• Korean Security Journal
• /
• no.56
• /
• pp.165-185
• /
• 2018

Because financial industry is closely related to the daily lives of people, internal fraud such as embezzlement by the employees can cause serious damage to the national economy, including credit crunch and contagious bankruptcy, as once demonstrated in the Savings Bank Scandal in 2011. Therefore, the importance of financial industry security is being emphasized and developed into converged security that combines physical, human and cyber security. In this study, to prevent fraud caused by internal employees in Korean financial sector, in-depth semi-structured interviews were conducted with a total of 16 participants including bankers, officials of financial regulators, and security experts, who were in charge of risk management in the industry. The collected data were analyzed at three stratification levels such as individual, organization, and socio-cultural factor. Based on this analysis, policy recommendations were suggested for the development of financial industry security and reducing internal fraud in banking institutions.

• Convergence Security Journal
• /
• v.15 no.4
• /
• pp.65-72
• /
• 2015

Recent cyberthreats are emerging as big issues that need to be addressed to both developed countries and South Korea. Our government has implemented and established comprehensive measures whenever major incidents were happened. It is still insufficient, even though the national and social level of cybersecurity are improved with continuous investments and efforts to strengthen the country than in the past. Comprehensive measures have been exposed to limit the effectiveness because they are focused on short-term measures. In this paper, we try to analyze the problems of incidents and assess the implementation process of establishing comprehensive measures in order to suggest ways ultimately to improve the country's overall level of cybersecurity.

• Proceedings of the KIEE Conference
• /
• 2008.10b
• /
• pp.409-410
• /
• 2008

인터넷의 급속한 발달로 정보화 사회에서 생활하고 있는 우리는 금융 서비스 등 다양한 웹 서비스를 제공받고 있다. 이와 같이 컴퓨터와 인터넷, 정보기술의 발전은 사용자에게 편리함을 가져다 주었다. 그러나 사이버 범죄라는 역기능을 가지게 되었다. 이블 위하여 이전 논문에서 우리는 이미지 로그파일을 제안하였다. 이미지 로그 파일이란 디지털 증거자료로써 디지털 포랜식으로 사용될 수 있도록 보안상 취약한 기존의 텍스트 파일 형태의 로그 파일을 보완하여 웹 페이지를 이미지로 저장한 파일이다. 본 논문에서는 이러한 이미지 로그 파일이 디지털 증거 자료 뿐만 아니라 웹 페이지의 무결성 문제가 발생하였을 경우 웹 페이지를 복구하기 위한 백업용으로써 사용될 수 있는 이미지 로그 파일에 대하여 기술하여 보고자 한다.

• Electronics and Telecommunications Trends
• /
• v.31 no.5
• /
• pp.120-130
• /
• 2016

21세기 디지털 사회에서는 각 개인의 연결과 상호작용이 사회 현상에 막대한 영향을 미치고 있으며, 이로 인해 사회는 더욱 복잡해지고, 순간적으로 급격한 변화가 일어나는 현상이 빈번히 발생한다. 사회 복잡성(Social Complexity)은 다수의 사회 구성원들 간의 복잡한 연결로 인해 발생하는 상호작용 패턴을 의미한다. 2011년 발생한 '아랍의 봄' 혁명, 글로벌 금융위기, 조류독감의 발생과 확산, 글로벌 기후 변화, 테러리스트들의 네트워크와 사이버 범죄의 증가 등은 복잡하게 연결된 글로벌 사회 현상으로 발생하는 복잡성의 사례들이다. 우리 사회의 안전성과 지속성을 확보하기 위해, 이러한 사회 복잡성을 그려내어, 그 속에 숨겨진 패턴을 분석하고 예측하는 기술에 대한 연구 개발이 국가적으로 필요하다. 다양한 분야의 사회적 모형을 개발하고 서로 연결하여, 복잡한 사회적 상호작용을 대규모 시뮬레이션을 통해 현상 분석과 사회경제 정책적 대응방향에 대한 통찰력을 가질 수 있는 대규모 '모사현실(Simulated Reality)' 기술 개발을 서둘러야 한다.

