• The Journal of Information Systems
• /
• v.27 no.1
• /
• pp.171-191
• /
• 2018

Purpose Corporate technology leakage is not only monetary loss, but also has a negative impact on the corporate image and further deteriorates sustainable growth. In particular, since SMEs are highly dependent on core technologies compared to large corporations, loss of technology leakage threatens corporate survival. Therefore, it is important for SMEs to "prevent and protect technology leakage". With the recent development of data analysis technology and the opening of public data, it has become possible to discover and proactively detect companies with a high probability of technology leakage based on actual company data. In this study, we try to construct profiles of enterprises with and without technology leakage experience through profiling analysis using data mining techniques. Furthermore, based on this, we propose a classification model that distinguishes companies that are likely to leak technology. Design/methodology/approach This study tries to develop the empirical model for prevention and protection of technology leakage through profiling method which analyzes each SME from the viewpoint of individual. Based on the previous research, we tried to classify many characteristics of SMEs into six categories and to identify the factors influencing the technology leakage of SMEs from the enterprise point of view. Specifically, we divided the 29 SME characteristics into the following six categories: 'firm characteristics', 'organizational characteristics', 'technical characteristics', 'relational characteristics', 'financial characteristics', and 'enterprise core competencies'. Each characteristic was extracted from the questionnaire data of 'Survey of Small and Medium Enterprises Technology' carried out annually by the Government of the Republic of Korea. Since the number of SMEs with experience of technology leakage in questionnaire data was significantly smaller than the other, we made a 1: 1 correspondence with each sample through mixed sampling. We conducted profiling of companies with and without technology leakage experience using decision-tree technique for research data, and derived meaningful variables that can distinguish the two. Then, empirical model for prevention and protection of technology leakage was developed through discriminant analysis and logistic regression analysis. Findings Profiling analysis shows that technology novelty, enterprise technology group, number of intellectual property registrations, product life cycle, technology development infrastructure level(absence of dedicated organization), enterprise core competency(design) and enterprise core competency(process design) help us find SME's technology leakage. We developed the two empirical model for prevention and protection of technology leakage in SMEs using discriminant analysis and logistic regression analysis, and each hit ratio is 65%(discriminant analysis) and 67%(logistic regression analysis).

• Korean Security Journal
• /
• no.29
• /
• pp.7-34
• /
• 2011

Achieving high-level technology in fields such as IT-related industry, semiconductors, mobile phones, LCD, automobile, shipbuilding, etc., Korea has become an international market leader in those fields. In results, there are the increasing numbers of technology leakage attempts in various manners. Recently, technology leakages are not limited to illegal industrial espionage, but also occur during usual corporate proceedings such as technology transfer, joint research and M&A. In fact, there was a technology leakage issue in the M&A between Ssangyong Motors of Korea and Shanghai Motors of China. Current M&A regulations of Korea are not independent laws, but are spread over various laws, such as commercial law, Capital Markets and the Financial Investment Services Act, Foreign Trade Act, etc. This paper focuses on whether the current Korean regulations regarding M&A are able to effectively restrict the leakage of major information of corporate during M&A and seeks the complements.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.20 no.4
• /
• pp.579-586
• /
• 2017

The defense industry has become a global industry, and military technology is actively being traded between countries to increase their military capabilities. The Republic of Korea has been ranked one of the top 10 countries for exports of military technology. To maintain competitive advantages in the global defense industry, it is essential to protect key technologies employed by exported weapon systems. Various techniques have been developed for protection of confidential technologies in weapon systems, and the U.S. DoD has been leading the development of the protection techniques. This paper reviews current anti-tampering techniques that prevent leakage of key technology from weapon exportation or pillage. Based on the protection techniques employed by the U.S. DoD Anti-Tamper Executive Agent, this paper suggests novel design methods for protection of confidential technologies. The proposed design methods were tested on an actual weapon system.

