• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.11
• /
• pp.419-426
• /
• 2016

As the threat of cyber incident grows continuously, the need of IOC(Indicators of Compromise) is increasing to identify the cause of incidents and share it for quick response to similar incidents. But only few companies use it domestically and the research about the application of IOC is deficient compared to foreign countries. Therefore in this paper, a quick and standardized way to create IOC automatically based on the analysis result of malwares from Cuckoo Sandbox and its application is suggested.

• Journal of Korean Society for Quality Management
• /
• v.49 no.4
• /
• pp.505-525
• /
• 2021

Purpose: The purpose of this study was to investigate factors influencing the intention to use Fintech Digital Sand(D-Testbed), which facilitate digital innovation in the financial sectors and allow fintech startups to simulate the PoC their innovative ideas before starting a business. Methods: This study used the Extended Technology Acceptance Model (TAM2), with independent variables such as social influence, personal innovativeness, service quality, relative advantage, and security concerns used in previous studies, for analysis. For mediator variables, the perceived usefulness and perceived ease of use were used in this study. Results: The results indicated that social influence and perceived usefulness have a positive effect on the intention to use. It was also analyzed that relative advantage has a mediating effect on perceived usefulness whereas service quality nor personal innovativeness are not statistically significant mediation. On the other hand, perceived ease of use on the intention is not statistically significant. By this, it was confirmed that the intention to use Fintech Digital Sand(D-Testbed) was to improve the business performance of fintech companies, but not because it was easy to learn and take less effort. Conclusion: The finding of the study provides valuable implications for invigorating the use of fintech digital sandbox(D-testbed) and identifying the factors that affect the perception and intention to use among employees in fintech companies in advance.

• Journal of Digital Convergence
• /
• v.17 no.6
• /
• pp.335-340
• /
• 2019

With the development of the media, pirate platforms and technologies are critical to the design of video content. Games based on online platforms and networking can help you develop games and expand your game as games are developed. Better yet. This paper is a major feature of the growth of the sandbox game that leads the game of InGame. Phenotypical 3D Dress Graphics You can study the usefulness of graphics based on doubles, the advantages of game characters, and space game graphics.

• Journal of Digital Convergence
• /
• v.17 no.3
• /
• pp.73-78
• /
• 2019

Recently, there is a need to introduce a Korean-style restriction sandbox system that exempts or suspends existing regulations so that new products or services based on new technologies can be commercialized without restrictions. In response, the government reorganized the relevant statutes to promptly check regulations centering on four fields, including industrial convergence, ICT, FinTech, and regional innovation growth, and to allow experimental, proof and market releases by setting certain conditions(zone, period, scale, etc.). However, despite the same regulatory sandbox application, depending on the nature of the field applied, differences in application subject, whether application of regulatory specifics, system of push ahead decision-making and whether support of financial and taxation are shown. This research is intended to present efficient operation measures for successful settling of Korean-style regulation sandboxes by comparing and analyzing, centering on the Industrial Fusion Promotion Act in the Industrial Convergence Field, ICT field's Information and Communication Convergence Act, FinTech field's Financial Innovation Act and Regional Special Zone Act in the Regional Innovation and Growth Sector.

• Journal of Information Processing Systems
• /
• v.17 no.4
• /
• pp.851-865
• /
• 2021

Enterprise networks in the PyeongChang Winter Olympics were hacked in February 2018. According to a domestic security company's analysis report, attackers destroyed approximately 300 hosts with the aim of interfering with the Olympics. Enterprise have no choice but to rely on digital vaccines since it is overwhelming to analyze all programs executed in the host used by ordinary users. However, traditional vaccines cannot protect the host against variant or new malware because they cannot detect intrusions without signatures for malwares. To overcome this limitation of signature-based detection, there has been much research conducted on the behavior analysis of malwares. However, since most of them rely on a sandbox where only analysis target program is running, we cannot detect malwares intruding the host where many normal programs are running. Therefore, this study proposes a method to detect malware variants in the host through logs rather than the sandbox. The proposed method extracts common behaviors from variants group and finds characteristic behaviors optimized for querying. Through experimentation on 1,584,363 logs, generated by executing 6,430 malware samples, we prove that there exist the common behaviors that variants share and we demonstrate that these behaviors can be used to detect variants.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.2
• /
• pp.47-54
• /
• 2015

