• Informatization Policy
• /
• v.23 no.4
• /
• pp.76-94
• /
• 2016

Recently in Korea, the importance of information security awareness has been receiving a growing attention. Attacks such as social engineering and ransomware are hard to be prevented because it cannot be solved by information security technology. Also, the profitability of information security industry has been decreasing for years. Therefore, many companies try to find a new growth-engine and an entry to the foreign market. The main purpose of this paper is to draw out some information security issues and to analyze them. Finally, this study identifies issues and suggests how to improve the situation in Korea. For this, topic modeling analysis has been used to find information security issues of each country. Moreover, the score of sentiment analysis has been used to compare them. The study is exploring and explaining what critical issues are and how to improve the situation based on the identified issues of the Korean information security industry. Also, this study is also demonstrating how text mining can be applied to the context of information security awareness. From a pragmatic perspective, the study has the implications for information security enterprises. This study is expected to provide a new and realistic method for analyzing domestic and foreign issues using the analysis of real data of the Twitter API.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.2
• /
• pp.585-594
• /
• 2018

Virtual currencies have emerged along with new technologies such as block chain, artificial intelligence (AI), and big data. This study examines the benefits of a security-enhanced block chain resulting from individual trading, decentralized from governments, as well as the problems associated with misuse of virtual currencies. Virtual currencies, due to its anonymity, is vulnerable to financial crimes, such as ransom-ware, fraud, drug trafficking, tax evasion and money laundering. Use of virtual currencies can facilitate criminals avoid detection from investigative agencies. Government regulatory policy continues to address these concerns, and the virtual currency exchange has also announced a self-regulation proposal. However, a fundamental solution remains necessary. The purpose of this paper is to investigate the problems regarding abuse of virtual currency and to identify a practical system for transactions involving virtual currencies. However, in order to promote transactions involving virtual currencies and to institutionalize a governance system, multilateral cooperation is required. Although the restricting the use of virtual currencies regarding minors and foreign trade, as well as the introduction of a real-name system are considered promising prospects, many problems remain. Virtual currency is not a simple digital item but a method of redesigning the function of money. Coordinated efforts are needed globally to be able to further activate the positive aspects concerning the use of virtual currencies.

• Journal of Internet Computing and Services
• /
• v.19 no.1
• /
• pp.1-10
• /
• 2018

Network threats such as Internet worms and computer viruses have been significantly increasing. In particular, APTs(Advanced Persistent Threats) and ransomwares become clever and complex. IDSes(Intrusion Detection Systems) have performed a key role as information security solutions during last few decades. To use an IDS effectively, IDS rules must be written properly. An IDS rule includes a key signature and is incorporated into an IDS. If so, the network threat containing the signature can be detected by the IDS while it is passing through the IDS. However, it is challenging to find a key signature for a specific network threat. We first need to analyze a network threat rigorously, and write a proper IDS rule based on the analysis result. If we use a signature that is common to benign and/or normal network traffic, we will observe a lot of false alarms. In this paper, we propose a scheme that analyzes a network threat and extracts key signatures corresponding to the threat. Specifically, our proposed scheme quantifies the degree of correspondence between a network threat and a signature using the LDA(Latent Dirichlet Allocation) algorithm. Obviously, a signature that has significant correspondence to the network threat can be utilized as an IDS rule for detection of the threat.

• The Journal of Korean Association of Computer Education
• /
• v.23 no.1
• /
• pp.63-75
• /
• 2020

From the perspective of compliance with security policies by members of the organization, which is a major cause of security incidents, this study presented biased thinking as factors that affect compliance with security policies and verified the following: First, the impact of biased thinking on security policies on compliance with security policies is verified. Second, the participation of management, perceived risk, education and punishment of management will verify the adjustment effect of increasing or decreasing biased thinking. Finally, we have verified that compliance attitudes have a significant impact on compliance behavior. To this end, 157 people were surveyed, statistical analysis of research models and structural equations, and conformity analysis were conducted. Studies have shown that biased thinking has a negative effect on the attitude of compliance with information security. In addition, it was analyzed that the attitude of compliance with information security policy increases policy compliance behavior. On the other hand, the higher the perceived risk of information security, the lower the bias was the adjustment effect, but management's participation, education and punishment were found to have no adjustment effect.