• Journal of Intelligence and Information Systems
• /
• v.23 no.3
• /
• pp.119-138
• /
• 2017

Recently, SNS has become an important channel for marketing as well as personal communication. However, cybercrime has also evolved with the development of information and communication technology, and illegal advertising is distributed to SNS in large quantity. As a result, personal information is lost and even monetary damages occur more frequently. In this study, we propose a method to analyze which sentences and documents, which have been sent to the SNS, are related to financial fraud. First of all, as a conceptual framework, we developed a matrix of conceptual characteristics of cybercriminality on SNS and emergency management. We also suggested emergency management process which consists of Pre-Cybercriminality (e.g. risk identification) and Post-Cybercriminality steps. Among those we focused on risk identification in this paper. The main process consists of data collection, preprocessing and analysis. First, we selected two words 'daechul(loan)' and 'sachae(private loan)' as seed words and collected data with this word from SNS such as twitter. The collected data are given to the two researchers to decide whether they are related to the cybercriminality, particularly financial fraud, or not. Then we selected some of them as keywords if the vocabularies are related to the nominals and symbols. With the selected keywords, we searched and collected data from web materials such as twitter, news, blog, and more than 820,000 articles collected. The collected articles were refined through preprocessing and made into learning data. The preprocessing process is divided into performing morphological analysis step, removing stop words step, and selecting valid part-of-speech step. In the morphological analysis step, a complex sentence is transformed into some morpheme units to enable mechanical analysis. In the removing stop words step, non-lexical elements such as numbers, punctuation marks, and double spaces are removed from the text. In the step of selecting valid part-of-speech, only two kinds of nouns and symbols are considered. Since nouns could refer to things, the intent of message is expressed better than the other part-of-speech. Moreover, the more illegal the text is, the more frequently symbols are used. The selected data is given 'legal' or 'illegal'. To make the selected data as learning data through the preprocessing process, it is necessary to classify whether each data is legitimate or not. The processed data is then converted into Corpus type and Document-Term Matrix. Finally, the two types of 'legal' and 'illegal' files were mixed and randomly divided into learning data set and test data set. In this study, we set the learning data as 70% and the test data as 30%. SVM was used as the discrimination algorithm. Since SVM requires gamma and cost values as the main parameters, we set gamma as 0.5 and cost as 10, based on the optimal value function. The cost is set higher than general cases. To show the feasibility of the idea proposed in this paper, we compared the proposed method with MLE (Maximum Likelihood Estimation), Term Frequency, and Collective Intelligence method. Overall accuracy and was used as the metric. As a result, the overall accuracy of the proposed method was 92.41% of illegal loan advertisement and 77.75% of illegal visit sales, which is apparently superior to that of the Term Frequency, MLE, etc. Hence, the result suggests that the proposed method is valid and usable practically. In this paper, we propose a framework for crisis management caused by abnormalities of unstructured data sources such as SNS. We hope this study will contribute to the academia by identifying what to consider when applying the SVM-like discrimination algorithm to text analysis. Moreover, the study will also contribute to the practitioners in the field of brand management and opinion mining.

• The Journal of Society for e-Business Studies
• /
• v.27 no.2
• /
• pp.65-77
• /
• 2022

Due to the recent development in electronic financial services, transactions of electronic prepayment are rapidly growing, leading to growing fraud attempts. This paper proposes a methodology that can effectively detect fraud transactions in electronic prepayment by machine learning algorithms, including support vector machines, decision trees, and artificial neural networks. Actual transaction data of electronic prepayment services were collected and preprocessed to extract the most relevant variables from raw data. Two different approaches were explored in the paper. One is a transaction-based approach, and the other is a user ID-based approach. For the transaction-based approach, the first model is primarily based on raw data features, while the second model uses extra features in addition to the first model. The user ID-based approach also used feature engineering to extract and transform the most relevant features. Overall, the user ID-based approach showed a better performance than the transaction-based approach, where the artificial neural networks showed the best performance. The proposed method could be used to reduce the damage caused by financial accidents by detecting and blocking fraud attempts.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.2 s.46
• /
• pp.171-180
• /
• 2007

