Recently,with the normalization of non-face-to-face online environments in response to the COVID-19 pandemic,the possibility of cyberattacks through endpoints has increased.Numerous endpoint devices are managed meticu...Recently,with the normalization of non-face-to-face online environments in response to the COVID-19 pandemic,the possibility of cyberattacks through endpoints has increased.Numerous endpoint devices are managed meticulously to prevent cyberattacks and ensure timely responses to potential security threats.In particular,because telecommuting,telemedicine,and teleeducation are implemented in uncontrolled environments,attackers typically target vulnerable endpoints to acquire administrator rights or steal authentication information,and reports of endpoint attacks have been increasing considerably.Advanced persistent threats(APTs)using various novel variant malicious codes are a form of a sophisticated attack.However,conventional commercial antivirus and anti-malware systems that use signature-based attack detectionmethods cannot satisfactorily respond to such attacks.In this paper,we propose a method that expands the detection coverage inAPT attack environments.In this model,an open-source threat detector and log collector are used synergistically to improve threat detection performance.Extending the scope of attack log collection through interworking between highly accessible open-source tools can efficiently increase the detection coverage of tactics and techniques used to deal with APT attacks,as defined by MITRE Adversarial Tactics,Techniques,and Common Knowledge(ATT&CK).We implemented an attack environment using an APT attack scenario emulator called Carbanak and analyzed the detection coverage of Google Rapid Response(GRR),an open-source threat detection tool,and Graylog,an open-source log collector.The proposed method expanded the detection coverage against MITRE ATT&CK by approximately 11%compared with that conventional methods.展开更多
Sea surface temperature(SST)retrieved from Advanced Very High Resolution Radiometer(AVHRR)onboard National Oceanic and Atmospheric Administration(NOAA)polar orbiting environmental satellites were validated in the East...Sea surface temperature(SST)retrieved from Advanced Very High Resolution Radiometer(AVHRR)onboard National Oceanic and Atmospheric Administration(NOAA)polar orbiting environmental satellites were validated in the East/Japan Sea(EJS)using surface drifter measurements as ground truths from 2005 to 2010.Overall,the root-mean-square(rms)errors of multichannel SSTs(MCSSTs)and non-linear SSTs(NLSSTs)using global SST coefficients were approximately 0.85℃ and 0.80℃,respectively.An analysis of the SST errors(satellite-drifter)revealed a dependence on the amount of atmospheric moisture.In addition,satellite-derived SSTs tended to be related to wind speeds,particularly during the night.The SST errors also demonstrated diurnal variations with relatively higher rms from 0.80℃ to 1.00℃ during the night than the day,with a small rms of about 0.50℃.Bias also exhibited reasonable diurnal differences,showing small biases during the daytime.Although a satellite zenith angle has been considered in the global SST coefficients,its effect on the SST errors still remained in case of the EJS.Given the diverse use of SST data,the continuous validation and understanding of the characteristic errors of satellite SSTs should be conducted based on extensive in-situ temperature measurements in the global ocean as well as local seas.展开更多
基金This study is the result of a commissioned research project supported by the affiliated institute of ETRI(No.2021-026)partially supported by the NationalResearch Foundation of Korea(NRF)grant funded by the Korean government(MSIT)(No.2020R1F1A1061107)+2 种基金the Korea Institute for Advancement of Technology(KIAT)grant funded by the Korean government(MOTIE)(P0008703,The Competency Development Program for Industry Specialist)the MSIT under the ICAN(ICT Challenge and Advanced Network of HRD)program[grant number IITP-2022-RS-2022-00156310]supervised by the Institute of Information&Communication Technology Planning and Evaluation(IITP).
文摘Recently,with the normalization of non-face-to-face online environments in response to the COVID-19 pandemic,the possibility of cyberattacks through endpoints has increased.Numerous endpoint devices are managed meticulously to prevent cyberattacks and ensure timely responses to potential security threats.In particular,because telecommuting,telemedicine,and teleeducation are implemented in uncontrolled environments,attackers typically target vulnerable endpoints to acquire administrator rights or steal authentication information,and reports of endpoint attacks have been increasing considerably.Advanced persistent threats(APTs)using various novel variant malicious codes are a form of a sophisticated attack.However,conventional commercial antivirus and anti-malware systems that use signature-based attack detectionmethods cannot satisfactorily respond to such attacks.In this paper,we propose a method that expands the detection coverage inAPT attack environments.In this model,an open-source threat detector and log collector are used synergistically to improve threat detection performance.Extending the scope of attack log collection through interworking between highly accessible open-source tools can efficiently increase the detection coverage of tactics and techniques used to deal with APT attacks,as defined by MITRE Adversarial Tactics,Techniques,and Common Knowledge(ATT&CK).We implemented an attack environment using an APT attack scenario emulator called Carbanak and analyzed the detection coverage of Google Rapid Response(GRR),an open-source threat detection tool,and Graylog,an open-source log collector.The proposed method expanded the detection coverage against MITRE ATT&CK by approximately 11%compared with that conventional methods.
基金This study was supported by Korea Meteorological Administration/National Meteorological Satellite Center and‘Long-term change of structure and function in marine ecosystems of Korea’and‘East Asian Seas Time series-I(EAST-I)’projects funded by the Ministry of Oceans and Fisheries,Korea.
文摘Sea surface temperature(SST)retrieved from Advanced Very High Resolution Radiometer(AVHRR)onboard National Oceanic and Atmospheric Administration(NOAA)polar orbiting environmental satellites were validated in the East/Japan Sea(EJS)using surface drifter measurements as ground truths from 2005 to 2010.Overall,the root-mean-square(rms)errors of multichannel SSTs(MCSSTs)and non-linear SSTs(NLSSTs)using global SST coefficients were approximately 0.85℃ and 0.80℃,respectively.An analysis of the SST errors(satellite-drifter)revealed a dependence on the amount of atmospheric moisture.In addition,satellite-derived SSTs tended to be related to wind speeds,particularly during the night.The SST errors also demonstrated diurnal variations with relatively higher rms from 0.80℃ to 1.00℃ during the night than the day,with a small rms of about 0.50℃.Bias also exhibited reasonable diurnal differences,showing small biases during the daytime.Although a satellite zenith angle has been considered in the global SST coefficients,its effect on the SST errors still remained in case of the EJS.Given the diverse use of SST data,the continuous validation and understanding of the characteristic errors of satellite SSTs should be conducted based on extensive in-situ temperature measurements in the global ocean as well as local seas.