检索结果-内蒙古大学图书馆

AI-Driven Prioritization and Filtering of Windows Artifacts for Enhanced Digital Forensics

computers, Materials & Continua 2024年第11期81卷 3371-3393页

作者： Juhwan Kim Baehoon Son Jihyeon Yu Joobeom Yun Department of Computer and Information Security and Convergence Engineering for Intelligent DroneSejong UniversitySeoul05006Republic of Korea

Digital forensics aims to uncover evidence of cybercrimes within compromised *** cybercrimes are often perpetrated through the deployment of malware,which inevitably leaves discernible traces within the compromised *** analysts are tasked with extracting and subsequently analyzing data,termed as artifacts,from these systems to gather ***,forensic analysts must sift through extensive datasets to isolate pertinent ***,manually identifying suspicious traces among numerous artifacts is time-consuming and *** studies addressed such inefficiencies by integrating artificial intelligence(AI)technologies into digital *** the efforts in previous studies,artifacts were analyzed without considering the nature of the data within them and failed to prove their efficiency through specific *** this study,we propose a system to prioritize suspicious artifacts from compromised systems infected with malware to facilitate efficient digital *** system introduces a double-checking method that recognizes the nature of data within target artifacts and employs algorithms ideal for anomaly *** key ideas of this method are:(1)prioritize suspicious artifacts and filter remaining artifacts using autoencoder and(2)further prioritize suspicious artifacts and filter remaining artifacts using logarithmic *** evaluation demonstrates that our system can identify malicious artifacts with high accuracy and that its double-checking method is more efficient than alternative *** system can significantly reduce the time required for forensic analysis and serve as a reference for future studies.

关键词： Digital forensics autoencoder logarithmic entropy prioritization anomaly detection windows artifacts artificial intelligence

来源：评论

学校读者我要写书评

暂无评论

Adaptive Emulation Framework for Multi-Architecture IoT Firmware Testing

引用

computers, Materials & Continua 2023年第5期75卷 3291-3315页

作者： Jihyeon Yu Juhwan Kim Youngwoo Lee Fayozbek Rustamov Joobeom Yun Department of Computer and Information Security and Convergence Engineering for Intelligent DroneSejong UniversitySeoul05006Korea Department of Computer and Information Security Sejong UniversitySeoul05006Korea

Internet of things(IoT)devices are being increasingly used in numerous ***,the low priority on security and various IoT types have made these devices vulnerable to *** prevent this,recent studies have analyzed firmware in an emulation environment that does not require actual devices and is efficient for repeated ***,these studies focused only on major firmware architectures and rarely considered exotic *** addition,because of the diversity of firmware,the emulation success rate is not high in terms of large-scale *** this study,we propose the adaptive emulation framework for multi-architecture(AEMA).In the field of automated emulation frameworks for IoT firmware testing,AEMA considers the following issues:(1)limited compatibility for exotic firmware architectures,(2)emulation instability when configuring an automated environment,and(3)shallow testing range resulting from structured *** tackle these problems,AEMAcan emulate not onlymajor firmware architectures but also exotic firmware architectures not previously considered,such as Xtensa,ColdFire,and reduced instruction set computer(RISC)version five,by implementing a minority ***,we applied the emulation arbitration technique and input keyword extraction technique for emulation stability and efficient test case *** compared AEMA with other existing frameworks in terms of emulation success rates and fuzz *** a result,AEMA succeeded in emulating 864 out of 1,083 overall experimental firmware and detected vulnerabilities at least twice as fast as the experimental ***,AEMAfound a 0-day vulnerability in realworld IoT devices within 24 h.

关键词： Internet of things(IoT) emulation framework firmware fuzzing concolic execution vulnerability

来源：评论

学校读者我要写书评

暂无评论

Privacy Enhanced P2P Power Trading Using DID-Based Identity Verification in a Microgrid 1

引用

25th International Conference on information security Applications, WISA 2024

作者： Lee, Taeyang Department of Computer and Information Security and Convergence Engineering for Intelligent Drone Sejong University Seoul Korea Republic of

ISBN: (数字)9789819616244

ISBN: (纸本)9789819616237

Smart meters play a crucial role in accurately measuring power usage and distribution data in microgrids. However, fine-grained data collection raises significant privacy concerns. To address this, it is essential to develop a distributed power trading system that is both trustworthy and privacy-preserving. In this paper, we propose a peer-to-peer power trading mechanism that ensures privacy through identity verification based on decentralized identifiers, zero-knowledge proofs, and pseudonyms. Besides, we introduce an efficient claims verification scheme with Boneh-Lynn-Shacham aggregate signature. We also validate the security of our proposed mechanism through the Real-or-Random model. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2025.

