• The Journal of Society for e-Business Studies
• /
• v.20 no.3
• /
• pp.47-58
• /
• 2015

Recently, new information security vulnerabilities have proliferated with the convergence of information security environments and information and communication technology. Accordingly, new types of cybercrime are on the rise, and security breaches and other security-related incidents are increasing rapidly because of security problems like external cyberattacks, leakage by insiders, etc. These threats will continue to multiply as industry and technology converge. Thus, the main purpose of this paper is to design and present security subjects in order to train professional security management talent who can deal with the enhanced threat to information. To achieve this, the study first set key information security topics for business settings on the basis of an analysis of preceding studies and the results of a meeting of an expert committee. The information security curriculum taxonomy is developed with reference to an information security job taxonomy for domestic conditions in South Korea. The results of this study are expected to help train skilled security talent who can address new security threats in the future environment of industrial convergence.

• Journal of Intelligence and Information Systems
• /
• v.23 no.3
• /
• pp.119-138
• /
• 2017

Recently, SNS has become an important channel for marketing as well as personal communication. However, cybercrime has also evolved with the development of information and communication technology, and illegal advertising is distributed to SNS in large quantity. As a result, personal information is lost and even monetary damages occur more frequently. In this study, we propose a method to analyze which sentences and documents, which have been sent to the SNS, are related to financial fraud. First of all, as a conceptual framework, we developed a matrix of conceptual characteristics of cybercriminality on SNS and emergency management. We also suggested emergency management process which consists of Pre-Cybercriminality (e.g. risk identification) and Post-Cybercriminality steps. Among those we focused on risk identification in this paper. The main process consists of data collection, preprocessing and analysis. First, we selected two words 'daechul(loan)' and 'sachae(private loan)' as seed words and collected data with this word from SNS such as twitter. The collected data are given to the two researchers to decide whether they are related to the cybercriminality, particularly financial fraud, or not. Then we selected some of them as keywords if the vocabularies are related to the nominals and symbols. With the selected keywords, we searched and collected data from web materials such as twitter, news, blog, and more than 820,000 articles collected. The collected articles were refined through preprocessing and made into learning data. The preprocessing process is divided into performing morphological analysis step, removing stop words step, and selecting valid part-of-speech step. In the morphological analysis step, a complex sentence is transformed into some morpheme units to enable mechanical analysis. In the removing stop words step, non-lexical elements such as numbers, punctuation marks, and double spaces are removed from the text. In the step of selecting valid part-of-speech, only two kinds of nouns and symbols are considered. Since nouns could refer to things, the intent of message is expressed better than the other part-of-speech. Moreover, the more illegal the text is, the more frequently symbols are used. The selected data is given 'legal' or 'illegal'. To make the selected data as learning data through the preprocessing process, it is necessary to classify whether each data is legitimate or not. The processed data is then converted into Corpus type and Document-Term Matrix. Finally, the two types of 'legal' and 'illegal' files were mixed and randomly divided into learning data set and test data set. In this study, we set the learning data as 70% and the test data as 30%. SVM was used as the discrimination algorithm. Since SVM requires gamma and cost values as the main parameters, we set gamma as 0.5 and cost as 10, based on the optimal value function. The cost is set higher than general cases. To show the feasibility of the idea proposed in this paper, we compared the proposed method with MLE (Maximum Likelihood Estimation), Term Frequency, and Collective Intelligence method. Overall accuracy and was used as the metric. As a result, the overall accuracy of the proposed method was 92.41% of illegal loan advertisement and 77.75% of illegal visit sales, which is apparently superior to that of the Term Frequency, MLE, etc. Hence, the result suggests that the proposed method is valid and usable practically. In this paper, we propose a framework for crisis management caused by abnormalities of unstructured data sources such as SNS. We hope this study will contribute to the academia by identifying what to consider when applying the SVM-like discrimination algorithm to text analysis. Moreover, the study will also contribute to the practitioners in the field of brand management and opinion mining.

