• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.215-223
• /
• 2019

The recent trend of cyber attack threat is mainly APT (Advanced Persistent Threat) attack. This attack is a combination of hacking techniques to try to steal important information assets of a corporation or individual, and social engineering hacking techniques aimed at human psychological factors. Spear phishing attacks, one of the most commonly used APT hacking techniques, are known to be easy to use and powerful hacking techniques, with more than 90% of the attacks being a key component of APT hacking attacks. The existing research for cyber security threat defense is mainly focused on the technical and policy aspects. However, in order to preemptively respond to intelligent hacking attacks, it is necessary to study different aspects from the viewpoint of social engineering. In this study, we analyze the correlation between human personality type (DISC) and cyber security threats, focusing on spear phishing attacks, and present countermeasures against security threats from a new perspective breaking existing frameworks.

• Journal of the Korea Convergence Society
• /
• v.2 no.4
• /
• pp.9-14
• /
• 2011

Phishing is an attack to theft an user's identity by masquerading the user or the device. The number of phishing victims are sharply increased due to wide spread use of smart phones and messenger programs. Smart phones can operate various wi-fi based apps besides typical voice call and SMS functions. Generally, the messenger program such as Kakao Talk or Nate On is consisted of client and server functions. Thus, the authentication between the client and the server is essential to communicate securely. In this paper, we propose the messenger authentication protocol safe against smart phone phishing. To protect communications among clients, the proposed method provides message encryption and authentication functions.

• Review of KIISC
• /
• v.29 no.3
• /
• pp.29-36
• /
• 2019

폭발적으로 성장하는 소셜 미디어 서비스로 인해 개인간의 연결이 강화된 환경에서는 URL로써 전파되는 피싱 공격의 위험성이 크게 강조된다. 최근 텍스트 분류 및 모델링 분야에서 그 성능을 입증받은 딥러닝 알고리즘은 피싱 URL의 구문적, 의미적 특징을 각각 모델링하기에 적절하지만, 기존에 사용하는 규칙 기반 앙상블 방법으로는 문자와 단어로부터 추출되는 특징간의 비선형적인 관계를 효과적으로 융합하는데 한계가 있다. 본 논문에서는 피싱 URL의 구문적, 의미적 특징을 체계적으로 융합하기 위한 컨볼루션 신경망 기반의 퓨전 신경망을 제안하고 기계학습 방법 중 최고의 분류정확도 (0.9804)를 달성하였다. 학습 및 테스트 데이터셋으로 45,000건의 정상 URL과 15,000건의 피싱 URL을 수집하였고, 정량적 검증으로 10겹 교차검증과 ROC커브, 정성적 검증으로 오분류 케이스와 딥러닝 내부 파라미터를 시각화하여 분석하였다.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.2 s.46
• /
• pp.171-180
• /
• 2007

The financial crime that used morale anger Phishing, Pharming, Vishing, SMiSing etc. will gain during recent cyber crimes. We are study systematically whether or not leakage of information and infringement can how easily occur to Phishing, Vishing, SMiSing using a social engineering technique and VoIP at these papers through experiment. A hacker makes Phishing, Vishing site, and test an information infringement process of a user through PiSing mail and a virus, a nasty code, Vishing, a SMiSing character, disarmament of Keylogger prevention S/W etc. as establish server. Information by Phishing, Vishing, SMiSing is infringed with leakage in the experiment results, and confirm, and test certified certificate and White List and a certified authentication mark, plug-in program installation etc. to prevention, and security becomes, and demonstrate. Technical experiment and prevention regarding Phishing of this paper and Vishing attack reduce the damage of information infringement, and be education for Ubiquitous information security will contribute in technical development.

• The Journal of the Convergence on Culture Technology
• /
• v.10 no.4
• /
• pp.575-580
• /
• 2024

Detecting the status of websites, normal or phishing, is necessary to defend against intelligent phishing attacks. We propose a machine learning-based classification to predict the status of websites. First, we collect information about 'URL', convert it into numerical data, and remove outliers. Second, we apply VIF(Variance Inflation Factors) to understand the correlation and independence between variables. Finally, we develop a phishing website detection model with machine learning-based classifications, which predicts website status. In the test datasets, Random Forest showed the best performance, with precision of 93.74%, recall of 92.26%, and accuracy of 93.14%. In the future, we expect to apply our model to detect various phishing crimes.

