• Smart Media Journal
• /
• v.13 no.6
• /
• pp.9-15
• /
• 2024

In recent trends, there has been an increase in 'Qshing' attacks, a hybrid form of phishing that exploits fake QR (Quick Response) codes impersonating government agencies to steal personal and financial information. Particularly, this attack method is characterized by its stealthiness, as victims can be redirected to phishing pages or led to download malicious software simply by scanning a QR code, making it difficult for them to realize they have been targeted. In this paper, we have developed a classification technique utilizing machine learning algorithms to identify the maliciousness of URLs embedded in QR codes, and we have explored ways to integrate this with existing QR code readers. To this end, we constructed a dataset from 128,587 malicious URLs and 428,102 benign URLs, extracting 35 different features such as protocol and parameters, and used AutoML to identify the optimal algorithm and hyperparameters, achieving an accuracy of approximately 87.37%. Following this, we designed the integration of the trained classification model with existing QR code readers to implement a service capable of countering Qshing attacks. In conclusion, our findings confirm that deriving an optimized algorithm for classifying malicious URLs in QR codes and integrating it with existing QR code readers presents a viable solution to combat Qshing attacks.

• The Journal of the Convergence on Culture Technology
• /
• v.10 no.3
• /
• pp.209-217
• /
• 2024

The purpose of this study is to explore development plans by analyzing social interests and perceptions of jiu-jitsu using big data analysis. Network analysis, centrality analysis, and CONCOR analysis were conducted by collecting data for the last 10 years of major domestic portal sites. First, 'judo' was found to be the most important related word in network analysis, and 'judo' was also an important word in the analysis of dgree centrality. In the closeness centrality analysis, "defender" was the most important word, and "sports" was the most important word in betweenness centrality. Finally, as a result of CONCOR analysis, four clusters (related sports and marketing, jiu-jitsu competitions, belt test, supplies and expenses) were formed. As a conclusion of the study, first, words such as 'judo', 'exercise', 'competition', 'dobok', 'gym', and 'graduation' should be actively used to promote jiu-jitsu.As a conclusion of the study, first, words such as 'judo', 'exercise', 'contest', 'dobok', 'gym', and 'graduation' should be actively used to promote jiu-jitsu. Second, it is necessary to share information on training costs through various routes, to make awareness of the graduation process or method common, and to develop safety products and create a safe training culture. Third, it is necessary to find ways to continuously increase the influx of new trainees by attracting steady competitions.

• Journal of the Korea institute for structural maintenance and inspection
• /
• v.28 no.3
• /
• pp.100-107
• /
• 2024

Currently, in Korea, due to the rapid aging and deterioration of facilities, the minimum Maintenance Level and Performance Level' of facilities are required by the 'Facility Safety Act' or 'Infrastructure Management Act'. Since infrastructure assets have a long lifespan and the pattern of deterioration over time is complex, it is very difficult to maintain infrastructure as 'minimum maintenance state' or 'minimum performance state' by the current way of management. 'Asset Management' shall be performed not only by a technical perspective, but also by an accounting perspective such as cost and asset value. However, due to lack of awareness of 'asset management' among stakeholder, only technical perspective management is being carried out in practice. In order to effectively manage infrastructure assets, complex consideration of various asset value factors such as budget and service as well as safety and durability are required. In this paper, we presented a theory to evaluate and quantify the road network value for efficient asset management of the road network. We also presented a method of simulation to apply the theory presented in this paper. Through simulation and the results derived from this study, it is possible to specify the budget for the future national asset management, and to optimize the strategy for the management of old road facilities.

• Information Systems Review
• /
• v.20 no.4
• /
• pp.43-57
• /
• 2018

We propose network effects upon the investment decision of cloud-based ERP. Using the survey data collected from 82 companies in 2015, we examine whether IT managers have an intention to adopt real options in order to manage the risk of cloud-based ERP investments and how the network effects influence upon the intention to adopt real options. Based on prior literature, we propose a research model with 4 hypotheses. We find partial support of the hypotheses from the empirical analysis: technological risks has a positive impact upon the adoption of real options such as defer, contract, and abandon. In contrast, we find no significant impact of security risks upon real options. We validate positive network effects upon the adoption of real options such as defer, contract, and abandon. This work empirically find that IT managers in Korean middle and small sized firms have an intention to adopt real options when the managers realize economic, technological, and relationship risks and when they expect network effects.