• Korean Security Journal
• /
• no.42
• /
• pp.229-249
• /
• 2015

As the post-cold war era and globalization go on, national security problems which were not traditional national security problems such as terrorism, crime, environmental disasters, economic crises, cyber-terrorism, diseases, and energy problems threat humanity and nations and demands changes. Also, with the change, the concept of "big government" has emerged as the role of nation expanded. The modern society sees every country change from small government to big government in order to realize the establishment of welfare state. A comprehensive interpretation of security is needed in order to comprehensive protection of citizens beyond outside invasion such as crime, new disaster, terrorism. In Korea, incidents such as Cheonan-Ham, Yeonpeyong-Do, foot-and-mouth disease, Ddos terrorism, pirates hostages, mad cow disease, AI are happening and the humanitarian support for North Korea and the summit of South and North Korea are at a standstill. Also, National emergency management system, comprehensive emergency management center, countrol tower, national security system, cooperation with citizens, establishment of legal and institutional system are needed. The importance of this research is on the reestablishment of new national security and emergency management system according to the comparison between the national security and counter-terrorism system of Korea and that of the United States which is a leading country in this field. Also, the establishment of national emergency management act is needed as a statute for effective function as currently various laws and administrative organizations are dispersed.

• Journal of Internet Computing and Services
• /
• v.23 no.5
• /
• pp.127-134
• /
• 2022

Steganography is a hidden technique in which secret messages are hidden in various multimedia files, and it is widely exploited for cyber crime and attacks because it is very difficult for third parties other than senders and receivers to identify the presence of hidden information in communication messages. Botnet typically consists of botmasters, bots, and C&C (Command & Control) servers, and is a botmasters-controlled network with various structures such as centralized, distributed (P2P), and hybrid. Recently, in order to enhance the concealment of botnets, research on Stego Botnet, which uses SNS platforms instead of C&C servers and performs C&C communication by applying steganography techniques, has been actively conducted, but image or video media-oriented stego botnet techniques have been studied. On the other hand, audio files such as various sound sources and recording files are also actively shared on SNS, so research on stego botnet based on audio steganography is needed. Therefore, in this study, we present the results of comparative analysis on hidden capacity by file type and tool through experiments, using a stego botnet that performs C&C hidden communication using audio files as a cover medium in Telegram Messenger.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.449-461
• /
• 2016

If students are not aware of the information security, they easily let others know their information or they use others' information with no sense of guilt. The information security education is necessary to protect and prevent students from cyber crime. However, South Korea's information curriculum has no specific information security education course and it has led a school or teacher to teach contents of information ethics superficially. The purpose of this paper is to find the factors affecting the information security practice of the elementary school students. For an empirical analysis, questionnaire survey was conducted and the Partial Least Square(PLS) was used to analyze the research model. The analysis results show that the information ethics awareness and the information security awareness have a positive impact on the information security practice. The results of this study are expected to help choose the specific information security curriculum required for the information security practice of elementary school students.

• Journal of The Korean Association of Information Education
• /
• v.14 no.4
• /
• pp.561-570
• /
• 2010

In recent years, we can see attempts to take advantage of UCC in a way of the education. But in the precedent studies there are not many guidance plans to help teachers apply UCC in the classroom. The purpose of this paper is to suggest a guidance plan to help teachers apply UCC in the classroom and to analyze the effect of educational using UCC Dramatization learning model on the expanding of students' self-directed learning ability in the information communication ethics education. For this, first, a teacher executes preliminary inspection about self-directed learning ability second, students study about "how to prevent them from cyber crime" using UCC Dramatization learning model. Third a teacher executes post inspection about self-directed learning ability and measures the degree of improvement on self-directed learning ability. The final step is to extract the implications from the analysis of the experiments.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.1
• /
• pp.143-151
• /
• 2008

Execute IP traceback at this paper as target an intruder's attacking that Bypass Attack in order to avoid an exposure of own Real IP address Design IP traceback server and agent module, and install in Internet network system for Real IP traceback. Set up detection and chase range aggressive loop around connection arbitrariness, and attack in practice, and generate Real IP data cut off by fatal attacks after data and intrusion detection accessed general IP, and store to DB. Generate the Forensic data which Real IP confirms substance by Whois service, and ensured integrity and the reliability that buy to early legal proof data, and was devoted to of an invader Present the cyber criminal preventive effect that is dysfunction of Ubiquitous Information Society and an effective Real IP traceback system, and ensure a Forensic data generation basis regarding a judge's robe penalty through this paper study.