关键词： Differential privacy

来源：评论

学校读者我要写书评

暂无评论

Ransomware Classification Framework Using the Behavioral Performance Visualization of Execution Objects

引用

computers, Materials & Continua 2022年第8期72卷 3401-3424页

作者： Jun-Seob Kim Ki-Woong Park Department of Computer and Information Security and Convergence Engineering for Intelligent DroneSejong UniversitySeoul05006Korea

A ransomware attack that interrupted the operation of Colonial Pipeline(a large *** pipeline company),showed that security threats by malware have become serious enough to affect industries and social infrastructure rather than individuals *** agents and characteristics of attacks should be identified,and appropriate strategies should be established accordingly in order to respond to such *** this purpose,the first task that must be performed is malware *** creators are well aware of this and apply various concealment and avoidance techniques,making it difficult to classify *** study focuses on new features and classification techniques to overcome these *** propose a behavioral performance visualization method using utilization patterns of system resources,such as the central processing unit,memory,and input/output,that are commonly used in performance analysis or tuning of *** extracted the usage patterns of the system resources for ransomware to performbehavioral performance *** results of the classification performance evaluation using the visualization results indicate an accuracy of at least 98.94%with a 3.69%loss ***,we designed and implemented a framework to perform the entire process—from data extraction to behavioral performance visualization and classification performance measurement—that is expected to contribute to related studies in the future.

关键词： Behavioral performance visualization ransomware malware classification

来源：评论

学校读者我要写书评

暂无评论

ARP Spoofing Mitigation for the E2 Interface in Open RAN: An xApp Approach 1

引用

25th International Conference on information security Applications, WISA 2024

作者： Kim, Jihye Park, Jaehyoung Lee, Jong-Hyouk Department of Computer and Information Security Sejong University Seoul05006 Korea Republic of Department of Computer and Information Security and Convergence Engineering for Intelligent Drone Sejong University Seoul05006 Korea Republic of

ISBN: (数字)9789819616244

ISBN: (纸本)9789819616237

In the 5G-Advanced and 6G era, the Open Radio Access Network (Open RAN) will support hardware and software interoperability between different vendors. The O-RAN Alliance, which leads the Open RAN initiative, has released standards addressing potential threats and mitigation requirements to the framework. While the standards specify Man-in-the-Middle (MitM) attacks on the E2 interface and recommend using IPsec, a Layer 3 security protocol, they do not cover defenses against Layer 2 attacks, such as Address Resolution Protocol (ARP) spoofing. This paper proposes an xApp with preventive and reactive mechanisms to protect the E2 interface from ARP spoofing in Open RAN. The xApp proactively prevents attacks through a static ARP table and continuously monitors the E2 interface to detect and react to the ARP spoofing, offering better network resilience than existing methods. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2025.

关键词： Radio access networks

来源：评论

学校读者我要写书评

暂无评论

security Function for 5G-Advanced and 6G: Malicious UE Detection in Network Slicing 1

引用

25th International Conference on information security Applications, WISA 2024

作者： Park, Jaehyoung Kim, Jihye Lee, Jong-Hyouk Department of Computer and Information Security and Convergence Engineering for Intelligent Drone Sejong University Seoul05006 Korea Republic of Department of Computer and Information Security Sejong University Seoul05006 Korea Republic of

ISBN: (数字)9789819616244

ISBN: (纸本)9789819616237

Starting with Software Defined Networking (SDN) and Network Functions Virtualization (NFV) technologies, network slicing is emerging as a critical technology in 5G-Advanced and 6G mobile communications to allocate logical networks end-to-end, meeting diverse service requirements. However, the advent of network slicing introduces new security threats, including inter-slice security, intra-slice security, and lifecycle security of network slicing. While recent research has focused on security orchestration technologies using SDN/NFV for network slicing and AI-based attack detection, there remains a gap in research on security by design within the components of 3GPP 5G systems. Therefore, this paper investigates security by design in the 5G-Advanced and 6G architectures. To address these issues, we propose a malicious User Equipment (UE) detection function to identify attacks within the network-slicing environment. We illustrate the interaction between the detection function and other 3GPP 5G system components for network slicing security with its algorithm for detecting malicious UEs in network slices. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2025.

关键词： Malicious UE Network Slicing security by Design

来源：评论

学校读者我要写书评

暂无评论

Trusted and Privacy-Preserving Billing System for Smart Grids

Trusted and Privacy-Preserving Billing System for Smart Grid...

引用

2025 IEEE International Conference on Big Data and Smart Computing, BigComp 2025

作者： Abduaziz, Kayumov Lee, Shincheol Shin, Ji Sun Sejong University Department of Computer and Information Security and Convergence Engineering for Intelligent Drone Seoul05006 Korea Republic of Sejong University Department of Computer and Information Security Seoul05006 Korea Republic of

With the advent of smart meters in recent years, privacy has become one of the biggest concerns in smart grids. While privacy is achieved by designing smart grid services while maintaining the anonymous participation of consumers, several technical issues must be solved by electricity companies, such as confirmation of payments or assurance of consumption data integrity and quality. In this paper, we propose a new system model for data aggregation in smart grid environments that balances the needs of consumers and electricity companies. To decentralize and achieve transparent data processing, we apply a permissioned blockchain network and smart contracts. To support consumer privacy, we propose a privacy-preserving smart contract that runs on a trusted execution environment. Payments are processed and confirmed at the end of a billing period by the smart contract to enforce data consistency and integrity. We implement our smart contract design for Hyperledger Fabric, a permissioned blockchain network, and analyze its privacy, data, and blockchain benefits. © 2025 IEEE.

