• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.155-165
• /
• 2018

As medical healthcare industry is growing up rapidly these days, providing various new healthcare service is considered carefully. Health information is considered to be more important than financial information; therefore, protecting health information becomes a very significant task. Ransomware is now targeting industry groups that have high information value. Especially, ransomware has grown in various ways since entering maturity in 2017. Healthcare industry is highly vulnerable to ransomeware since most healthcare organizations are configured in closed network with lack of malware protection. Only meeting the security criteria is not the solution. In the case of a successful attack, restoration process must be prepared to minimize damages as soon as possible. Ransomware is growing rapidly and becoming more complex that protection must be improved much faster. Based on ISO 27799 and 27002 standard, we extract and present security measures against advanced ransomware to maintain and manage healthcare system more effectively.

• The Journal of the Korea Contents Association
• /
• v.22 no.7
• /
• pp.63-72
• /
• 2022

With the advent of cryptocurrencies such as Bitcoin in 2009, the paradigm of money, a means of payment, has been changing significantly. And it has a great impact on our daily lives. Thus central banks have attempted various analyzes on the issuance and impact of digital currencies including electronic payments but a study on which issuance method is suitable is insufficient. In this study, the issuance of digital currency was analyzed compared to the electronic payments which are currently used. As a result, the account-based model did not show any significant differences from the current RTGS(real-time gross settlement systems) and retail payment systems. But the token-based model is expected that it can improve the efficiency of finance and induce technological innovation in the financial field. However, it was analyzed that this model would weaken the intermediary function of financial institutions such as loans due to the characteristics of digital signature technology. In addition, in order to protect consumers against security attacks such as hacking and phishing of CBDCs, legal and institutional supports similar to the current electronic payment method are required, and continuous technology development efforts are also required for the CBDC issuance model to maintain convenience and anonymity equivalent to cash.

• The Journal of the Korea Contents Association
• /
• v.21 no.1
• /
• pp.426-433
• /
• 2021

Investment in public sector information services has been on the rise in recent years. The supply of high-speed Internet and smartphones has become more common, and the stability of the information system provided to the public in the public sector has become an important management factor. In other words, tasks such as handling civil complaints and issuing certificates by public institutions, financial transactions by banks, customs clearance work, and e-commerce by individuals or institutions are mostly done online. Therefore, how to deal with obstacles arising from the information system, which is in charge of important civil service affairs, is becoming a very important issue. In other words, in the case of a disability that does not function normally even for a short period of time, various problems can occur when the work is delayed, as well as causing serious financial damage to the civil petitioner. This could be accompanied by a decline in public confidence and various other damages such as filing civil complaints. The reasons for the occurrence of information system failures are very diverse and realistically difficult to predict when. Among the various measures to cope with disability, this paper proposed a plan to establish a disability situation notification system that can minimize confusion caused by disability in the event of a homepage malfunction. The proposed disability situation notification system was established in the public IDC environment to show the possibility of utilization.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.5
• /
• pp.451-457
• /
• 2020

Format recognition and OCR techniques are widely used as methods for detecting and protecting personal information from electronic documents. However, due to the poor recognition rate of the OCR engine, personal information cannot be detected or false positives commonly occur. It also takes a long time to analyze a large amount of electronic documents. In this paper, we propose a method to improve the speed of image analysis of electronic documents, character recognition rate of the OCR engine, and detection rate of personal information by improving the existing method. The analysis speed was increased using the format recognition method while the analysis speed and character recognition rate of the OCR engine was improved by image correction. An algorithm for analyzing personal information from images was proposed to increase the reconnaissance rate of personal information. Through the experiments, 1755 image format recognition samples were analyzed in an average time of 0.24 seconds, which was 0.5 seconds higher than the conventional PAID system format recognition method, and the image recognition rate was 99%. The proposed method in this paper can be used in various fields such as public, telecommunications, finance, tourism, and security as a system to protect personal information in electronic documents.

