http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
Opcode와 API의 빈도수와 상관계수를 활용한 Cerber형 랜섬웨어 탐지모델에 관한 연구
이계혁,황민채,현동엽,구영인,유동영,Lee, Gye-Hyeok,Hwang, Min-Chae,Hyun, Dong-Yeop,Ku, Young-In,Yoo, Dong-Young 한국정보처리학회 2022 정보처리학회논문지. 컴퓨터 및 통신시스템 Vol.11 No.10
최근 코로나 19 팬더믹 이후 원격근무의 확대와 더불어 랜섬웨어 팬더믹이 심화하고 있다. 현재 안티바이러스 백신 업체들이 랜섬웨어에 대응하고자 노력하고 있지만, 기존의 파일 시그니처 기반 정적 분석은 패킹의 다양화, 난독화, 변종 혹은 신종 랜섬웨어의 등장 앞에 무력화될 수 있다. 이러한 랜섬웨어 탐지를 위한 다양한 연구가 진행되고 있으며, 시그니처 기반 정적 분석의 탐지 방법과 행위기반의 동적 분석을 이용한 탐지 연구가 현재 주된 연구유형이라고 볼 수 있다. 본 논문에서는 단일 분석만을 이용하여 탐지모델에 적용하는 것이 아닌 ".text Section" Opcode와 실제 사용하는 Native API의 빈도수를 추출하고 K-means Clustering 알고리즘, 코사인 유사도, 피어슨 상관계수를 이용하여 선정한 특징정보들 사이의 연관성을 분석하였다. 또한, 타 악성코드 유형 중 웜과 Cerber형 랜섬웨어를 분류, 탐지하는 실험을 통해, 선정한 특징정보가 특정 랜섬웨어(Cerber)를 탐지하는 데 특화된 정보임을 검증하였다. 위와 같은 검증을 통해 최종 선정된 특징정보들을 결합하여 기계학습에 적용하여, 최적화 이후 정확도 93.3% 등의 탐지율을 나타내었다. Since the recent COVID-19 Pandemic, the ransomware fandom has intensified along with the expansion of remote work. Currently, anti-virus vaccine companies are trying to respond to ransomware, but traditional file signature-based static analysis can be neutralized in the face of diversification, obfuscation, variants, or the emergence of new ransomware. Various studies are being conducted for such ransomware detection, and detection studies using signature-based static analysis and behavior-based dynamic analysis can be seen as the main research type at present. In this paper, the frequency of ".text Section" Opcode and the Native API used in practice was extracted, and the association between feature information selected using K-means Clustering algorithm, Cosine Similarity, and Pearson correlation coefficient was analyzed. In addition, Through experiments to classify and detect worms among other malware types and Cerber-type ransomware, it was verified that the selected feature information was specialized in detecting specific ransomware (Cerber). As a result of combining the finally selected feature information through the above verification and applying it to machine learning and performing hyper parameter optimization, the detection rate was up to 93.3%.
Opcode와 API의 군집화와 유사도 분석을 활용한 랜섬웨어 탐지모델 연구
이계혁 ( Gye-hyeok Lee ),황민채 ( Min-chae Hwang ),구영인 ( Young-in Ku ),현동엽 ( Dong-yeop Hyun ),유동영 ( Dong-young Yoo ) 한국정보처리학회 2022 한국정보처리학회 학술대회논문집 Vol.29 No.1
최근 코로나 19 팬더믹 이후 원격근무의 확대와 더불어 랜섬웨어 팬더믹이 심화하고 있다. 현재 안티바이러스 백신 업체들이 랜섬웨어에 대응하고자 노력하고 있지만, 기존의 파일시그니처 기반 정적분석은 패킹의 다양화, 난독화, 변종 혹은 신종 랜섬웨어의 등장 앞에 무력화될 수 있고, 실제로 랜섬웨어의 피해 규모 지속 증가가 이를 설명한다. 본 논문에서는 기계학습을 기반으로 한 단일 분석만을 이용하여 탐지모델에 적용하는 것이 아닌 정적분석 정보(.text Section Opcode)와 동적 분석 정보(Native API)를 추출하고 유사도를 바탕으로 연관성을 찾아 결합하여 기계학습에 적용하는 탐지모델을 제안한다.
정종철(Jong Cheol Jeong),이계혁(Gye Hyeok Lee),최재욱(Jae Uk Choi),성대경(Dae Kyung Sung),김호성(Ho Sung Kim),외재선(Jae Sun Choi),하승연(Seung Yeon Ha) 대한구강악안면외과학회 1999 대한구강악안면외과학회지 Vol.25 No.2
골종은 성숙된 골 조직의 성장에 의하여 발생되는 양성 종양으로 안면골에서는 주로 전두동이나 하악골에서 보고되고 있으며 상악동에서는 매우 드물게 보고되고 있다. 이에 저자등은 46세 남자 환자의 좌측 상악동에서 외골종을 경험하였기에 문헌 고찰과 함께 보고하는 바이다. The osteoma is a benign tumor characterized by proliferation of compact or cancellous bone, that may form peripherally in a periosteal location or in a central position. The most common site of peripheral osteoma in craniofacial area is the frontal sinus, but rare in the maxillary sinus. Clinically, this lesion that shows slow growing without symptoms can produce swelling and cause asymmetry. This tumor may arise at any age, but slightly more frequently in men than in women, and more common in young age. Radiographically, this lesion appears as a well-circumscribed radiopacity and histopathologically shows proliferation of either compact or cancellous bone. The etiology of ostemas in the paranasal sinus is unknown, but it has been suggested that they are frequently associated with infection and trauma, and in a certain cases are believed to develop in sinus polyps, which are an inflammatory reaction. The treatment of osteoma is surgical excision, but need not be excised unless it causes obstruction to a sinus cavity or disturbing cosmetically, and this tumor usually does not recur after surgical removal. We report a case of peripheral osteoma on the maxillary sinus in 46 male-patient who came our hospital for discomfort of the left cheek and TMJ area.
