• Review of KIISC
• /
• v.21 no.2
• /
• pp.36-46
• /
• 2011

지난 3월 4일 국내 일부 금융기관과 포털 사이트 등이 분산서비스거부 공격으로 접속이 중단되는 사태가 발생했다. 이번 사건뿐만 아니라 세계 곳곳에서는 범죄적 양상을 띠는 다양한 사이버 범죄 발생이 증가하고 있다. 이에 앞서 미 정부는2009년 "사이버스페이스 정책 리뷰(cyberspace policy review)"를 발표해 사이버보안의 책임 공유, 사이버보안 사고 발생시 긴밀한 대응을 위한 유관기관 간의 정보 공유 및 사고 대응을 위한 체계 구축 등의 전략을 내세운 바 있다. 이러한 전략의 연장선으로 예상되는 사이버보안에 대한 국제표준화 활동이 ITU-T SG17 Q.4에서 진행되고 있어 사이버보안 분야표준화 동향과 함께 Q.4의 주요 의제인 사이버보안 정보 교환 기술에 대한 정보를 제공하고자 한다.

• The Journal of the Convergence on Culture Technology
• /
• v.4 no.1
• /
• pp.193-200
• /
• 2018

This study is an experiential case study of cybercrime fraud that combines pharming and voice phishing in April 2017. Research on victims who have actually suffered in the study of crime or disaster is a very useful field in establishing crime prevention measures. This study is significant in that Korea is relatively poor in this kind of research. I got cyber fraud as a consequence of my loss of reasonable judgment due to mental confusion when a companion dog who was raised for 8 years was in a very dangerous situation with cystitis. Fortunately, I received all the damages in a quick report, but the period was eight months. It took too much time to get back all the damages, so I had to suffer another pain. Based on my experience, I suggest damage prevention measures. First, when a certain condition and a certain amount are transferred, the transaction is automatically stopped or a more strict confirmation procedure is added. Secondly, trafficking means to arrest the perpetrator without any harm to the victim is sought. Third, the victims of crime should be promptly reimbursed for damages or a system for lending their living funds to zero or lower interest rate.

• Review of KIISC
• /
• v.16 no.1
• /
• pp.80-84
• /
• 2006

최근의 홈페이지 해킹은 단순 홈페이지 변조뿐만 아니라 피싱에 악용하거나 해킹한 홈페이지를 이용하여 홈페이지 방문자의 게임 계정과 비밀번호 유출 및 개인금융정보를 유출하는 등 금전적 이득을 위한 범죄적인 성향으로 바뀌고 있다. 인터넷 상에서 고객의 개인정보를 지키고, 기관의 신뢰를 유지하기 위해서 기관을 대표하는 얼굴인 홈페이지 보안 관리에 관심을 가져야 할 것 같다. 본고에서는 최근 발생한 홈페이지 관련 해킹 피해 사례를 분석해 보고 피해 예방을 위한 대응 방안을 기술한다.

• The Journal of Society for e-Business Studies
• /
• v.27 no.2
• /
• pp.65-77
• /
• 2022

Due to the recent development in electronic financial services, transactions of electronic prepayment are rapidly growing, leading to growing fraud attempts. This paper proposes a methodology that can effectively detect fraud transactions in electronic prepayment by machine learning algorithms, including support vector machines, decision trees, and artificial neural networks. Actual transaction data of electronic prepayment services were collected and preprocessed to extract the most relevant variables from raw data. Two different approaches were explored in the paper. One is a transaction-based approach, and the other is a user ID-based approach. For the transaction-based approach, the first model is primarily based on raw data features, while the second model uses extra features in addition to the first model. The user ID-based approach also used feature engineering to extract and transform the most relevant features. Overall, the user ID-based approach showed a better performance than the transaction-based approach, where the artificial neural networks showed the best performance. The proposed method could be used to reduce the damage caused by financial accidents by detecting and blocking fraud attempts.

• Journal of forensic and investigative science
• /
• v.1 no.2
• /
• pp.5-19
• /
• 2006

Data mining is an information extraction activity to discover hidden facts contained in databases. Using a combination of machine learning, statistical analysis, modeling techniques and database technology, data mining finds patterns and subtle relationships in data and infers rules that allow the prediction of future results. Typical applications include market segmentation, customer profiling, fraud detection, evaluation of retail promotions, and credit risk analysis. Law enforcement agencies deal with mass data to investigate the crime and its amount is increasing due to the development of processing the data by using computer. Now new challenge to discover knowledge in that data is confronted to us. It can be applied in criminal investigation to find offenders by analysis of complex and relational data structures and free texts using their criminal records or statement texts. This study was aimed to evaluate possibile application of data mining and its limitation in practical criminal investigation. Clustering of the criminal cases will be possible in habitual crimes such as fraud and burglary when using data mining to identify the crime pattern. Neural network modelling, one of tools in data mining, can be applied to differentiating suspect's photograph or handwriting with that of convict or criminal profiling. A case study of in practical insurance fraud showed that data mining was useful in organized crimes such as gang, terrorism and money laundering. But the products of data mining in criminal investigation should be cautious for evaluating because data mining just offer a clue instead of conclusion. The legal regulation is needed to control the abuse of law enforcement agencies and to protect personal privacy or human rights.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.2 s.46
• /
• pp.171-180
• /
• 2007

