic of Sejong University Dept. of Computer and Information Security & Convergence Engineering for Intelligent Drone Seoul Korea Republic of

ISBN: (纸本)9798350362244

In anticipation of the 5G-Advanced and 6G era, this paper explores Open RAN as an innovative solution to enhance the existing Radio Access Network (RAN) capabilities, particularly in managing the surge in mobile traffic. The O-RAN Alliance has made significant strides in this domain, particularly by releasing a comprehensive standard document addressing potential security threats and necessary countermeasures within Open RAN frameworks. A critical aspect of these standards is the emphasis on safeguarding the E2 interface-linking the NearRT RIC and RAN nodes-against Man-in-the-Middle (MitM) attacks, with IPsec proposed as a key defensive mechanism. Our study, however, reveals a vulnerability: the E2 interface remains susceptible to ARP spoofing, a variant of MitM attacks. This paper presents detailed simulation results to demonstrate this security flaw and delves into the potential ramifications on the E2 interface's functionality and integrity. Our findings underscore the need for revisiting and reinforcing security protocols in the evolving landscape of Open RAN networks. © 2024 IEEE.

关键词： Radio access networks

来源：评论

学校读者我要写书评

暂无评论

MV-Honeypot:security Threat Analysis by Deploying Avatar as a Honeypot in COTS Metaverse Platforms

引用

computer Modeling in engineering & Sciences 2024年第10期141卷 655-669页

作者： Arpita Dinesh Sarang Mohsen Ali Alawami Ki-Woong Park SysCore Lab.(Convergence Engineering for Intelligent Drone) Sejong UniversitySeoul05006Republic of Korea Division of Computer Engineering Hankuk University of Foreign StudiesYongin-si17035Republic of Korea Department of Information Security Sejong UniversitySeoul05006Republic of Korea

Nowadays,theuse of Avatars that are unique digital depictions has increased by users to access Metaverse—a virtual reality environment—through multiple devices and for various ***,the Avatar and Metaverse are being developed with a new theory,application,and design,necessitating the association of more personal data and devices of targeted users every *** Avatar and Metaverse technology explosion raises privacy and security concerns,leading to cyber ***-Honeypot,or Metaverse-Honeypot,as a commercial off-the-shelf solution that can counter these cyber attack-causing vulnerabilities,should be *** fill this gap,we study user’s engagements with Avatars in Metaverse,analyze possible security vulnerabilities,and create a model named Simplified Avatar Relationship Association with Non-linear Gradient(SARANG)that draws the full diagram of infrastructure components and data flow through accessing Metaverse in this *** also determine the most significant threat for each component’s cyberattacks that will affect user data and *** a result,the commercial off-the-shelf(COTS)of the MV-Honeypot must be established.

关键词： Avatar metaverse cybersecurity cloud computing internet of things artificial intelligence security analysis

来源：评论

学校读者我要写书评

暂无评论

A Self-Adaptive Access Control Framework Based on User Attributes Among Heterogeneous Internet of Things Platforms 9

A Self-Adaptive Access Control Framework Based on User Attri...

引用

作者： Park, Jihoon Koo, Jahoon Kim, Young-Gab Sejong University Dept. of Computer and Information Security and Convergence Engineering for Intelligent Drone Seoul Korea Republic of Sejong University Dept. of Computer and Information Security Seoul Korea Republic of

ISBN: (纸本)9798350318241

Internet of Things (IoT) platforms are being actively designed to provide various services to users. However, most IoT platforms are developed in independent environments, causing difficulties in their interoperability. Even though heterogeneous IoT platforms employ the same attribute-based access control (ABAC) model to protect their resources, the attribute representation methods used by these platforms differ. Consequently, a semantic interoperability problem arises, wherein users of one platform cannot access the resources from other platforms, even though these users possess valid attributes. Therefore, this paper proposes a framework that can interoperate by understanding different attribute representation methods among heterogeneous IoT platforms that employ the same ABAC model. Our framework uses self-adaptive modules monitor-analyze-plan-execute over a shared knowledge (MAPE-K) to solve semantic interoperability problems arising from differences in attribute representations, even with valid attributes, enabling access to resources between heterogeneous IoT platforms. © 2024 IEEE.

关键词： Internet of things

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：