• Journal of Intelligence and Information Systems
• /
• v.23 no.1
• /
• pp.143-159
• /
• 2017

Due to the rapid development of IT in recent years, not only personal information but also the key technologies and information leakage that companies have are becoming important issues. For the enterprise, the core technology that the company possesses is a very important part for the survival of the enterprise and for the continuous competitive advantage. Recently, there have been many cases of technical infringement. Technology leaks not only cause tremendous financial losses such as falling stock prices for companies, but they also have a negative impact on corporate reputation and delays in corporate development. In the case of SMEs, where core technology is an important part of the enterprise, compared to large corporations, the preparation for technological leakage can be seen as an indispensable factor in the existence of the enterprise. As the necessity and importance of Information Security Management (ISM) is emerging, it is necessary to check and prepare for the threat of technology infringement early in the enterprise. Nevertheless, previous studies have shown that the majority of policy alternatives are represented by about 90%. As a research method, literature analysis accounted for 76% and empirical and statistical analysis accounted for a relatively low rate of 16%. For this reason, it is necessary to study the management model and prediction model to prevent leakage of technology to meet the characteristics of SMEs. In this study, before analyzing the empirical analysis, we divided the technical characteristics from the technology value perspective and the organizational factor from the technology control point based on many previous researches related to the factors affecting the technology leakage. A total of 12 related variables were selected for the two factors, and the analysis was performed with these variables. In this study, we use three - year data of "Small and Medium Enterprise Technical Statistics Survey" conducted by the Small and Medium Business Administration. Analysis data includes 30 industries based on KSIC-based 2-digit classification, and the number of companies affected by technology leakage is 415 over 3 years. Through this data, we conducted a randomized sampling in the same industry based on the KSIC in the same year, and compared with the companies (n = 415) and the unaffected firms (n = 415) 1:1 Corresponding samples were prepared and analyzed. In this research, we will conduct an empirical analysis to search for factors influencing technology leakage, and propose an early warning system through data mining. Specifically, in this study, based on the questionnaire survey of SMEs conducted by the Small and Medium Business Administration (SME), we classified the factors that affect the technology leakage of SMEs into two factors(Technology Characteristics, Organization Characteristics). And we propose a model that informs the possibility of technical infringement by using Support Vector Machine(SVM) which is one of the various techniques of data mining based on the proven factors through statistical analysis. Unlike previous studies, this study focused on the cases of various industries in many years, and it can be pointed out that the artificial intelligence model was developed through this study. In addition, since the factors are derived empirically according to the actual leakage of SME technology leakage, it will be possible to suggest to policy makers which companies should be managed from the viewpoint of technology protection. Finally, it is expected that the early warning model on the possibility of technology leakage proposed in this study will provide an opportunity to prevent technology Leakage from the viewpoint of enterprise and government in advance.

• Convergence Security Journal
• /
• v.15 no.3_2
• /
• pp.59-70
• /
• 2015

This study aims at exploring relation of social security network building, civil culture and community unity. To achieve the purpose, this study selected the general citizens in Seoul Region (Gangdong, Gangseo, Gangnam and Gangbuk) from Jul. 15 to Sept. 15, 2014 as population and sampled 400 people using cluster random sampling. Excluding unhonest data, the number of cases used for the final analysis is 337 people. The collected data were analyzed for the study purpose using SPSSWIN 18.0, as statistical techniques, factor analysis, reliability analysis, correlation analysis, t-test, one-way ANOVA, multiple regression analysis, path analysis etc. were used. First, social security network building has an effect on civil culture. That is, the more activated voluntary crime prevention activity, the higher order law-abiding spirit. The more activated local government security education, police public order service, the higher awareness of participation becomes. First, social security network building has an effect on civil culture. That is, the more activated voluntary crime prevention activity, the higher order law-abiding spirit. The more activated local government security education, police public order service, the higher awareness of participation becomes. The more activated voluntary crime prevention activity, street CCTV facilities, police public order service, the higher tolerance spirit becomes. On the contrary, street CCTV facilities reduce citizens' autonomy. Second, social security network building has an effect on community unity. The more activated street CCTV facilities, police public order service, crime prevention design, the higher a sense of stability becomes. The more activated local government security education, police public order service, crime prevention design, the higher awareness of community becomes. The more activated voluntary crime prevention activity, government security education, police public order service, crime prevention design, the higher community institution becomes. Third, civil culture has an effect on community unity. That is, the more activated awareness of community, tolerance spirit, the higher a sense of stability, awareness of community and community system become. Fourth, social security network building has an effect on civil culture and community unity. That is, social security network building has a low effect community institution directly, but if civil culture is enhanced through social security network building, then it has a high effect on community unity.