하악 과두 골절 환자에서 Lag-screw를 이용한 관혈적 정복 후 임상적 연구
정종철,송민석,최재욱,김성범,서지훈,이계혁,Jeong, Jong-Cheol,Song, Min-Seok,Choi, Jae-Uk,Kim, Seong-Beom,Seo, Ji-Hun,Lee, Gye-Hyeok 대한구강악안면외과학회 2001 대한구강악안면외과학회지 Vol.27 No.5
Purpose : This study evaluated clinical and radiographic results after open reduction and lag-screw fixation of mandibular condyle fractures. Patients and Methods : 26 patients had been treated by lag-screw fixation for madibular condyle fracures via submandibular approach and follow up for over 6 months. The lag-screw used in this study was designed by Eckelt. Results : Radiographically, resorption of the condyle head found in 4 cases (15%) and minimal displacement of the condyle head was found in 3 cases (12%). Post-operative infection were not found in all cases. Clinically, All patiens had a stable occlusion and normal mouth opening (over 40mm). TMD problems with crepitus or some discomfort encountered in 4 patients but tolerable to the patients. Conclusion : Lag screw fixation can be a good option especially high level condylar fractures, however this procedure must be used in cautiously because of slipping of the fragments and possible to resorption of the fragments.
정종철,김건중,최재선,성대경,김호성,이계혁,Jeong, Jong-Cheol,Kim, Keon-Jung,Choi, Jae-Sun,Sung, Dae-Kyung,Kim, Ho-Sung,Lee, Gye-Hyeok 대한악안면성형재건외과학회 1998 Maxillofacial Plastic Reconstructive Surgery Vol.20 No.2
Compound comminuted mandibular fracture is defined as the presence of multiple fracture lines with open wound resulting in many small pieces within the same area. The incidence of mandibular comminution is difficult to determine but reported as 2.7~18.6 % incidence among mandibular fractures. There are controversies in the treatment of mandibular comminuted fractures. Treatment of comminuted mandibular fracture has traditionally involved closed reduction in an effort to avoid stripping periostcum from the bony segments, but rigid internal rigid fixation is used more popular at present. The extent of comminution, displacement of bony fragments and patient general conditions are important factors in decision of the treatment methods. When significant bone displacement is present, it is necessary to reduce these comminuted fragments to an anatomic, pretraumatic relationship to restore facial form and function. In these cases, ORIF allows anantomic reduction of comminuted segments as well as pretraumatic occlusion. Gentle handling of the soft tissue, rigid fixation of bony fragments and adequate immobilization are essential for reducing the complications. This is the report the incidence, causes, complications and treatment of the patients who visited our department for compound comminuted mandibular fractures.
성대경(Dae Kyung Sung),정종철(Jon Cheol Jeong),김호성(Ho Sung Kim),서지훈,김성범,최재욱(Jae Uk Choi),이계혁(Gye Hyeok Lee),류근신(Geun Shin Ryu) 대한구강악안면외과학회 2000 대한구강악안면외과학회지 Vol.26 No.3
Hemangiopericytoma is uncommon vascular neoplasm that arises from pericytes arround the capillary walls. It was first described as a distinct vascular neoplasm by Stout and Murray in 1942 The anatomic distribution is widespread throughout the body, with approximately one third occur in the head and neck. No sex predilection has been found. Although middle age appears to be the most prevalent time of onset, this neoplasm has been found in all age groups. The differentiation between benign and malignant hemangiopericytoma can be difficult. Although the majority of these tumors are benign, there are malignant variants that can metastasize. Metastasis of seemingly benign tumors may appear year of decade later, so long term close follow-up is needed The treatment of choice is complete surgical excision of the tumor. Despite their vascular origin, these tumors are relatively radioresistant. Radiation therapy is reserved for inoperable metastases or treatment of postoperative surgical fields. Here we present a case of hemangiopericytoma occuring on the Lt. buccal mucosa.
조현이,정종철,김호성,최재욱,성대경,서지훈,김성범,이계혁 大韓顎顔面成形再建外科學會 2000 Maxillofacial Plastic Reconstructive Surgery Vol.22 No.1
Osteosarcoma is a primary malignant tumor arising most often in the long bone, but rare in jaw bone. Especially osteogenic sarcoma of the mandible is a rare tumor, comprising less than 0.5% of all head and neck tumors. Osteosarcoma occurs cheifly in young persons, and presenting very survival rates. Histopathologically this tumor can be classified three types, osteoblastic, fibroblastic, chondroblastic and classified from low grade to high grade by anaplasia or mitosis of the tumor cells. Sometimes, the exact diagnosis of osteosarcoma is difficult especially in low grade osteosarcoma, even if clinical or radiographical findings suggest to osteosarcoma. So suspcious to malignant bone tumor in clinical or radiological findings, biopsy should be taked from deep portion and multiple area, and sharing the patient history and radiographs with pathologist will assist in the development of the diagnosis. We report a case of low grade osteosarcoma on the mandible initially difficulty in accurate diagnosis. The patient visited our hospital for routine dental treatment but radiographic findings displayed ill-defined radiolucency with osteoid formation on the mandible. Final diagnosis was difficulty in initial biopsy but subsequent biopsy taked from deep portion presented infiltrative growth and mitosis of the tumor cell in some area with small osteoid bone formation, so we could reach final diagnosis as low grade sarcoma. We treated this patient with bloc resection of the mandible and immediate reconstruction with iliac corticocancellous block.