The popularity and adoption of smart-phones has greatly stimulated the spread of mobile malware, especially on the popular platforms such as Android. The fluidity of application markets complicate smart-phone security. There is a pressing need to develop effective solutions. Although recent efforts have shed light on particular security issues, there remains little insight into broader security characteristics of smart-phone application. Now, the analytical methods used mainly are the reverse engineering-based analysis and the sandbox-based analysis. Such methods are can be analyzed in detail. but, they take a lot of time and have a one-time payout. In this study, we develop a system to monitor that mobile application permissions at application update. We had to overcome a one-time analysis. This study is a service-based malware analysis, It will be based will be based on the mobile security study.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.15 no.3
• /
• pp.119-128
• /
• 2019

Minecraft game is a sandboxed game based on a high degree of users' freedom; the game encourages its users to recreate various play patterns to increase their immersion. Although recently there were many studies that use Minecraft game techniques to improve the teaching methods but still not well adapted due to being applications-based techniques. In this paper, we present a teaching model that utilizes the same concept of the Minecraft games in where learners customize the class concepts based on their needs. Moreover, Minecraft-based learning games attempt to be used for learner-led, creativity and programming instruction, to overcome these use-cases limitations, by our study we aim to include the Minecraft-based learning games in class teaching activities, theoretical and practical lessons. In this way, we intend to increase interest in programming lessons, and to increase immersion as another way of game learning. In the future, we attempt to measure various effects of the uses of Minecraft-game-based teaching in programming classes compare to the traditionally used methods.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.6
• /
• pp.3258-3279
• /
• 2019

Recently, ransomware has earned itself an infamous reputation as a force to reckon with in the cybercrime landscape. However, cybercriminals are adopting other unconventional means to seamlessly attain proceeds of cybercrime with little effort. Cybercriminals are now acquiring cryptocurrencies directly from benign Internet users without the need to extort a ransom from them, as is the case with ransomware. This paper investigates advances in the cryptovirology landscape by examining the state-of-the-art cryptoviral attacks. In our approach, we perform digital autopsy on the malware's source code and execute the different malware variants in a contained sandbox to deduce static and dynamic properties respectively. We examine three cryptoviral attack structures: browser-based crypto mining, memory resident crypto mining and cryptoviral extortion. These attack structures leave a trail of digital forensics evidence when the malware interacts with the file system and generates noise in form of network traffic when communicating with the C2 servers and crypto mining pools. The digital forensics evidence, which essentially are IOCs include network artifacts such as C2 server domains, IPs and cryptographic hash values of the downloaded files apart from the malware hash values. Such evidence can be used as seed into intrusion detection systems for mitigation purposes.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.12
• /
• pp.3345-3363
• /
• 2023

Developers often use cross-platform frameworks to create mobile apps that can run on multiple platforms with minimal code changes. However, these frameworks may not suit all the needs of a specific app, so developers may also use native APIs to add platform-specific features. This method eventually dilutes the advantages of cross-platform development methodology that aims to reduce development costs and time, and often leads to a decision to return back to the original native mobile development methodology. In this study, we explore a different approach: combining different cross-platform tools to develop a storybook mobile app that meets various requirements. We have demonstrated that integrating two cross-platform solutions can be used reliably to develop complex mobile applications. However, we also report that this approach can introduce unforeseen issues such as sandbox redundancy, unexpected functional burdens, and redundant permission requests. Despite these challenges, we believe that combining two cross-platform solutions can be applied to a variety of functional and performance requirements, enabling the development of more sophisticated mobile applications at lower costs and with shorter development timelines than traditional mobile app development methodologies.

• International Journal of Computer Science & Network Security
• /
• v.22 no.2
• /
• pp.29-38
• /
• 2022

The growth of digitalization processes around the world, covering almost all areas of human life, including the Fintech sector. In the field of financial technology, radical changes are taking place with increasing levels of automation, openness and consumer focus. In addition, in the context of the spread of coronavirus infection, quarantine and forced isolation, the role of digital technology is coming to the fore worldwide, including in Ukraine. The purpose of the article is to assess the development of Fintech ecosystem of European countries and outline the strategic parameters of domestic Fintech development. The study concluded that the investment raised for the Fintech industry increases annually and the quality and size of transactions gradually increases. Today, Fintech maintains its position as one of the most attractive markets for venture capitalists and the image of an industry with high potential, especially in the era of open banking. The most attractive markets for investors are mature markets, such as the United States, Germany and the United Kingdom, and the preferred niches for investment - the vertical of payments and lending. Trends in investment activity in terms of investing in financial technologies are studied. Moreover, investors prefer businesses that already have a significant scale or considerable potential to achieve it and become sustainable businesses.