• Korean Association of Arts Management
• /
• no.60
• /
• pp.93-119
• /
• 2021

How an organization communicates to relevant stake-holders in a crisis is critical to gain continued social acceptance and legitimacy. In this paper, we examine the evolution of crisis communication strategies by the Arts Council Korea(ARKO) in response to the Blacklist case that unfolded from 2017 through 2019. In doing so, we focused on the 'Pop-up Theater case', where ARKO officials had exercised their discretion to have the play produced by theater artists be discontinued because they had viewed that the play was engendering the imagery of the Sewol-Ho tragedy. Using a case study methodology, we follow a series of events that occurred during this crisis management process, analyzing three apologies issued by the ARKO. In doing so, we draw on Hearit (2006)'s crisis management theory to evaluate how ARKO's crisis communication was managed. Overall, our study highlights that without incorporating truthfulness and sincerity congruent with stakeholder expectations, an organization's crisis communication is likely to be less successful.

• Journal of KIISE:Computing Practices and Letters
• /
• v.16 no.4
• /
• pp.405-414
• /
• 2010

According to the statistics of SecurityFocus in 2008, client-side attacks through the Microsoft Internet Explorer have increased by more than 50%. In this paper, we have implemented a behavior-based malicious web page detection system and a blacklist-based malicious web page filtering system. To do this, we first efficiently collected the target URLs by constructing a crawling system. The malicious URL detection system, run on a specific server, visits and renders actively the collected web pages under virtual machine environment. To detect whether each web page is malicious or not, the system state changes of the virtual machine are checked after rendering the page. If abnormal state changes are detected, we conclude the rendered web page is malicious, and insert it into the blacklist of malicious web pages. The malicious URL filtering system, run on the web client machine, filters malicious web pages based on the blacklist when a user visits web sites. We have enhanced system performance by automatically handling message boxes at the time of ULR analysis on the detection system. Experimental results show that the game sites contain up to three times more malicious pages than the other sites, and many attacks incur a file creation and a registry key modification.

• 해운
• /
• no.10 s.9
• /
• pp.41-45
• /
• 2004

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2006.05a
• /
• pp.389-396
• /
• 2006

본 연구에서는 한국어와 영어 메일을 대상으로 2단계 스팸 메일 필터링 시스템을 구축하여 성능평가를 수행한다. 2단계 스팸 메일 필터링 시스템은 블랙리스트를 활용하는 1단계와 기계학습을 통한 지능적인 분류를 하는 2단계로 구성된다. 만약 새로 도착한 메일이 블랙리스트의 내용을 포함한다면 이 메일은 스팸 메일로 분류되고 그렇지 않은 메일은 2단계로 넘어가서 스팸 메일 여부를 판단하게 된다. 메일의 본문이 영어로 작성된 영어 스팸 메일을 일반 메일로부터 분류해내기 위해서는 우선 Stemming과 Stopping 기법을 이용하여 본문에서 정형화된 어휘정보들을 추출한다. 추출된 어휘정보들을 대상으로 속성벡터를 구축한 후 SVM 기계 학습을 시켜 SVM 분류기를 생성하여 지능적인 스팸 메일 필터링을 수행한다. 속성벡터를 구축할 때 기준이 되는 자질을 어떻게 선택하느냐에 따라 스팸 메일 필터링 시스템의 성능이 좌우된다. 따라서 SYM 기계 학습을 위한 속성벡터를 구축할 때 기준이 되는 자질을 선택하는 여러 알고리즘들을 적용하여 성능을 비교 분석한다. 그리고 한국어 스팸 메일 필터링 시스템과 비교하여 영어 스팸 메일 필터링 시스템의 전체적인 성능을 비교 분석한다.

• Journal of Digital Contents Society
• /
• v.19 no.2
• /
• pp.327-334
• /
• 2018

When a PC is infected with a malicious code, it communicates with the control and command (C&C) server and, by the attacker's instructions, spreads to the internal network and acquires information. The company focuses on preventing attacks from the outside in advance, but malicious codes aiming at APT attacks are infiltrated into the inside somehow. In order to prevent the spread of the damage, it is necessary to perform internal monitoring to detect a PC that is infected with malicious code and attempts to communicate with the C&C server. In this paper, a destination IP monitoring method is proposed in this paper using Bloom filter to quickly and effectively check whether the destination IP of many packets is in the blacklist.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.11a
• /
• pp.543-546
• /
• 2023

