• Journal of Internet Computing and Services
• /
• v.23 no.4
• /
• pp.87-94
• /
• 2022

Recently, with the development of information and communication infrastructure, the number of Internet access devices is rapidly increasing. Smartphones, laptops, computers, and even IoT devices are receiving information and communication services through Internet access. Since most of the device operating environment consists of web (WEB), it is vulnerable to web cyber attacks using web shells. When the web shell is uploaded to the web server, it is confirmed that the attack frequency is high because the control of the web server can be easily performed. As the damage caused by the web shell occurs a lot, each company is responding to attacks with various security devices such as intrusion prevention systems, firewalls, and web firewalls. In this case, it is difficult to detect, and in order to prevent and cope with web shell attacks due to these characteristics, it is difficult to respond only with the existing system and security software. Therefore, it is an automated defense system through the collection and analysis of web shells based on artificial intelligence machine learning that can cope with new cyber attacks such as detecting unknown web shells in advance by using artificial intelligence machine learning and deep learning techniques in existing security software. We would like to propose about. The machine learning-based web shell defense system model proposed in this paper quickly collects, analyzes, and detects malicious web shells, one of the cyberattacks on the web environment. I think it will be very helpful in designing and building a security system.

• Journal of Korean Society for Geospatial Information Science
• /
• v.22 no.4
• /
• pp.135-142
• /
• 2014

As interest in social safety has recently increased at the national level, the various activities which can effectively prevent crimes are being carried out. Because the existing maps related to crimes provide the information about the present condition of crimes by administrative district for users, women and pedestrians who go by night could not actually grasp safe roads in advance. Therefore, this study developed the methodology that can easily extract dangerous areas due to crimes by the digital map 2.0. In the digital map 2.0, location and attribute information of center-lines of roads and building layers were used to find dangerous areas of crimes in these layers. Pavement materials and road width which are already built by the attribute information were used in the center-lines of roads. Crossing angles that roads and roads cross each other were additionally extracted and utilized. The attribute information about building types were input in the building layers of the digital map 2.0. The areas that are more the threshold values set by totaling up all the risk scores when considering pavement materials, road width, crossing angles of road, and building types in the center-lines of roads and road crossings were extracted as the dangerous areas that crimes can occur. Verification of the developed methodology was done by experiment. In the spatial apsect, the dangerous areas of crimes could be found by using the digital 2.0, roads, and building layers only through the experiment. In the administrative aspect to prevent crimes, additional installation of safety facilities such as street lights and security lights in the identified areas which are vulnerable for crimes is thought to be increasing safety of dangerous areas.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.10
• /
• pp.349-360
• /
• 2015

In recent year, phishing attacks are flooding with services based on the web technology. Phishing is affecting online security significantly day by day with the vulnerability of web pages. To prevent phishing attacks, a lot of anti-phishing techniques has been made with their own advantages and dis-advantages respectively, but the phishing attack has not been eradicated completely yet. In this paper, we have studied phishing in detail and categorize a process of phishing attack in two parts - Landing-phase, Attack-phase. In addition, we propose an phishing detection methodology based on web sites heuristic. To extract web sites features, we focus on URL and source codes of web sites. To evaluate performance of the suggested method, set up an experiment and analyze its results. Our methodology indicates the detection accuracy of 98.9% with random forest algorithm. The evaluation of proof-of-concept reveals that web site features can be used for phishing detection.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.9
• /
• pp.2145-2152
• /
• 2015

The existing CCTV has limitation such as problem on usage of the off-line type of recorded image for specific investigation, and requirement on interactive operator intervention for real-time surveillance. Therefore, it is required to develop the intelligent CCTV equipped with various functionalities in order to overcome drawbacks mentioned above. In this paper, implementation methods of image-based virtual fence were proposed by using the spline curves with supplied control for setup of surveillance area. In addition, pre-alarm region within the predefined distance was established with tangent and normal lines extracted from control points. The image-based virtual fence can be used for remote detection of intrusion and provision of real-time intrusion alarm, and can be expected to use in safety-related application areas including security and crime prevention.