• Korean Security Journal
• /
• no.53
• /
• pp.11-33
• /
• 2017

Terrorism has existed in the entire human history and has become a significant topic in criminology while prior studies has focused on North Korea as the perpetrator, and this prevents an in-depth discussion of the international trends of terrorism. As soft targets are the main target of new terrorism and because we never ignore the significance of the consequences, there are needs for more studies on the topic. This study conducted a case study of major terrorism attacks and surveyed professionals in the field via an AHP analysis in order to find the characteristics of terrorism and its potential patterns in South Korea. As a result, we found that North Korea or the left-wing may utilize homemade bomb, motor vehicle or drone for the purpose of attacking multi-use facilities in South Korea. For policy implications, we insist developing a better CPTED approach on those facilities, improving professionalism of cyber-watchdog via more training and education, stricter control on drone permit, and operation of counseling centers for preventing radicalization.

• Journal of Digital Contents Society
• /
• v.19 no.1
• /
• pp.181-191
• /
• 2018

With the development of IT, hacking crimes are becoming intelligent and refined. In Emergency response, Big data analysis in information security is to derive problems such as abnormal behavior through collecting, storing, analyzing and visualizing whole log including normal log generated from various information protection system. By using the full log data, including data we have been overlooked, we seek to detect and respond to the abnormal signs of the cyber attack from the early stage of the cyber attack. We used open-source ELK Stack technology to analyze big data like unstructured data that occur in information protection system, terminal and server. By using this technology, we can make it possible to build an information security control system that is optimized for the business environment with its own staff and technology. It is not necessary to rely on high-cost data analysis solution, and it is possible to accumulate technologies to defend from cyber attacks by implementing protection control system directly with its own manpower.

• Information and Communications Magazine
• /
• v.30 no.1
• /
• pp.24-32
• /
• 2012

우리는 지금 스마트 사회에 살아가고 있다. 언제 어디서든 스마트 디바이스를 통해 기존에 PC에서 하던 작업들을 손쉽게 하고 있다. 한편 스마트폰의 확산으로 이용자 수가 급증하고 있는 소셜네트워크 서비스(SNS)는 이용자들이 자신의 일상적인 이야기를 사이버공간에 게시함으로 인해 개인의 사생활 정보들이 노출되고, 그러한 정보들이 범죄에 악용되는 사례들이 눈에 띄게 증가하고 있다. 또한 SNS를 이용한 악성코드의 유포 및 빠른 전파 등도 새로운 보안위협으로 나타나고 있다. 그 밖에 스마트 기기를 대상으로 한 해킹 및 악성코드 감염 등 위협이 증가하고 있는 형편이다. 본고에서는 스마트 사회의 주요 보안위협을 살펴보고 미국, 유럽, 일본, 호주 등 선진국의 관련 정책 동향과 국내 정책과 실태를 분석하여 새로운 정보보호 정책 수립 방향을 제언하고자 한다. 스마트 사회 위험 요소로 가장 보편적으로 사용되고 있는 스마트폰과 스마트폰을 통해 이용되고 있는 소셜네트워크 서비스, 클라우드 서비스의 보안위협을 제기하고 최근 글로벌 이슈로 떠오르고 있는 빅 데이터 환경의 보안위협을 분석하였다. 스마트 사회의 위협을 대비하고 있는 주요국 정책을 살펴보면, 미국의 경우 사회적 합의를 바탕으로한 감시와 통제를 강화하는 정책을 추진 중에 있으며 유럽의 5개국 EU5(영국, 독일, 프랑스, 스페인, 이탈리아)는 스마트폰 위협을 중심으로 공동 대응 방안을 마련하고 있다. 일본은 스마트 워크중심의 보안대책을 강구하고 있으며 호주는 스마트 사회 보안위협에 대한 국민의 인식제고에 주력하고 있다. 국내의 경우도 스마트 사회의 보안위협에 선제적 대응을 위하여 "스마트 모바일 시큐리티 종합계획"을 수립하여 추진중에 있다. 하지만 보안 실태를 보면 스마트 사회 보안위협에 대한 이용자들의 우려는 높은 반면 기업의 보안 대책 마련에 대한 투자는 여전히 미흡한 상황이다. 향후 우리 사회가 디바이스간 융합을 넘어 모든 사물이 연결되는 초(超)연결(Hyper-Connectivity) 시대로 진화되어 가면 편리성이 증대되는 만큼 더 많은 위협에 우리의 일상이 노출되는 문제가 발생하게 될 것이다. 안전한 미래 사회로 진입하기 위해서는 보다 체계적이고 종합적인 정보보호 정책마련이 필요하다. 본고에서는 이를 위한 정책수립의 방향을 제언했다.