• Smart Media Journal
• /
• v.11 no.10
• /
• pp.46-53
• /
• 2022

Today, due to the 4th industrial revolution and extensive R&D funding, domestic companies have begun to possess world-class industrial technologies and have grown into important assets. The national government has designated it as a "national core technology" in order to protect companies' critical industrial technologies. Particularly, technology leaks in the shipbuilding, display, and semiconductor industries can result in a significant loss of competitiveness not only at the company level but also at the national level. Every year, there are more insider leaks, ransomware attacks, and attempts to steal industrial technology through industrial spy. The stolen industrial technology is then traded covertly on the dark web. In this paper, we propose a system for detecting industrial technology leaks in the dark web environment. The proposed model first builds a database through dark web crawling using information collected from the OSINT environment. Afterwards, keywords for industrial technology leakage are extracted using the KeyBERT model, and signs of industrial technology leakage in the dark web environment are proposed as quantitative figures. Finally, based on the identified industrial technology leakage sites in the dark web environment, the possibility of secondary leakage is detected through the PageRank algorithm. The proposed method accepted for the collection of 27,317 unique dark web domains and the extraction of 15,028 nuclear energy-related keywords from 100 nuclear power patents. 12 dark web sites identified as a result of detecting secondary leaks based on the highest nuclear leak dark web sites.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.8 no.2
• /
• pp.1-11
• /
• 2018

Recently ICT, new technologies such as IoT, Cloud, and Artificial Intelligence are changing the information society explosively. But personal information leakage incidents of consignee's company are increasing more and more because of the expansion of consignment business and the latest threats such as Ransomware and APT. Therefore, in order to strengthen the security of consignee's company, this study derived the checklists through the analysis of the status such as the feature of consignment and the security standard management system and precedent research. It also analyzed laws related to consignment. Finally we found out the relative importance of checklists after it was applied to proposed AHP(Analytic Hierarchy Process) Model. Relative importance was ranked as establishment of an internal administration plan, privacy cryptography, life cycle, access authority management and so on. The purpose of this study is to reduce the risk of leakage of customer information and improve the level of personal information protection management of the consignee by deriving the check items required in handling personal information of consignee and demonstrating the model. If the inspection activities are performed considering the relative importance of the checklist items, the effectiveness of the input time and cost will be enhanced.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2023.11a
• /
• pp.64-65
• /
• 2023

The purpose of this study was to assess the current status of cyber security at the Busan Port container terminal and derive strengthening factors through exploratory research. In recent years, the maritime industry has actively adopted Fourth Industrial Revolution technologies, resulting in changes in the form of ports, such as automated and smart terminals. While these changes have brought positive improvements in port efficiency, they have also increased the potential for cyber security incidents and threats, including information leakage through cargo handling equipment and ransomware attacks leading to terminal operations disruption. Especially in the case of ports, cyber security threats can have not only local effects within the port but also physical damage and implications for national security. However, despite the growing cyber security threats within ports, research related to domestic port cyber security remains limited. Therefore, this study aimed to identify factors for enhancing cyber security in ports and derive future enhancement strategies. The study conducted an analysis focusing on the Busan Port container terminal, which is one of the leading ports in South Korea actively adopting Fourth Industrial Revolution technologies, and conducted a survey of stakeholders in the Busan Port container terminal. Subsequently, exploratory factor analysis was used to derive strengthening factors. This study holds significance in providing directions for enhancing cyber security in domestic container ports in the future.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.577-586
• /
• 2024

As new technologies are developed, new security threats such as the emergence of AI technologies that create ransomware are also increasing. New security equipment such as XDR has been developed to cope with these security threats, but when using various security equipment together rather than a single security equipment environment, there is a difficulty in creating numerous regular expressions for identifying and classifying essential data. To solve this problem, this paper proposes a method of identifying essential information for identifying threat information by introducing artificial intelligence-based entity name recognition technology in various security equipment usage environments. After analyzing the security equipment log data to select essential information, the storage format of information and the tag list for utilizing artificial intelligence were defined, and the method of identifying and extracting essential data is proposed through entity name recognition technology using artificial intelligence. As a result of various security equipment log data and 23 tag-based entity name recognition tests, the weight average of f1-score for each tag is 0.44 for Bi-LSTM-CRF and 0.99 for BERT-CRF. In the future, we plan to study the process of integrating the regular expression-based threat information identification and extraction method and artificial intelligence-based threat information and apply the process based on new data.

• Journal of Korea Port Economic Association
• /
• v.40 no.1
• /
• pp.1-14
• /
• 2024

The port industry has been actively adopting Fourth Industrial Revolution technologies, leading to transformations in port infrastructure, such as automated and smart ports. While these changes have improved port efficiency, they have also increased the potential for Cyber Security incidents, including data leaks and disruptions in terminal operations due to ransomware attacks. Recognizing the need to prioritize Cyber Security measures, a study was conducted, focusing on Busan Port's rapidly automating container terminal in South Korea. The results of the Eisenhower Matrix analysis identified legal and regulatory factors as a top priority in the first quadrant, with educational systems, workforce development, network infrastructure, and policy support in the third quadrant. Subsequently, a Borich Needs Analysis revealed that the highest priority was given to legal improvements in security management systems, while the development of Cyber Security professionals ranked lowest. This study provides foundational research for enhancing Cyber Security in domestic container terminals and offers valuable insights into their future direction.