• Korean Security Journal
• /
• no.61
• /
• pp.59-85
• /
• 2019

In the reality that the boundary between the real world and the virtual world disappears with the 4th Industrial Revolution, cyber crimes that occur beyond time and space have clear limitations in fulfilling their duties only with the police force of government organizations established under the real law system. The research method of this thesis is based on the literature research and the experience of security work. The purpose of this paper is to establish a social system where collective intelligence of each social field can participate voluntarily to respond to cyber crimes occurring beyond the time and space before the law and institutionalization. In addition, the social system in which collective intelligence in each social sector can participate voluntarily was established to define crime types in cyberspace in real time and to prevent crimes defined by the people themselves and the counter-measures had been proposed in order to form social consensus. First, it is necessary to establish a collective intelligent network-type cyberpolice volunteer system. The organization consists of professors of security and security related departments at universities nationwide, retired public officials from the National Intelligence Service, the National Police Agency, and the National Emergency Management Agency, security companies and the organizations, civilian investigators, security & guard, firefighting, police, transportation, intelligence, security, national security, and research experts. Second, private sector regulation should be established newly under the Security Business Act. Third, the safety guard of the collective intelligent cyberpolice volunteer system for the stability of the people's lives should strengthen volunteer work. Fourth, research lessons and legal countermeasures against cybercrime in advanced countries should be introduced. Fifth, the Act on the Protection of Personal Information, the Act on Promotion of Information and Communication Network Utilization and Information Protection, the Act on the Utilization and Protection of Credit Information, and the Special Act on the Materials and Parts Industry should be amended. Sixth, police officers should develop cybercrime awareness skills for proactive prevention activities.

• Korean Security Journal
• /
• no.39
• /
• pp.37-61
• /
• 2014

Nowadays the world is threatened because of terrors that take aim at Soft-Targets available and easy to access to the people rather than more secured Hard-Targets. The inspection department of the Presidential Security Service develops and acts a perfect safety plan wherever the President stays so that it is possible to get immediate actions for various contingencies. Some events, in which the President take part, could be held in a lower or higher store in a tall building. Additional to the routine work at this case it is to emphasize on a plan of fire precaution to check the spot and respond to a real fire situation, so that the damage could be minimized. First, the agents of the President Security Service should possess basic knowledge concerning to the fire accidents and be trained on their manuals, even in a busy events plan. An organization, whatever it is, could be improved in that it tries to develop not only the personal abilities, but also education programs of the organization continually. And enhanced abilities of the members lead to the driving force for the advance. The knowledge of fire accident should be able to adapt to the real situation. Second, related to the event, it should be cooperated with the relevant departments, so that it is possible to conduct and control the system. It is urgently required to know that the security event could not be done perfectly with only one part or department. Third, from the time of recognizing of the event it is necessary for the fire department to get an action plan with fire fighting measures, evacuation measures based of the instructions given by the Security Service. Fourth, on the knowledge of the action plan of the fire department the Security Service should inspect the safety activities of the spot and establish the practical operation plan through the fire fighting and evacuation plan. Fifth, the Security Service should share final informations and plan of fire fighting in a high-rise building with the other relevant departments. If not, it could cause a great confusion that could lead to a great damage.

• The Korean Society of Law and Medicine
• /
• v.23 no.4
• /
• pp.29-74
• /
• 2022