• Journal of Intelligence and Information Systems
• /
• v.29 no.2
• /
• pp.129-148
• /
• 2023

Bitcoin is a blockchain technology-based digital currency that has been recognized as a representative cryptocurrency and a financial investment asset. Due to its highly volatile nature, Bitcoin has gained a lot of attention from investors and the public. Based on this popularity, numerous studies have been conducted on price and trend prediction using machine learning and deep learning. This study employed LSTM (Long Short Term Memory) and CNN (Convolutional Neural Networks), which have shown potential for predictive performance in the finance domain, to enhance the classification accuracy in Bitcoin price trend prediction. XAI(eXplainable Artificial Intelligence) techniques were applied to the predictive model to enhance its explainability and interpretability by providing a comprehensive explanation of the model. In the empirical experiment, CNN was applied to technical indicators and Google trend data to build a Bitcoin price trend prediction model, and the CNN model using both technical indicators and Google trend data clearly outperformed the other models using neural networks, SVM, and LSTM. Then SHAP(Shapley Additive exPlanations) was applied to the predictive model to obtain explanations about the output values. Important prediction drivers in input variables were extracted through global interpretation, and the interpretation of the predictive model's decision process for each instance was suggested through local interpretation. The results show that our proposed research framework demonstrates both improved classification accuracy and explainability by using CNN, Google trend data, and SHAP.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.871-883
• /
• 2014

New types of attacks that mainly compromise the public, portal and financial websites for the purpose of economic profit or national confusion are being emerged and evolved. In addition, in case of 'drive by download' attack, if a host just visits the compromised websites, then the host is infected by a malware. Website falsification detection system is one of the most powerful solutions to cope with such cyber threats that try to attack the websites. Many domestic CERTs including NCSC (National Cyber Security Center) that carry out security monitoring and response service deploy it into the target organizations. However, the existing techniques for the website falsification detection system have practical problems in that their time complexity is high and the detection accuracy is not high. In this paper, we propose website falsification detection system based on image and code analysis for improving the performance of the security monitoring and response service in CERTs. The proposed system focuses on improvement of the accuracy as well as the rapidity in detecting falsification of the target websites.

• The KIPS Transactions:PartC
• /
• v.18C no.5
• /
• pp.327-330
• /
• 2011

After releasing the smart phone equipping the strong computational capability compared to traditional mobil phone, a field of services, which is available on the personal computers, is expanded to smart phone. The development of technology reduces the limited service utilization on time and space but it has a venerability exposing an information to malicious user. Especially we need to more attention when using the financial services which communicate the user's private information. To solve the security problem, OTP(One Time Pad), which uses a private key for a session, is recommended. OTP techniques in smart phone having focused on traditional environments have been proposed and implemented. However, security over mobile environments is more vulnerable to attack and has restriction on resources than traditional system. For this reason, definition of proper conceptual OTP on smart phone is required. In the paper, we present the L-OTP(Location-OTP) protocol, using T-OTP(Time One Time Pad) technique with location information. Proposal generates the OTP using unique location information which is obtained in smart phone.

• The Journal of the Korea Contents Association
• /
• v.7 no.12
• /
• pp.123-130
• /
• 2007

The purpose of this paper is to capture risk profiles of smaller-sized Korean firms $vis-{\grave{a}}-vis$ larger-sized firms during the Asian financial crisis. For this purpose, risk profiles are provided by estimating expected default risks and by tracking how these have changed during this period with respect to their magnitude, volatility, and sensitivity measures. Methodology used in this study employs the Black-Scholes-Merton model for producing estimates of default risks. And the conventional trans-log function is utilized for obtaining sensitivity measures of the estimated default risks. According to empirical evidence obtained here, it is revealed that contractions of corporate loans associated with IMF austerity policy was the main factor responsible for the drastic change in the default risk profile of Korean firms after occurrence of the Asian financial crisis.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.6
• /
• pp.217-224
• /
• 2008

EThis paper is study regarding banking institution and DoS attack regarding government organization which occurred in 2008. We used a tool aggressive actual DoS You install the N-IDS which used Snort in networks in order to detect a DoS attack. Storages of Winpcap and a packet to detect a packet and MySQL, HSC, to analyze. We install NET Framework etc. E-Watch etc. analyzes Packet regarding a DoS attack of a hacker and TCP, UDP etc. information, Port, MAC and IP information etc. through packet analysis tools. There is a meaning you analyze data regarding the cyber DoS, DDoS attack that is dysfunction of Ubiquitous Information Society, and it generates forensics data regarding an invader and back-tracking analysis data, and to ensure safe Internet information system through this paper study.

• Information Systems Review
• /
• v.13 no.3
• /
• pp.27-46
• /
• 2011

Many business managers claim that treasury management is their leading concern. Managing cash flows is the center of treasury management. However, in reality, companies has experienced the difficulty in monitoring and controling this flow initiated by business transactions. To resolve this problem, Webcash Inc. developed an innovative systems called Branch Solution. Branch Solution stands in between banking systems and a company's ERP system to connect them. This system provides the company with an ability to control the financial flow in accordance with the physical flow of materials. Due to this solution many companies accomplish a high efficiency and visibility in their cash management. This study analyses a treasury management case from the perspective of supply-chain processes integration.