• Journal of dental hygiene science
• /
• v.7 no.2
• /
• pp.101-106
• /
• 2007

This research was based on self-filling survey which 128 dental hygienists who work in dental clinic and dental hospital on May 2006 through July 2006. This survey was analyzed the prevention against virus infection in dental hygienist at medical treatment. As follows analyzed results The experience of get a hand pricked by an infected needle rate is 76.6 percent and the majority of the dental hygienist are sterilize by disinfectant after wash hand and draw blood. The most of dental hygienist are experienced the education of the prevention infection in student and they think that It is necessary to prevention infection in medical treatment. The proportion of use the glove and mask in medical treatment and disuse the glove after medical treatment and the mask when mask get damped is high but the rate of put on the goggle in medical treatment and use the glove in washing and re-treat is low irrespective of age, clinical career, work place. As a result of Independent-sample T Test, the Hygienist who have experience the education of the prevention against virus infection are more excellent work than in-experience group in medical treatment. So we can find that the experience of the education of the prevention infection is very significant to prevention infection in dental hygienist.

• Journal of Service Research and Studies
• /
• v.9 no.2
• /
• pp.55-76
• /
• 2019

This study conducted empirical analyses to investigate the factors affecting the intention to use smart home services. Based on the previous relevant studies, the characteristics of smart home service were found to influence on the intention to use smart home service, and four variables(ubiquitous connectivity, reliability, context awareness, and security) concerning the service characteristics could be derived. And referring to the technology acceptance model(TAM), the updated TAM, IS success model, and the theory of reasoned action(TRA), three variables such as perceived ease of use, perceived usefulness and subjective norm were also likely to affect the intention to use smart home service, and the user innovativeness was inferred to play a role of moderating variable. In order to examine the research model and the hypotheses which could describe the relationship of the above mentioned variables, this study surveyed 447 people who were currently using or would use the smart home services, and then tested the hypotheses for 436 valid responses. The results of hypotheses testing showed that reliability, context awareness, and security have a significant effect on perceived usefulness and on perceived ease of use. However, it was found that ubiquitous connectivity significantly affected perceived usefulness but did not affect perceived ease of use. And perceived ease of use, perceived usefulness and subjective norm had significant effect on the intention to use smart home services. Also, user innovativeness as moderating variable was found to significantly influence on the magnitude of the relationship between ubiquitous connectivity and perceived usefulness and on that between reliability and perceived ease of use. This can be interpreted as the findings implying that innovative smart home-service users are likely to feel the smart home-services more useful than ordinary users when the degree of ubiquitous connectivity is higher, and are likely to perceive the use of smart home-services to be easier than ordinary ones when the degree of reliability is higher.

• Journal of Intelligence and Information Systems
• /
• v.20 no.2
• /
• pp.163-178
• /
• 2014

Following research proposes "Virtualization of Smart Cards (ViSCa)" which is a security system that aims to provide a multi-device platform for the deployment of services that require a strong security protocol, both for the access & authentication and execution of its applications and focuses on analyzing Virtualization of Smart Cards (ViSCa) platform-based mobile payment service by comparing with other similar cases. At the present day, the appearance of new ICT, the diffusion of new user devices (such as smartphones, tablet PC, and so on) and the growth of internet penetration rate are creating many world-shaking services yet in the most of these applications' private information has to be shared, which means that security breaches and illegal access to that information are real threats that have to be solved. Also mobile payment service is, one of the innovative services, has same issues which are real threats for users because mobile payment service sometimes requires user identification, an authentication procedure and confidential data sharing. Thus, an extra layer of security is needed in their communication and execution protocols. The Virtualization of Smart Cards (ViSCa), concept is a holistic approach and centralized management for a security system that pursues to provide a ubiquitous multi-device platform for the arrangement of mobile payment services that demand a powerful security protocol, both for the access & authentication and execution of its applications. In this sense, Virtualization of Smart Cards (ViSCa) offers full interoperability and full access from any user device without any loss of security. The concept prevents possible attacks by third parties, guaranteeing the confidentiality of personal data, bank accounts or private financial information. The Virtualization of Smart Cards (ViSCa) concept is split in two different phases: the execution of the user authentication protocol on the user device and the cloud architecture that executes the secure application. Thus, the secure service access is guaranteed at anytime, anywhere and through any device supporting previously required security mechanisms. The security level is improved by using virtualization technology in the cloud. This virtualization technology is used terminal virtualization to virtualize smart card hardware and thrive to manage virtualized smart cards as a whole, through mobile cloud technology in Virtualization of Smart Cards (ViSCa) platform-based mobile payment service. This entire process is referred to as Smart Card as a Service (SCaaS). Virtualization of Smart Cards (ViSCa) platform-based mobile payment service virtualizes smart card, which is used as payment mean, and loads it in to the mobile cloud. Authentication takes place through application and helps log on to mobile cloud and chooses one of virtualized smart card as a payment method. To decide the scope of the research, which is comparing Virtualization of Smart Cards (ViSCa) platform-based mobile payment service with other similar cases, we categorized the prior researches' mobile payment service groups into distinct feature and service type. Both groups store credit card's data in the mobile device and settle the payment process at the offline market. By the location where the electronic financial transaction information (data) is stored, the groups can be categorized into two main service types. First is "App Method" which loads the data in the server connected to the application. Second "Mobile Card Method" stores its data in the Integrated Circuit (IC) chip, which holds financial transaction data, which is inbuilt in the mobile device secure element (SE). Through prior researches on accept factors of mobile payment service and its market environment, we came up with six key factors of comparative analysis which are economic, generality, security, convenience(ease of use), applicability and efficiency. Within the chosen group, we compared and analyzed the selected cases and Virtualization of Smart Cards (ViSCa) platform-based mobile payment service.

