• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.267-279
• /
• 2017

This study emulated unscheduled phishing e-mails over a long period of time by imitating the manner in which external hackers attacked a group of employees in a company. We then measured and analyzed the recipient's ability to identify and respond to phishing e-mails as training progressed. In addition, we analyzed the changes in participants' response behavior when changing the external control condition between the training. As a result of the analysis, it was confirmed that the training duration had a positive (+) relationship with the employees' ability to identify phishing e-mails and the infection rate, and more employees read emails and infected with phishing attacks using social issues and seasonal events. It was also confirmed that reinforcement of internal control policy on infected persons affects positively (+) on the phishing attack response behavior of employees. Based on these results, we would like to suggest the right training method for each organization to enhance the ability of employees to cope with phishing attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1263-1269
• /
• 2014

Since the cyber defense has been dependent on commercial products and protection systems, in aspect of the recent trends, our cyber defence ecosystem can be more vulnerable. In case of general defense weapon companies, they have to be observed by the government such as certain proprietary technologies and products for the protection from the enemy. On the contrary, most cyber weapon companies have not been managed like that. For this reason, cyber attack can reach to the inside of our military through the security hole of commercial products. In this paper, we enhanced a military cyber protection ecosystems out of enemy attacks and analyze the hypothetical scenarios to evaluate and verify the vulnerability, and finally more securable ecosystem of military protection system is presented politically and technically.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.7
• /
• pp.1-8
• /
• 2017

As the IT environment becomes more sophisticated, various threats and their associated serious risks are increasing. Threats such as DDoS attacks, malware, worms, and APT attacks can be a very serious risk to enterprises and must be efficiently managed in a timely manner. Therefore, the government has designated the important system as the main information communication infrastructure in consideration of the impact on the national security and the economic society according to the 'Information and Communication Infrastructure Protection Act', which, in particular, protects the main information communication infrastructure from cyber infringement. In addition, it conducts management supervision such as analysis and evaluation of vulnerability, establishment of protection measures, implementation of protection measures, and distribution of technology guides. Even now, security consulting is proceeding on the basis of 'Guidance for Evaluation of Technical Vulnerability Analysis of Major IT Infrastructure Facilities'. There are neglected inspection items in the applied items, and the vulnerability of APT attack, malicious code, and risk are present issues that are neglected. In order to eliminate the actual security risk, the security manager has arranged the inspection and ordered the special company. In other words, it is difficult to check against current hacking or vulnerability through current system vulnerability checking method. In this paper, we propose an efficient method for extracting diagnostic data regarding the necessity of upgrading system vulnerability check, a check item that does not reflect recent trends, a technical check case for latest intrusion technique, a related study on security threats and requirements. Based on this, we investigate the security vulnerability management system and vulnerability list of domestic and foreign countries, propose effective security vulnerability management system, and propose further study to improve overseas vulnerability diagnosis items so that they can be related to domestic vulnerability items.

• Journal of Internet Computing and Services
• /
• v.22 no.3
• /
• pp.27-35
• /
• 2021

With the development of the Internet, various IT technologies such as IoT, Cloud, etc. have been developed, and various systems have been built in countries and companies. Because these systems generate and share vast amounts of data, they needed a variety of systems that could detect threats to protect the critical data contained in the system, which has been actively studied to date. Typical techniques include anomaly detection and misuse detection, and these techniques detect threats that are known or exhibit behavior different from normal. However, as IT technology advances, so do technologies that threaten systems, and these methods of detection. Advanced Persistent Threat (APT) attacks national or companies systems to steal important information and perform attacks such as system down. These threats apply previously unknown malware and attack technologies. Therefore, in this paper, we propose a hybrid intrusion detection system that combines anomaly detection and misuse detection to detect unknown threats. Two detection techniques have been applied to enable the detection of known and unknown threats, and by applying machine learning, more accurate threat detection is possible. In misuse detection, we applied Classification based on Association Rule(CBA) to generate rules for known threats, and in anomaly detection, we used One-Class SVM(OCSVM) to detect unknown threats. Experiments show that unknown threat detection accuracy is about 94%, and we confirm that unknown threats can be detected.

• Journal of Sasang Constitutional Medicine
• /
• v.9 no.1
• /
• pp.303-313
• /
• 1997

Disease depends on the three factors, agent, host and environment. According to history of disease, by early 1900s the case of deaths is infectious disease, in late 1900s care of infectious diseases and tremendous scale of chronic disease, i.e., heart disease, diabetes, cancers and etc, makes care of chronic diseases be a most important theme. Now, life-style of diet is being westernized and in high industry-oriented society, obesity makes attack fate remarkably increase and life-expectancy become short, so that it causes severe problem of health. Chronic disease, such as obesity, is not affected by specific agent, but depends of interaction between host and environmental factors. There is the theory of constitutional medicine in Korean Medicine. According to it, all the people have constitutional specificity and disease. Because obesity is a kind of disease, there is the corresponding constituent being apt to be fat. Oriental Medicine utilizes herb-medication, acupuncture, and massage-therapy in treating obesity. Therefore study on relationship between constituent and obesity for OPD patients of Sangji-Oriental Medicine Hospital is carried out. The results are summarized as followings. 1. 70.2% of obesity patients are Taeumin(太陰人), 26.9% of those are Soyangin(少陽人), 2.9% of thoese are Soeumin(少陰人). 2. Most cases, high value of Free Fat Acid and Triglyceride not that of Total Cholesterol and Low Density Lipoprptein is meaningful in obesity patient blood. The corelationship between lipid test and Constitution is meaningful in Triglyceride and Free Fatty Acid. 3. Obesity is not related with gene. 4. Obesity is not related with Boyak(Herb-Med : 補藥). 5. Obesity mostly happens after delivery, contraception and operation. 6. Obese Patients are apt to eat between meals, especially food of wheat flour such as a snack. 7. The aim of treating obesity is not persuit of beauty but of keeping healthy. 8. 2.2Kg of body weight is lost after 4 week-treatment. 9. Common cause of obesity is overeating of carbohydrate and lipid than meat.