• Korean Security Journal
• /
• no.25
• /
• pp.109-130
• /
• 2010

As many countries in the world including the Republic of Korea have used all their national resources in the accelerating economic information warfare, illegal leakage of industrial technologies and information has increased rapidly. The costs required for damage prevention from 2007 to 2008 are estimated at approximately KRW 180 trillion which is expected to increase gradually in future. Because the tricks of leaking key technologies are also getting increasingly systematized, sophisticated and bigger, e.g., simple theft at the individual level or the conspiracy of all the staff taking part in the research activities, we should pay special attention to technology security in addition to technology development. While there are several factors affecting such the brain drain, they usually include personal, social, political and cultural factors, for instance, very heavy educational expenditure of children compared to relatively low pay, the speedy labor market circulation for experienced personnel, or political restrictions on researches. In this context, as part of efforts made to prevent the outflow of core personnel, individual companies and research institutes should establish systematically appropriate core personnel management systems for their own organizational or business goals and principles which are intented to ensure to give better treatment and benefit to core personnel and to exercise closer supervision over them. Furthermore, the conventional personnel management system should be radically and flexibly improved in the manner of encouraging the core personnel returning to the organization to combine their external experiences with practices, instead of penalizing them. At the same time, it is necessary to train and educate core personnel through mutual collaboration and in-house training facilities as well as external academic programs operated jointly at the level of the industry. Finally, as the issues concerning the outflow of core personnel are not just problems of relevant companies and other advanced countries have devoted their best efforts to secure their own key technologies at the national level, it is urgent for the industry and the competent authorities to cooperate closely.

• The Journal of Society for e-Business Studies
• /
• v.25 no.1
• /
• pp.215-228
• /
• 2020

M&As are continuing to grow globally and are expected to increase in the future. With the fourth industrial revolution and the strengthening of neo-protection trade between countries, technology is cited as the core of national competitiveness, and the trend of M&A's increase, which is aimed at securing technology, is expected to continue. However, the risk of technology leakage, which is difficult to determine clearly illegally in the process of M&A, is still growing, and there is not enough prevention or response to this problem. the purpose of this paper was to divide the M&A process into seven stages and to ensure that important information of the enterprises during M&A between the countries and the domestic companies was not leaked unfairly, and each step analyzed the risk factors and causes of the leakage of important information in the M&A process and presented a risk-specific management plan for minimizing the leakage of important information based on the importance of the risk factors. Companies that pursue M&A in the future will reflect the M&A step-by-step risk and risk management measures derived based on case analysis and expert surveys. I hope to use risk management measures to help minimize unintentional leakage of important corporate information into the outside.

• Convergence Security Journal
• /
• v.17 no.2
• /
• pp.3-13
• /
• 2017

In the knowledge-information society, many domestic companies put lots of investment in technical development to possess core technologies and intellectual property. However, in the results of passive investment in security to protect their technologies compared to the active investment in technical development, the technology leaks from many companies and research institutes are rapidly increasing. Such increase of technology leaks not only causes damage to companies, but also has harmful effects on national economy directly and indirectly. Even though it has been perceived that a lot of industrial technology leak crimes are committed by former/current workers of small and medium-sized businesses, it is hard to find researches that mainly compare and analyze them. Therefore, this study aimed to understand the actual status of industrial technology leaks by analyzing cases of industrial technology leaks from 2014 to 2016 based on the type of victimized companies, corporate internal leakers' positions, matter of complicity, tools used for technology leaks, and motivation for technology leaks. Through the analysis in each type, the patterns and characteristics of industrial technology leaks were researched, and also the exploratory research on industrial security for the prevention of industrial technology leaks was conducted.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.33-41
• /
• 2023

In recent years, advanced persistent threat (APT) attack organizations have exploited various vulnerabilities and attack techniques to target companies and institutions with national core technologies, distributing ransomware and demanding payment, stealing nationally important industrial secrets and distributing them on the black market (dark web), selling them to third countries, or using them to close the technology gap, requiring national-level security preparations. In this paper, we analyze the attack methods of attack organizations such as Kimsuky and Lazarus that caused industrial secrets leakage damage through APT attacks in Korea using the MITRE ATT&CK framework, and derive 26 cybersecurity-related administrative, physical, and technical security requirements that a company's security system should be equipped with. We also proposed a security framework and system configuration plan to utilize the security requirements in actual field. The security requirements presented in this paper provide practical methods and frameworks for security system developers and operators to utilize in security work to prevent leakage of corporate industrial secrets. In the future, it is necessary to analyze the advanced and intelligent attacks of various APT attack groups based on this paper and further research on related security measures.

