Browse > Article

A Study on the Effectiveness of Secure Responses to Malicious E-mail  

Lee, Taewoo (중앙대학교 융합보안학과)
Chang, Hangbae (중앙대학교 산업보안학과)
Publication Information
Journal of Platform Technology / v.9, no.2, 2021 , pp. 26-37 More about this Journal
Abstract
E-mail is one of the important tools for communicating with people in everyday life. With COVID-19 (Coronavirus) increasing non-face-to-face activity, security incidents through e-mail such as spam, phishing, and ransomware are increasing. E-mail security incidents are increasing as social engineering attack using human psychology rather than arising from technological weaknesses that e-mails have. Security incidents using human psychology can be prevented and defended by improving security awareness. This study empirically studies the analysis of changes in response to malicious e-mail due to improved security awareness through malicious e-mail simulations on executives and employees of domestic and foreign company. In this study, the factors of security training, top-down security management, and security issue sharing are found to be effective in safely responding to malicious e-mail. This study presents a new study by conducting empirical analysis of theoretical research on security awareness in relation to malicious e-mail responses, and results obtained from simulations in a practical setting may help security work.
Keywords
Malicious mail; Security awareness; Security education; Training; Social engineering attack;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Jun-hee Lee, Hun-yeong Kwon, "A Study on Human Vulnerability Factors of Companies : Through Spam Mail Simulation Training Experiments", Korea Institute Of Information Security And Cryptology, Vol.29, No.4, pp.847-857, 2019
2 Chang-Moo Lee, "A Critical Review of Industrial Security Concepts", Korean Security Journal, Vol.50, pp.285-303, 2017   DOI
3 Kunwoo Kim, Jungduk Kim, "The Values and Strategies of Industrial Security in Digital Economy", Korean Journal of Industry Security, Vol.8, No.1, pp.61-74, 2018
4 Jin A Heo, Seong Bhin Joo, Jung Min Lee, Chan Hyuk Park, "Countermeasures for Industrial Technology Protection in Social Engineering attack", The Journal of Social Science, Vol.23, No.1, pp.279-306, 2016
5 Young-Mook Kang, Sang-Jin Lee, "A Study On Malicious Mail Training Model", Journal of the Korea Institute of Information Security & Cryptology, Vol.30, No. 2, pp.197-212, 2020   DOI
6 Trendmicro, "Spear-Phishing Email: Most Favored APT Attack Bait", Trend Micro Incorporated Research Paper, 2020
7 Eun-Hee Shin, Chang-Moo Lee, Hang-Bae Chang, "An Empirical Study on the Impact of Industrial Security Awareness and Knowledge of Corporate Employees on the Will to Comply with Security Policy", Korean Journal of Industry Security, Vol.10, No.2, 59-78, 2020   DOI
8 D'Arcy, J., Hovav, A., "Deterring Internal Information Systems Misuse. Communications of the ACM", Vol.50, No.10, pp.113-117, 2007   DOI
9 Woosung Jung, " A Design for the Personalized Difficulty Level Metric based on Learning State", Journal of the Korea Convergence Society, Vol.11, No.3, pp.67-75, 2020   DOI
10 Taryn Aguas, Khalid Kark, Monique Francois, " The new CISO: Leading the strategic security organization", Deloitte, 2019, https://www2.deloitte.com/global/en/insights/deloitte-review/issue-19/ciso-next-generation-strategic-security-organization.html
11 Ministry of Science and ICT, National Information Society Agency, "2020 Yearbook of Internet Usage Survey Report", 2020
12 Jiransecurity, "Q1 Spam Mail Trend Analysis Report", 2020
13 June Sung Choi, Kwang Ho Kook, "Social Engineering Attack Trends on the Korean Defense Industry and the Countermeasures", Journal of the Korean Association of Defense Industry Studies, Vol.19, No.1, 22-37, 2012
14 Verizon, "The 2013 Data Breach Investigations Report", 2013
15 Jun Heo, Seongjin Ahn, "A Study on the Influence of Biased Thinking on Compliance with Security Policy Based on the Mediation of Factors of Protection Motivation and Role of Management", The Journal of Korean Association of Computer Education, Vol.23, No.6, pp.35-49, 2020   DOI
16 Myungseong Yim, "A Study on the Level of Perception about Information Security Countermeasures : Differences between Managers and Non-Managers", Korean Management Consulting Review, Vol.16, No.4, pp.33-41, 2016
17 Jong One Cheong, "The Effects of Organizational Politics and Conflicts on Job Satisfaction and Organizational Performance : Analyzing the Moderating Effects of the Top-down Way of Working", Korean Local Government Review, Vol.20, No.4, pp.47-70, 2019
18 Korea Communications Commission, Korea Internet & Security Agency, "Spam distribution status in the second half of 2020", 2021
19 Michael J. Wolf, "Measuring an information security awareness program", University of Nebraska, 2010
20 Duck-sang Yoon, Kyung-ho Lee, Jong-in Lim, "A Study on the Change of Capability and Behavior against Phishing Attack by Continuous Practical Simulation Training", Journal of the Korea Institute of Information Security & Cryptology, Vol.27, No.2, pp.267-279, 2017   DOI
21 In Hwan Cha, "A study on the Development of Personnel Security Management for Protection against Insider threat", The Journal of The Korea Institute of Electronic Communication Sciences, Vol.3, No.4, pp.210-220, 2008
22 Sloan, H., "The Annals of Thoracic Surgery", R. Adams Cowley, MD: 1917-1991, Vol.53, No.6, 954, 1992   DOI
23 PriceWaterhouseCoopers, "Convergence of security risks : Addressing the security dilemma in today's age of blended threats", 2010
24 Korea Communications Commission, Korea Internet & Security Agency, "Information and Communication Network Act Guide to Prevent Illegal Spam", 2020
25 National Intelligence Service, Ministry of Science and ICT, Ministry of the Interior and Safety, Korea Communications Commission, Financial Services Commission, Ministry of Foreign Affairs, 2020 Yearbook National Information Protection White Paper, 2020