The financial crime that used morale anger Phishing, Pharming, Vishing, SMiSing etc. will gain during recent cyber crimes. We are study systematically whether or not leakage of information and infringement can how easily occur to Phishing, Vishing, SMiSing using a social engineering technique and VoIP at these papers through experiment. A hacker makes Phishing, Vishing site, and test an information infringement process of a user through PiSing mail and a virus, a nasty code, Vishing, a SMiSing character, disarmament of Keylogger prevention S/W etc. as establish server. Information by Phishing, Vishing, SMiSing is infringed with leakage in the experiment results, and confirm, and test certified certificate and White List and a certified authentication mark, plug-in program installation etc. to prevention, and security becomes, and demonstrate. Technical experiment and prevention regarding Phishing of this paper and Vishing attack reduce the damage of information infringement, and be education for Ubiquitous information security will contribute in technical development.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.791-794
• /
• 2021

범죄차량 판독 시스템, 지능화된 CCTV 등 차량과 관련된 시각지능에 관한 연구가 큰 관심을 받고 있다. 이 중 차량 분류 기술은, 특정 차량을 인식하는 핵심기술이다. 이와 관련한 기존 연구들은 큰 차종으로만 분류하거나, 분류 가능한 차종의 수, 정확도 등이 낮아 실용성 및 신뢰성이 떨어진다는 단점이 있다. 따라서, 본 논문에서는 차종을 정확하게 분류할 수 있는 2단계 차종 분류 알고리즘을 제안한다. 제안 시스템은 CNN으로 학습된 모델을 기반으로 1차로 차량의 유형을 분류하고, 2차로 정확한 차종을 분류한다. 실험 결과, 52개의 차종을 분류함에 있어 단일 분류 모델에 비해 5.3%p 더 높은 90.2%의 분류 정확도를 보였다. 이를 통해, 더욱 정확한 차종 분류가 가능하다.

• Convergence Security Journal
• /
• v.22 no.3
• /
• pp.79-86
• /
• 2022

Voice phishing is a cyber crime in which fake financial institutions, the Public Prosecutor's Office, and the National Police Agency are impersonated to find out an individual's Certification number and credit card number or withdraw a deposit. Recently, voice phishing has been carried out in a subtle and secret way. Analyzing the trend of voice phishing that occurred in '18~'21, it was found that there is a seasonality that occurs rapidly at a time when the movement of money is intensifying in the trend of voice phishing, giving ambiguity to time series analysis. In this research, we adjusted seasonality using the X-12 seasonality adjustment methodology for accurate prediction of voice phishing occurrence trends, and predicted the occurrence of voice phishing in 2022 using the ARIMA model.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.43-54
• /
• 2016

The occurrence of cyber crime is on the rise every year, and the security control center, which should play a crucial role in monitoring and early response against the cyber attacks targeting various information systems, its importance has increased accordingly. Every endeavors to prevent cyber attacks is being attempted by information security personnel of government and financial sector's security control center, threat response Center, cyber terror response center, Cert Team, SOC(Security Operator Center) and else. The ordinary method to monitor cyber attacks consists of utilizing the security system or the network security device. It is anticipated, however, to be insufficient since this is simply one dimensional way of monitoring them based on signatures. There has been considerable improvement of the security control system and researchers also have conducted a number of studies on monitoring methods to prevent threats to security. In accordance with the environment changes from ESM to SIEM, the security control system is able to be provided with more input data as well as generate the correlation analysis which integrates the processed data, by extraction and parsing, into the potential scenarios of attack or threat. This article shows case studies how to detect the threat to security in effective ways, from the initial phase of the security control system to current SIEM circumstances. Furthermore, scenarios based security control systems rather than simple monitoring is introduced, and finally methods of producing the correlation analysis and its verification methods are presented. It is expected that this result contributes to the development of cyber attack monitoring system in other security centers.