• The Korean Journal of Air & Space Law and Policy
• /
• v.5
• /
• pp.53-75
• /
• 1993

This article is concerned with the comment on "Some New Problems of International Aviation Security-Considerations Forcused on its Legal Aspects". Ever since 1970, in addition to the problem of failure to accept the Tokyo, Hague and Montreal Conventions, there has been also the problem of parties to them, failing to comply with their obligations under the respective treaties, in the form especially of nominal penalties or the lack of any effort to prosecute after blank refusals to extradite. There have also been cases of prolonged detention of aircraft, passengers and hostages. In this regard, all three conventions contain identical clauses which submit disputes between two or more contracting States concerning the interpretation or application of the respective conventions to arbitration or failing agreement on the organization of the arbitration, to the International Court of Justice. To the extent to which contracting States have not contracted out of this undertaking, as I fear they are expressly allowed to do, this promision can be used by contracting States to ensure compliance. But to date, this avenue does not appear to have been used. From this point of view, it may be worth mentioning that there appears to be an alarming trend towards the view that the defeat of terrorism is such an overriding imperative that all means of doing so become, in international law, automatically lawful. In addition, in as far as aviation security is concerned, as in fact it has long been suggested, what is required is the "application of the strictest security measures by all concerned."In this regard, mention should be made of Annex 17 to the Chicago Convention on Security-Safeguarding International Civil Aviation against Acts of Unlawful Intereference. ICAO has, moreover, compiled, for restricted distribution, a Security Manual for Safeguarding Civil Aviation Against Acts of Unlawful Interference, which is highly useful. In this regard, it may well be argued that, unless States members of ICAO notify the ICAO Council of their inability to comply with opecific standards in Annex 17 or any of the related Annexes in accordance with Article 38 of the 1944 Chicago Convention on International Civil Aviation, their failure to do so can involve State responsibility and, if damage were to insure, their liability. The same applies to breaches of any other treaty obligation. I hope to demonstrate that although modes of international violence may change, their underlying characteristics remain broadly similar, necessitating not simply the adoption of an adequate body of domestic legislation, firm in its content and fairly administered, but also an international network of communication, of cooperation and of coordination of policies. Afurther legal instrument is now being developed by the Legal Committee of ICAO with respect to unlawful acts at International airports. These instruments, however, are not very effective, because of the absence of universal acceptance and the deficiency I have already pointed out. Therefore, States, airports and international airlines have to concentrate on prevention. If the development of policies is important at the international level, it is equally important in the domestic setting. For example, the recent experiences of France have prompted many changes in the State's legislation and in its policies towards terrorism, with higher penalties for terrorist offences and incentives which encourage accused terrorists to pass informations to the authorities. And our government has to tighten furthermore security measures. Particularly, in the case an unarmed hijacker who boards having no instrument in his possession with which to promote the hoax, a plaintiff-passenger would be hard-pressed to show that the airline was negligent in screening the hijacker prior to boarding. In light of the airline's duty to exercise a high degree of care to provide for the safety of all the passengers on board, an acquiescence to a hijacker's demands on the part of the air carrier could constitute a breach of duty only when it is clearly shown that the carrier's employees knew or plainly should have known that the hijacker was unarmed. The general opinion is that the legal oystem could be sufficient, provided that the political will is there to use and apply it effectively. All agreed that the main responsibility for security has to be borne by the governments. A state that supports aviation terrorism is responsible for violation of International Aviation Law. Generally speaking, terrorism is a violation of international law. It violates the sovereign rights of states, and the human rights of the individuals. We have to contribute more to the creation of a general consensus amongst all states about the need to combat the threat of aviation terrorism. I think that aviation terrorism as becoming an ever more serious issue, has to be solved by internationally agreed and closely co - ordinated measures.