关键词： Sorting

来源：评论

学校读者我要写书评

暂无评论

A Method for De-Identification Analysis of Encrypted Video 9

A Method for De-Identification Analysis of Encrypted Video

引用

Joint 9th International Conference on Digital Arts, Media and Technology with 7th ECTI Northern Section Conference on Electrical, Electronics, computer and Telecommunications engineering, ECTI DAMT and NCON 2024

作者： Kim, Deok-Han Kim, Young-Gab Sejong University Dept. of Computer and Information Security and Convergence Engineering for Intelligent Drone Seoul Korea Republic of

ISBN: (纸本)9798350318241

As the variety of video content increases, so does the likelihood of data breaches of sensitive personal information. Consequently, several video de-identification techniques have been developed to protect personal data, alongside ongoing research into video encryption technology, which offers the advantage of decryption to obtain the original video without storing a separate video copy. While it is possible to visually evaluate whether individual encrypted frames have been correctly de-identified, human interpretation makes this method vulnerable to subjective bias. Many video encryption studies employ traditional image quality evaluation metrics, such as peak signal-to-noise ratio and structural similarity index measure (SSIM), to objectively demonstrate the de-identification of encrypted videos. However, these metrics prove to be insufficiently effective for this purpose. These image metrics can measure the de-identification rate of a single frame in encrypted videos, but not the entire video. This study introduces a quantitative analysis method to confirm de-identification in fully encrypted videos. In this study, we measured the de-identification rates of all frames of encrypted videos using a weighted sum of SSIM and edge differential ratio. We also measured the de-identification rate of a fully encrypted video. Finally, we graphically analyzed these data using line charts. This objective methodology enabled the identification of portions of the encrypted video where de-identification techniques may not have been appropriately applied. © 2024 IEEE.

关键词： Quality control

来源：评论

学校读者我要写书评

暂无评论

A Self-Adaptive Framework for Responding to Uncertainty in Access Control Process with Deep Neural Networks 23

A Self-Adaptive Framework for Responding to Uncertainty in A...

引用

23rd IEEE International Conference on Trust, security and Privacy in Computing and Communications, TrustCom 2024

作者： Park, Jihoon Kang, Giluk Kim, Young-Gab Sejong University Dept. of Computer and Information Security Convergence Engineering for Intelligent Drone Seoul Korea Republic of

The rapid increase in Internet of Things (IoT) devices and data across various domains (e.g., healthcare, smart cities, smart factories, and smart homes) has led to growing complexity in managing security policies to protect them. Moreover, the increased complexity makes it even more challenging to define security policies in the attribute-based access control (ABAC) model, which requires considering user requirements and environmental conditions. Thus, the ABAC model is likely to include unexpected uncertainties when administrators define security policies. In this study, uncertainty refers to unforeseen future outcomes that may arise from factors the administrator has not considered. Furthermore, the increasing number of IoT devices makes it nearly impossible for administrators to predict all uncertainties and adjust security policies accordingly. Several studies have been proposed to address these challenges, but they rely on human intervention. Therefore, this study proposes a self-adaptive framework that combines a self-adaptive system with deep neural networks (DNNs) to respond to uncertainties intelligently and autonomously. The framework effectively identifies uncertainties in the access control process through variational autoencoder (VAE) and long short-term memory (LSTM) without human intervention and autonomously responds using a self-adaptive system. © 2024 IEEE.

关键词： Authorization

来源：评论

学校读者我要写书评

暂无评论

RAG-based Cyber Threat Tracing Graph Modeling Method 23

RAG-based Cyber Threat Tracing Graph Modeling Method

引用

23rd IEEE International Conference on Trust, security and Privacy in Computing and Communications, TrustCom 2024

作者： Jeon, Jong-Hee Koo, Jahoon Kim, Young-Gab Sejong University Seoul Security Engineering Lab. Dept. of Computer and Information Security Korea Republic of Sejong University Seoul Security Engineering Lab. Dept. of Computer and Information Security and Convergence Engineering for Intelligent Drone Korea Republic of

Cyber-attacks have become increasingly complex and sophisticated, occurring frequently through various paths. Numerous attack techniques, such as ransomware, advanced persistent threat (APT) attacks, and viruses facilitated by generative artificial intelligence (GAI), are threatening systems. Attackers often remain hidden for extended periods, using networks to infiltrate and spread within internal systems, aiming to steal sensitive information. These stealthy lateral movements are difficult to detect and defend against, necessitating a graph-based approach to effectively track and analyze threats. In this paper, we propose a retrieval-augmented generation (RAG) based threat behavior tracing method that derives more meaningful results through the information retrieval functions in the large language model (LLM). We present a suitable graph model for threat tracing by comparing label property graph (LPG) and resource description framework (RDF) as graph methods for knowledge extraction in RAG. © 2024 IEEE.

关键词： computer viruses

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：