• The Journal of the Korea Contents Association
• /
• v.12 no.5
• /
• pp.32-39
• /
• 2012

When you want to be given the on-line service, their homepage requires sign-up with detail personal information. This collected private information lead to mass data spill by hacking. Especially, this makes terrible social problems that the users who sign up their site are persistingly attacked and damaged by hackers using this information. As methods of the social technologic attacks are simple but based upon human psychology, it is easy that people become a victim in the majority of cases. There is a strategy blocking fishing sites by using the black list for defending these attacks. This tactic, however, has some problems that it isn't possible to handle new fishing sites having a short life-cycle. In this paper, we suggest two solutions to minimize data spill. One marks existing sites with the sign of a reliability measured by a comparison between black list and the white list; therefore, the user check the authenticity about the homepage. The other shut off previously the leaking of private information by sensing a entry of personal information into new sites.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.439-442
• /
• 2014

IT 기술 및 통신이 발전함에 따라, 인터넷을 통한 전자거래가 활성화되면서 금융 대상 피싱 공격이 날로 증가하고 있다. 메일 또는 SMS를 통해 사용자를 위장한 사이트로 접속하도록 유도하여 개인정보를 빼가는 사례가 더욱 빈번해지고 있으며, 금전적인 피해 규모도 급증하고 있다. 그 중에서도 결제 및 금융 관련 사이트가 피싱의 대부분을 차지하고 있다. 본 논문에서는 금융기관 피싱 현황 중 유사 금융 도메인에 대해 살펴보고, 이를 해결하기 위한 방안을 제시하고자 한다. 무엇보다도 유사도메이니의 피싱의 경우, 해당 사이트가 올바른 금융 도메인인지 아닌지를 식별하는 것이 일반 사용자에게 매우 어렵다. 이를 위해 금융 도메인을 쉽게 식별하는 방안 및 효과에 대해 연구하고자 한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.6
• /
• pp.1107-1113
• /
• 2015

The number of phishing/pharming attacks occurring has increased and consequently, the number of studies on anti-phishing/pharming has also increased. The target sites of phishing/pharming are financial sites, and these have a low connection rate compared to those of portal sites. In this paper, we propose an anti-phishing/pharming method that uses a portal site as a stopover. The proposed method is based on the reliability of portal sites. This method is intended for general users rather than for professional users or developers. We also analyze the safety of the proposed method by separating the method into sub components of module safety assumption.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.11
• /
• pp.2341-2346
• /
• 2012

Voice phishing against the old or weak persons have used the methods which are social engineering in the object and financial structure and function. Until recently Voice phishing from Chaina caused economic devastation and the economic loss by phishing grows with the South Koreans in the whole. Korean government and public organizations involved have been strengthening protection system and a financial security devices. But it is not easy to verify how much effects of security measures are. In this paper I will study the economic loss caused by voice phishing and potential economic effects of security measures and security device reinforcements of the Republic of Korea. Direct costs are reported about 100 million dollars and potential economic effects of voice phinshing secure measures may be around 320 million dollars.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.11a
• /
• pp.231-233
• /
• 2022

액티비티 삽입(Activity Injection) 공격은 공격자가 만든 악의적인 화면을 사용자에게 강제로 표시되게 하는 공격으로, 이를 악용하여 다양한 피싱(Phishing) 공격이 가능하다. 액티비티 삽입 공격은 특별한 권한없이 수행될 수 있으며 사용자가 정상적인 앱을 실행했을 때 공격이 수행되기 때문에 사용자 입장에서는 공격의 수행 여부를 판단하기 쉽지 않다. 이렇게 액티비티 삽입 공격이 강력한 반면, 안드로이드 멀웨어(Malware)에서 이러한 공격을 어떻게 활용하고 있는지에 대한 연구 결과가 없어, 액티비티 삽입 공격을 활용하는 멀웨어를 대응하기가 쉽지 않은 실정이다. 본 논문에서는 1,498 개의 안드로이드 멀웨어를 정적 및 동적 분석하여, 안드로이드 멀웨어에서 액티비티 삽입 공격의 활용도를 분석하고 이해하고자 한다.