봇넷은 지속적으로 사이버 범죄에 이용되고 있으며 네트워크 환경에 큰 위협이 되고 있다. 기존에는 봇들이 C&C 서버와 통신하는 것을 방지하기 위해 블랙리스트를 기반으로 DNS 서버에서 봇넷 도메인을 탐지하는 방식을 주로 사용하였다. 그러나 도메인 생성 알고리즘(DGA)을 이용하는 봇넷이 증가하면서 기존에 사용하던 블랙리스트 기반의 도메인 차단 방식으로는 더 이상 봇넷 도메인을 효율적으로 차단하기 어려워졌다. 이에 따라 봇넷 도메인 생성 알고리즘을 통해 생성되는 도메인의 특성을 분석하고 이를 토대로 봇넷 도메인을 식별하고 차단하고자 하는 시도가 계속되고 있다. 특히 연속적인 데이터 처리에 주로 사용되는 딥러닝 알고리즘을 이용하여 봇넷 도메인의 특징을 효과적으로 추출하고 정확도가 높은 탐지 모델을 구축하고자 하는 연구가 주를 이루고 있으며, 탐지뿐만 아니라 봇넷 그룹(Family) 분류까지 연구가 확장되고 있다. 이에 본 논문에서는 봇넷 도메인 생성 알고리즘에 의해 생성되는 봇넷 도메인을 식별 및 분류하기 위해 딥러닝 기술을 적용한 최근 연구 동향을 조사하고 앞으로의 연구 방향성을 논의하고자 한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.8
• /
• pp.641-653
• /
• 2013

Recent cyber attacks targeting control systems are getting sophisticated and intelligent notoriously. As the existing signature based detection techniques faced with their limitations, a whitelist model with security techniques is getting attention again. However, techniques that are being developed in a whitelist model used at the application level narrowly and cannot provide specific information about anomalism of various cases. In this paper, we classify abnormal cases that can occur in control systems of enterprises and propose a new whitelist model for detecting abnormal cases.

• The Journal of the Korea Contents Association
• /
• v.12 no.5
• /
• pp.32-39
• /
• 2012

When you want to be given the on-line service, their homepage requires sign-up with detail personal information. This collected private information lead to mass data spill by hacking. Especially, this makes terrible social problems that the users who sign up their site are persistingly attacked and damaged by hackers using this information. As methods of the social technologic attacks are simple but based upon human psychology, it is easy that people become a victim in the majority of cases. There is a strategy blocking fishing sites by using the black list for defending these attacks. This tactic, however, has some problems that it isn't possible to handle new fishing sites having a short life-cycle. In this paper, we suggest two solutions to minimize data spill. One marks existing sites with the sign of a reliability measured by a comparison between black list and the white list; therefore, the user check the authenticity about the homepage. The other shut off previously the leaking of private information by sensing a entry of personal information into new sites.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1513-1526
• /
• 2016

Since finance companies started e-banking services, those services have been diversified and use of them has continued to increase. Finance companies are implementing financial security policy for safe e-banking services, but e-Banking incidents are continuing to increase and becoming more intelligent. Along with the rise of internet banks and boosting Fintech industry, financial supervisory institutes are not only promoting user convenience through improving e-banking regulations such as enforcing Non-face-to-face real name verification policy and abrogating mandatory use of public key certificate or OTP(One time Password) for e-banking transactions, but also recommending the prevention of illegal money transfer incidents through upgrading FDS(Fraud Detection System). In this study, we assessed a blacklist based auto detection method suitable for overall situations for finance company, a real-time based suspicious transaction detection method linking with blacklist statistics model by each security level, and an alternative FDS model responding to typical transaction patterns of which information were collected from previous e-Banking incidents.

• Journal of the Korea Convergence Society
• /
• v.10 no.9
• /
• pp.199-207
• /
• 2019

This study aims to analyze the profitability of Robo-Advisors portfolio combined with the analysts' forecasts on the Korean stock prices. Sample stocks are 8 blue-chips and sample period is from 2003 to 2019. Robo-Advisor portfolio was suggested using the Black-Litterman model combined with the analysts' forecasts and its profitability was analyzed. Empirical result showed the suggested Robo-Advisor algorithm produced 1% annual excess return more than that of the benchmark. The study documented that the analysts' forecasts had an economic value when applied in the Robo-Advisor portfolio despite the prevalent blames from investors. The profitability on small or medium-sized stocks will need to be analyzed in the Robo-Advisor context because their information is relatively less known to investors and as such is expected to be strongly influenced by the analysts' forecasts.