• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.21-28
• /
• 2020

In recent years, hacking and malware techniques have evolved and become sophisticated and complex, and numerous cyber-attacks are constantly occurring in various fields. Among them, the most widely used route for compromise incidents such as information leakage and system destruction was found to be E-Mails. In particular, it is still difficult to detect and identify E-Mail APT attacks that employ zero-day vulnerabilities and social engineering hacking techniques by detecting signatures and conducting dynamic analysis only. Thus, there has been an increased demand for indicators of compromise (IOC) to identify the causes of malicious activities and quickly respond to similar compromise incidents by sharing the information. In this study, we propose a method of extracting various forensic artifacts required for detecting and investigating Hacking E-Mails, which account for large portion of damages in security incidents. To achieve this, we employed a digital forensic indicator method that was previously utilized to collect information of client-side incidents.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.11
• /
• pp.419-426
• /
• 2016

As the threat of cyber incident grows continuously, the need of IOC(Indicators of Compromise) is increasing to identify the cause of incidents and share it for quick response to similar incidents. But only few companies use it domestically and the research about the application of IOC is deficient compared to foreign countries. Therefore in this paper, a quick and standardized way to create IOC automatically based on the analysis result of malwares from Cuckoo Sandbox and its application is suggested.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.4
• /
• pp.95-102
• /
• 2016

Computer security incident such as confidential information leak and data destruction are constantly growing and it becomes threat to information in digital devices. To respond against the incident, digital forensic techniques are also developing to help digital incident investigation. With the development of digital forensic technology, a variety of forensic artifact has been developed to trace the behavior of users. Also, a diversity of forensic tool has been developed to extract information from forensic artifact. However, there is a issue that information from forensic tools has its own forms. To solve this problem, it needs to process data when it is output from forensic tools. Then it needs to compare and analyze processed data to identify how data is related each other and interpret the implications. To reach this, it calls for effective method to store and output data in the course of data processing. This paper aims to propose DFIOC (Digital Forensic Indicators Of Compromise) that is capable of transcribing a variety of forensic artifact information effectively during incident analysis and response. DFIOC, which is XML based format, provides "Evidence" to represent various forensic artifacts in the incident investigation. Furthermore, It provides "Forensic Analysis" to report forensic analysis result and also gives "Indicator" to investigate the trace of incidence quickly. By logging data into one sheet in DFIOC format for forensic analysis process, it is capable of avoiding unnecessary data processing. Lastly, since collected information is recorded in a normalized format, data input and output becomes much easier as well as it will be convenient to use for identification of collected information and analysis of data relationship.

• The Journal of Society for e-Business Studies
• /
• v.15 no.1
• /
• pp.157-171
• /
• 2010

To effectively maintain manufacturing collaboration, the development of effective performance measurements for the collaboration is required. Most existing key performance indicators however were developed to measure the performances of internal activities or outsourcing of a company. For that reason, it is necessary to devise new key performance indicators that the partners participating in the collaboration can arrange and compromise with each other to reflect their common goals. In this paper, we propose collaborative Key Performance Indicators(cKPIs), which is used to measure the collaboration work of multiple manufacturing partners on the basis of the Supply Chain Operations Reference(SCOR) model. Also, a modified Sigmoid function is devised as a desirability function to reflect the characteristics of Service Level Agreement(SLA) between two partners. The proposed indicators and the desirability functions can be utilized to perform and maintain the successful collaboration by providing a way to the quantitative measurement.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.637-644
• /
• 2012

In our current information focused society, information is regarded as a core asset and the leakage of customers' information has emerged as a critical issue, especially in financial companies. It is very likely that the technology that safeguards which is currently in commercial use is not focused at an enterprise level but is fragmented by function or by only guards portions of a customer's personal information. Therefore, It is necessary to study the systems which monitor the indicators of access at an enterprise level in order to preemptively prevent the compromise of such data. This study takes an enterprise perspective on such systems for a financial company. I will focus on examination of the methods of implementation of the monitoring system, the application of pattern analysis and examination of Security Risk Indicators (SRI). A trial of the monitoring system provided security managers and related departments with proper screening capabilities of information. Therefore, it is possible to establish a systemic counter-plans based on detectable patterns.