The financial crime that used morale anger Phishing, Pharming, Vishing, SMiSing etc. will gain during recent cyber crimes. We are study systematically whether or not leakage of information and infringement can how easily occur to Phishing, Vishing, SMiSing using a social engineering technique and VoIP at these papers through experiment. A hacker makes Phishing, Vishing site, and test an information infringement process of a user through PiSing mail and a virus, a nasty code, Vishing, a SMiSing character, disarmament of Keylogger prevention S/W etc. as establish server. Information by Phishing, Vishing, SMiSing is infringed with leakage in the experiment results, and confirm, and test certified certificate and White List and a certified authentication mark, plug-in program installation etc. to prevention, and security becomes, and demonstrate. Technical experiment and prevention regarding Phishing of this paper and Vishing attack reduce the damage of information infringement, and be education for Ubiquitous information security will contribute in technical development.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.287-290
• /
• 2011

The synchronization feature on the smartphone by default (default) value is set. Smartphone synchronization has been set is stored that smartphone data is automatically backed up is stored When connected to a PC with a smartphone dedicated cable. The backup data is a common technique to analyze the content to be difficult to apply forensic techniques can find out information on criminal suspects. In this paper, the backup data is synchronized to the smartphone through forensic analysis is the study of forensic evidence. In a lab environment to send personal financial information on smartphone, smartphone is assumed that the experiment is compromised. Smartphone's backup data by using the forensic tools in crime associated with personal financial information and analyze data. And, to be adopted by the court will study the evidence leveraging forensic technology. Through this paper as a basis for smartphone forensic analysis will be utilized.

• Industry Promotion Research
• /
• v.8 no.4
• /
• pp.177-186
• /
• 2023

Modern society is operated based on the internet, wireless networks, and digital devices to the extent that it is called a digital society. In particular, as most of financial transactions, information movement, and commercial activities are based online, various social problems and side effects related to this are increasing rapidly. Representative examples include industrial espionage activities and leakage of industrial technology, and social problems such as illegal goods trade such as drugs using online and online gambling are increasing to a serious level. These digital-based social problems cannot be solved only by the activities and capabilities of judicial institutions such as police and prosecutors. Now that the private investigation market is open, active intervention using them is necessary. To this end, it is necessary to actively cultivate private investigator's ability to investigate and collect evidence in relation to digital social and criminal problems. In addition, each private investigation education institution or association should actively invest and research this.

• The Korean Journal of Financial Studies
• /
• v.11 no.1
• /
• pp.37-59
• /
• 2005

미국 선물시장에서는 1934년 증권법과 1974년 선물거래법 그리고 1982년 Johnson-shad 협상안 이후, 증권은 SEC에서, 선물은 CFTC에서 규제하는 현선분리원칙을 지켜왔다. 그러나 최근의 상품선물현대화법과 애국자법(The Patriot Act)의 제정으로 인하여 미국선물시장은 다중규제(Multi-layered Regulation)의 도입이라는 변화를 겪고 있다. 상품선물현대화법은 새로 도입된 증권선물상품(Security Futures Products)을 선물이자 동시에 증권이라고 정의함으로써, CFTC와 SEC가 공동으로 선물시장을 규제하게 되었다. SEC와 CFTC의 위원장간에 교환된 양해각서에서는 특별히 두 정부규제기관간의 신속한 정보교환과 긴밀한 업무협조를 다짐하고 있다. 공적규제기관의 협력적 관계는 민간 자율규제기관에도 영향을 미쳐, NASD와 NFA는 회원등록업무와 감리업무 그리고 회원사 교육 훈련 등에서 상호협력적인 공동의 노력을 기울이고 있다. 2001년 9-11 테러사건을 계기로 입법된 애국자법은 선물중개업자들의 현금거래 보고의무를 추가하였다. 선물중개업자들을 금융기관으로서 고객확인의무(Know-Your-Customer Rule)를 지고, 선물거래고객이 1만달러 이상을 현금으로 납입할 경우에는 Currency Transactions Report를 작성하여야 하며, 입출금조작행위나 그러한 의도가 보이는 경우에는 Suspicious Activity Report를 작성하여 금융범죄수사국에 보고하여야 한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.10a
• /
• pp.283-284
• /
• 2015

Smartphone, tablet PC, notebook, such as the Internet banking and electronic commerce using a mobile device, as well as process and to their work. While going to high availability and convenience of mobile devices castle, SNS, letters, using an email Smishing financial fraud and leakage of personal information such as crime has occurred many. Smishing smartphone accidents increased sharply from 2013, MERS infection cases, landmine provocative events, such as the delivery of Thanksgiving has occurred cleverly using social engineering techniques. In this paper, i analyze the trends in Smishing hacking attacks on mobile devices since 2014. With regard to social issues, it analyzes the process of hacking attacks Smishing leading to financial fraud to mobile users.