• Journal of the Korean Society of Safety
• /
• v.31 no.5
• /
• pp.22-27
• /
• 2016

The Electrostatic Charge Prevention Technology is a core factor that highly influences the yield of Ultra High Resolution Flat Panel Display and high-integrated semiconductor manufacturing processes. The corona or x-ray ionizations are commonly used in order to eliminate static charges during manufacturing processes. To develop such a revolutionary x-ray ionizer that is free of x-ray radiation and has function to control the volume of ion formation simultaneously is a goal of this research and it absolutely overcomes the current risks of x-ray ionization. Under the International Commission on Radiological Protection, it must have a leakage radiation level that should be lower than a recommended level that is $1{\mu}Sv/hour$. In this research, the new generation of x-ray ionizer can easily control both the volume of ion formation and the leakage radiation level at the same time. In the research, the test constraints were set and the descriptions are as below; First, In order not to leak x-ray radiation while testing, the shielding box was fully installed around the test equipment area. Second, Implement the metallic Ring Electrode along a tube window and applied zero to ${\pm}8kV$ with respect to manage the positive and negative ions formation. Lastly, the ion duty ratio was able to be controlled in different test set-ups along with a free x-ray leakage through the metallic Ring Electrode. In the result of experiment, the maximum x-ray radiation leakage was $0.2{\mu}Sv/h$. These outcome is lower than the ICRP 103 recommended value, which is $1{\mu}Sv/h$. When applying voltage to the metallic ring electrode, the positive decay time was 2.18s at the distance of 300 mm and its slope was 0.272. In addition, the negative decay time was 2.1s at the distance of 300 mm and its slope was 0.262. At the distance of 200 mm, the positive decay time was 2.29s and its slope was 0.286. The negative decay time was 2.35s and its slope was 0.293. At the distance of 100 mm, the positive decay time was 2.71s and its slope was 0.338. The negative decay time was 3.07s and its slope was 0.383. According to these research, the observation was shown that these new concept of ionizer is able to minimize the leakage radiation level and to control the positive and negative ion duty ratio while ionization.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.89-97
• /
• 2020

Recently, security issues on industrial technology are undergoing rapid changes around the world. Developed countries are establishing response strategies to protect their own core technologies while creating conflicts with global value chains and foreign capital movement. Also in Korea, we are approaching industrial security issues in the mid- to long-term industrial competitiveness. The purpose of this study is to survey on the awareness of the industrial security ecosystem and derive key policy issues. Based on a three round survey, four policies were suggested as followings : systemization of industrial security control tower, enhancement of security company's technical skills and training of security specialists, improvement of technology leakage prevention system through retirement personnel and M&A, reinforcement of research security in R&D process and proactive technology protection. It is hoped that this study will serve as a basis for policy-making as an evidence-based study reflecting the policy demands of industrial security.

• Journal of the Korean Institute of Gas
• /
• v.23 no.5
• /
• pp.35-43
• /
• 2019

The safety of industrial valves, which are the core parts of plant facilities, are managed by manpower and there are difficulties because of side area for inspection and limited accessibility due to the nature of facilities. The industrial valves used in plant facilities cause problems such as interrupted production; a loss of life due to leak or explosion of poisonous material and flammable gases, and difficulty in locating accident positions in the event of leakage or failure. Therefore, safety management and control systems based on IoT technology are needed. This study is about the development of risk factor prediction technique among the safety management of industrial valves through IoT- based wireless communication and the development of actuator control system. We have developed IoT-based industrial valve safety management techniques to prevent accidents caused by main risk factors by conducting an analysis of the structural characteristics of valves and an analysis of the causes of main risk factors through review of failure data and literature and an analysis of accident scenarios.