As social disasters occur under the Disaster Management Act, which can damage the people's "life, body, and property" due to the rapid spread and spread of unexpected COVID-19 infectious diseases in 2020, information collected through inspection and reporting of infectious disease pathogens (Article 11), epidemiological investigation (Article 18), epidemiological investigation for vaccination (Article 29), artificial technology, and prevention policy Decision), (3) It was used as an important basis for decision-making in the context of an infectious disease crisis, such as promoting vaccination and understanding the current status of damage. In addition, medical policy decisions using infectious disease data contribute to quarantine policy decisions, information provision, drug development, and research technology development, and interest in the legal scope and limitations of using infectious disease data has increased worldwide. The use of infectious disease data can be classified for the purpose of spreading and blocking infectious diseases, prevention, management, and treatment of infectious diseases, and the use of information will be more widely made in the context of an infectious disease crisis. In particular, as the serious stage of the Disaster Management Act continues, the processing of personal identification information and sensitive information becomes an important issue. Information on "medical records, vaccination drugs, vaccination, underlying diseases, health rankings, long-term care recognition grades, pregnancy, etc." needs to be interpreted. In the case of "prevention, management, and treatment of infectious diseases", it is difficult to clearly define the concept of medical practicesThe types of actions are judged based on "legislative purposes, academic principles, expertise, and social norms," but the balance of legal interests should be based on the need for data use in quarantine policies and urgent judgment in public health crises. Specifically, the speed and degree of transmission of infectious diseases in a crisis, whether the purpose can be achieved without processing sensitive information, whether it unfairly violates the interests of third parties or information subjects, and the effectiveness of introducing quarantine policies through processing sensitive information can be used as major evaluation factors. On the other hand, the collection, provision, and use of infectious disease data for research purposes will be used through pseudonym processing under the Personal Information Protection Act, consent under the Bioethics Act and deliberation by the Institutional Bioethics Committee, and data provision deliberation committee. Therefore, the use of research purposes is recognized as long as procedural validity is secured as it is reviewed by the pseudonym processing and data review committee, the consent of the information subject, and the institutional bioethics review committee. However, the burden on research managers should be reduced by clarifying the pseudonymization or anonymization procedures, the introduction or consent procedures of the comprehensive consent system and the opt-out system should be clearly prepared, and the procedure for re-identifying or securing security that may arise from technological development should be clearly defined.

• Korean Security Journal
• /
• no.49
• /
• pp.187-214
• /
• 2016

In the mordern society, the reliance on the cyber domain and the cyber connectivity has been increasingly strengthened. Due to this phenomenon, the cyberterror against critical infrastructures and state organs might lead to fatal consequences. Lately, North Korea's cyberattacks against South Korea's national organizations and financial computer networks are becoming more and more intelligent and sophisticated. The cyberattacks against such critical infrastructures have caused enormous economic loss and social disorder. This paper is designed to examine comparatively the cyberterror related laws and organizations of the advanced countries such as U.S. and U.K. and to draw implications. Although those countries are under different institutional and cultural backgrounds with varying security envrionments, they are identically pursuing measures by establishing government-wide counterterror system for coordination and cooperation. They are also commonly focusing upon creating new organizations equipped with new system and upon enhancing intelligence performance and devising punishment regulations. Korea is lack of framework laws regulating cyber security, having only scattered individual laws. Since such legal base is far from efficient counterterror activities, it is necessary that the legal and policy response of the advanced countries should be closely studied for selective introduction. That will eventually lead to legislation of cyber security law. With such legislation on hand, it is subsequently required to strengthen crisis management for prevention of cyberterror and to create joint response team, cooperating with private organizations.

• The Journal of the Korea Contents Association
• /
• v.21 no.3
• /
• pp.707-719
• /
• 2021

The purpose of this study was to find out how effect does the second-stage which is the intensive course program for sexual offenders of three-stage(basic, intensive and advanced remedial) on impulsivity, anger expression, rape myth and self-esteem of sexual offenders. To this end, 10 people waiting for the second-stage intensive education among sexual violence offenders serving at M prison located in J province were selected as subjects for the study. To verify the effectiveness of the program, repeated measurement design(pre, post and one month post test) was conducted, and a total of 200 hours of 'Intensive Course Program on the Sexual Violence' was conducted to the subjects. The results of this study are as follows. It was confirmed that the intensive course program on the sexual violence for the re-crime risky group in the sex offender is effective in reducing impulsivity and anger expression, which are risk factors of sexual crime, bringing positive changes to rape myths, which are distorted sexual perceptions of sexual violence criminals, and improving self-esteem. Finally, it suggested the necessity of continuous development and improvement of sexual violence preventive programs targeting sexual offenders, and construction of systematic supervision and related system to ensure the effectiveness of remedial after release of sexual offenders.