• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.2
• /
• pp.65-72
• /
• 2015

According to recent statistics published by the National Industrial Security Center, former and current employees are responsible for 80.4% of companies' technology leakages, and employees of cooperative firms are responsible for another 9.6%. This means that 90% of technology leakages are intentionally or mistakenly caused by insiders. In a recent incident, a credit card company leaked private information, and the person responsible was an employee of a cooperative firm. These types of incidents have an adverse effect not only on a company's assets but also on its reputation. Therefore, most institutions implement various security solutions to prevent information from being leaked. However, security solutions are difficult to analyze and distinguish from one another because their logs are independently operated and managed. A large number of logs are created from various security solutions. This thesis investigates how to prevent internal data leakage by setting up individual scenarios for each security solution, analyzing each scenario's logs, and applying a monitoring system to each scenario.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.12
• /
• pp.2333-2340
• /
• 2017

Recently industry is suffering severe losses of important internal information, and most of the leaks result from the insiders. Thus, various technological counter measures are being studied in order to protect private organization information. In this paper, among various internal information leakage path protection mechanisms, we propose a technique for preventing files which are defined as confidential from being copied or moved through USB. The implemented confidential file loss prevention system is composed of both signature insert manager and confidential file detect manager. The signature insert manager allows a system administrator to insert a special pattern specifying a classified confidential file, while the confidential file detect manager protects confidential file leakage when a user attempts to move or copy a confidential file to the USB memory. This results would be contributed to reducing the damage caused by leakage of confidential files outside of the company via USB.

• Journal of KIISE:Information Networking
• /
• v.30 no.3
• /
• pp.397-406
• /
• 2003

As the information technology grows interests in the intrusion detection system (IDS), which detects unauthorized usage, misuse by a local user and modification of important data, has been raised. In the field of anomaly-based IDS several artificial intelligence techniques such as hidden Markov model (HMM), artificial neural network, statistical techniques and expert systems are used to model network rackets, system call audit data, etc. However, there are undetectable intrusion types for each measure and modeling method because each intrusion type makes anomalies at individual measure. To overcome this drawback of single-measure anomaly detector, this paper proposes a multiple-measure intrusion detection method. We measure normal behavior by systems calls, resource usage and file access events and build up profiles for normal behavior with hidden Markov model, statistical method and rule-base method, which are integrated with a rule-based approach. Experimental results with real data clearly demonstrate the effectiveness of the proposed method that has significantly low false-positive error rate against various types of intrusion.

• Communications of Mathematical Education
• /
• v.38 no.1
• /
• pp.1-26
• /
• 2024

As the limitations of professional development programs and individual attempts to improve teaching expertise have been reported, mathematics teachers have operated various types of teacher learning communities as alternative teacher professional programs. A teacher learning community can be considered a Community of Practice(CoP) in that it satisfies three factors of Cop, which are common purpose, mutual participation, and shared repertoire, so the 'learning' of a teacher community can be interpreted based on the theory of CoP. The purpose of this study is to investigate the process of identity development of five mathematics teachers who have been continuously involved in teacher communities. For this, the researcher collected data on the entire process of community activities through participant observation and conducted individual follow-up interviews to explore mathematics teachers' narratives and personal experiences. Results indicated that mathematics teachers experienced the development of practical knowledge related to mathematics teaching and learning, improvement of teaching practice through continuous reflection and introspection, and recognization the shared value of togethering through community immersion. Based on these experiences, implications for the effective operation of learning communities such as national support of teacher learning communities and horizontal and cooperative teacher norms were discussed, and follow-up research was proposed.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.243-253
• /
• 2016

Company strengthen various information security policy and activity in order to protect important information assets that the company has been dealing with and prevents information security accidents such as personal information spill. However, some study said these policy and activity increase employee's information security stress and still information security accidents by employees have happened so far. Therefore, this study will review preceding theories and studies used in many various fields including Information Security areas needed to explain human's behavioral intention and determinants and summarize characteristic factors that have influence on control of human's behavioral intention in the results of the above theories and studies. Secondly, this study will implement exploratory analysis on characteristic factors perceived by employees that has been stemmed from various company's information security policy and activity in order to increase employee/'s information security compliance intention under the its surrounding security circumstance. Thirdly, this study will fulfil multiple-regression analysis in order to identify cause-effect relationship between employee's perceived information security stress and employee's perceived characteristic factor. Finally, this study will explain casual relationship with same analysis methods between information security stress and information security compliance intention based on results of the survey conducted on the financial firm's employees with same analysis methods.

• Korean journal of food and cookery science
• /
• v.12 no.4
• /
• pp.499-505
• /
• 1996

The facillities for Kimchi preservation were investigated in order to develop the taste, flavor and commercial quality of Kimchi during fermentation. Four kinds of facillities used for this experiment were PP(Polypropylene). PSC(Polypropylene+ceramic)and PPP was selected newly and laminated of three layers with PETG (Polyester G), PS (Polystyrene) and PETG. The change of total number of lactic acid Bacteria, pH, acidity, color, gas contents and free internal volume of package were measured for the Kimchi packaged by 4 facillities during 6 days fermentation at 15$^{\circ}C$. The total No. of lactic acid Bacteria within the Kimchi in the PPP facillity was more and remained longer time (120 hrs.) than other Kimchi in the PP, PS and PPC facillities. Also the pH of all Kimchi were decreased to pH 4 within 72 hrs. and the pH of Kimchi in the PPP facillity was kept as pH 4 for 120 hrs., so that was shown to be decreased more dully than others. In case of fimchi in the PPP facillity, the color was retained better, CO$_2$ contents was lower similar to PPC facillity, and swelling degree of free internal volume was higher than others. By the sensory evaluation, the Kimchi in the PPP facillity represented as better than others for color, flavor, texture and total preferences until 48 hrs. fermentation. And the PPP facillity is transparent, so these will be selected and confirmed more easily, also PPP facillity is so hard to endure the swelling pressure of internal gas. Therefore it is thought that the PPP facillity used as Kimchi package will be desirable for better taste, flavor, and commercial quality.

• Korean Journal of Social Welfare
• /
• v.67 no.4
• /
• pp.251-277
• /
• 2015

This qualitative study is designed for the reconstruction of the experience of single mothers in poverty based on the bottom-up approach. Welfare dependency is identified as vital help to protect their own and children's lives, through their stories telling that welfare services provided by government and community take care of them "in place of their husbands", and "raise them up by hand." What is self-sufficiency to them is more of a process-orientation through welfare dependency than a state out of it, and a way to look through building their self-esteem and working to discover their self-worth except their economic power. Restoring their potential to self-sufficiency through dealing with their psycho-social stresses and expanding services for them related to child-care(education) and occupation ability development for long-term self-sufficiency, rather than hasty focusing on welfare exit, should be built on the foundation of helping them self-sufficient. In order for the self-sufficiency program to overcome the participant's images of "subordination and stigma" and to convey the original meaning of "welfare to work", the performance and evaluation system of self-sufficiency programs that reflects the insider's perspectives on their participation motive and process, and the self-sufficiency program customized for their needs and interests should be encouraged to develop.

• The Journal of Society for e-Business Studies
• /
• v.20 no.3
• /
• pp.47-58
• /
• 2015

Recently, new information security vulnerabilities have proliferated with the convergence of information security environments and information and communication technology. Accordingly, new types of cybercrime are on the rise, and security breaches and other security-related incidents are increasing rapidly because of security problems like external cyberattacks, leakage by insiders, etc. These threats will continue to multiply as industry and technology converge. Thus, the main purpose of this paper is to design and present security subjects in order to train professional security management talent who can deal with the enhanced threat to information. To achieve this, the study first set key information security topics for business settings on the basis of an analysis of preceding studies and the results of a meeting of an expert committee. The information security curriculum taxonomy is developed with reference to an information security job taxonomy for domestic conditions in South Korea. The results of this study are expected to help train skilled security talent who can address new security threats in the future environment of industrial convergence.

• Korean Security Journal
• /
• no.22
• /
• pp.197-230
• /
• 2010

This study examined the institutional improvement directions of industrial security programs, particularly focusing upon policies and practices in the U.S., to enhance the effectiveness of industrial security programs in Korea. This study also aimed to investigate the significance of institutional and/or policy implementations in preventing economic espionage attempt. Data leakage and/or loss of trade secrets in corporations has been a scary proposition and a serious headache to both the CEOs and the CSOs(Chief Security Officers). Security professionals or practitioners have always had to deal with data leakage issues that arise from e-mail, instant messaging(IM), and other Internet communication channels. In addition, with the proliferation of wireless and mobile technology, it's now much easier than ever for loss by data breaches to occur, whether accidentally or maliciously or even by an economic espionage attempt. The researcher in this study used both a case study and a comparative research to analyze the different strategies and approaches between the U.S. and Korea in regard of implementing policies to mitigate damages by economic espionage attempts and prevent them from occurring. The researcher first examined the current policies and practices in the U.S. in terms of federal government's and agencies' approach and strategies on industrial security programs and their partnerships with private-commercial-sectors. The purpose of this paper is to explain and suggest selected findings, and a discussion of actions to be taken on implementing a proactive and tactical approach to enhance the effectiveness of industrial security programs to fight against information loss or data leaks. This study used case reviews, literatures, newspapers, articles, and Internet resources relating to the subject of this study for triangulation of data. The findings during this research are as follows. This research suggests that both the private and the governmental sector should closely cooperate in the filed of industrial security to strengthen its traditional prevention strategies and reduce opportunities of economic espionage as well. This study finally recognizes both the very importance of institutional development led by the Government in preventing economic espionage attempts and its effectiveness when properly united with effective industrial security programs.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.4
• /
• pp.193-201
• /
• 2017

Financial firms strengthen to protect personal information from the leakage, introducing various security solutions such as print output security, internet network Isolation system, isolationg strorage of customer information, encrypting personal information, personal information detecting system, data loss prevention, personal information monitoring system, and so on. Financial companies are also entering the era of cutthroat competition due to accept of the new channels and the paradigm shift of financial instruments. Accordingly, The needs for security for customer information held by financial firms are keep growing. The large security accidents from the three card companies on January 2014 were happened, the case in which one of the outsourcing personnel seized customer personal information from the system of the thress card companies and sold them illegally to a loan publisher and lender. Three years after the large security accidents had been passed, nevertheless the security threat of the IT outsourcing workforce still exists. The governments including the regulatory agency realted to the financail firms are conducting a review efforts to prevent the leakage of personal information as well as strengthening the extent of the sanction. Through the analysis on the application of security policy for outsourcing personnel in case of large-scale Financial IT projects and the case study of appropriate security policies for security compliance, the theis is proposing a solution for both successfully completing large-scale financial IT Project and so far as possible minizing the risk from the security accidents by the outsouring personnel.