• Proceedings of the KIEE Conference
• /
• 2007.07a
• /
• pp.121-122
• /
• 2007

Recently, there are two big paradigm shifts in the global electric power industry. First, the maintenance practice is gradually moved from time-based activities to reliability-centered activities. On the other hand, asset management is emerging as a new framework to maximize the efficiency of investments. The two paradigms are mutually exclusive in natural. Thus the power utilities usually chose the investment alternative on the basis of reliability in the past. But today's changed business environment - competition -requires the power utilities to compromise the trade-off of reliability effects and economics of investments. This paper shows what and how to interpret the reliability effects of distribution system investments into financial indicators beneficial for power utilities's managers to make decision on the perspective of corporate value.

• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 2003.05a
• /
• pp.800-807
• /
• 2003

Decomposition of tasks in the ordinary manufacturing systems is usually based on the predefined goal of the system. To achieve the high-level-goals (e.g., factory goal or company goal), several sub-goals should be achieved in advance. However, goals can change along with the current status of the system and the external environmental situations. Thus, a manufacturing system should support the goal-formations which can be bearable these changes for efficient and effective operations. Therefore, it IS necessary to develop a systematic methodology for the goal-formations in a manufacturing system. Especially, the formation and/or change of goals in real-time should be possible for distributed and dynamic systems including the fractal manufacturing system (FrMS). In this paper, a threefold methodology is proposed for the goal-formation process (GFP) in the FrMS; 1) a goal­generating process (GGP) to make and propagate fuzzy goals, 2) a goal-harmonizing process (GHP) to eliminate or reduce conflicts and interferences of goals by using a mobile agent- based negotiation scheme, and 3) a goal-balancing process (GBP) to make a compromise between goals by using quantifiable indicators of the manufacturing system.

• International Journal of Computer Science & Network Security
• /
• v.24 no.4
• /
• pp.179-191
• /
• 2024

With the advancement of modern technology, cyber-attacks are always rising. Specialized defense systems are needed to protect organizations against these threats. Malicious behavior in the network is discovered using security tools like intrusion detection systems (IDS), firewall, antimalware systems, security information and event management (SIEM). It aids in defending businesses from attacks. Delivering advance threat feeds for precise attack detection in intrusion detection systems is the role of cyber-threat intelligence (CTI) in the study is being presented. In this proposed work CTI feeds are utilized in the detection of assaults accurately in intrusion detection system. The ultimate objective is to identify the attacker behind the attack. Several data sets had been analyzed for attack detection. With the proposed study the ability to identify network attacks has improved by using machine learning algorithms. The proposed model provides 98% accuracy, 97% precision, and 96% recall respectively.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.6
• /
• pp.479-486
• /
• 2023

This study is a descriptive research study to determine differences in conflict management types according to MBTI preference indicators among nursing students. Data collection was from August 30 to September 30, 2023. Data analysis was performed using independent t-test, one-way ANOVA, and Scheffe's. As a result of the study, among the MBTI indicators showing significant differences in conflict management types, 'i' had higher avoidance than 'E' in the energy direction (t=-3.776, <0.01). In the case of decision-making function, F had higher concession (t=-3.478, <0.01) and avoidance (t=-3.389, <0.01) than T, and T had higher dominance than F (t=2.070, <0.5). In terms of external life coping style, J had higher cooperation (t=2.756, <0.01) and compromise (t=2.044, <0.5) than P. In MBTI's psychological function types, the NF type had higher concessions than the ST type (F=4.174, <0.05), and the SF type had higher avoidance than the ST type (F=4.202, <0.05). The results of analyzing the differences in conflict management types by combining the MBTI decision-making function type and external life coping style showed that the FJ type was more cooperative than the FP type (F=2.907, <0.05), and the FJ type was more cooperative than the TP type (F =4.662, <0.01), and the FJ type had higher avoidance than the TJ type (F=3.327, <0.05). MBTI's attitude index showed that the EJ type had higher cooperation than the EP type (F=2.817, <0.05), and the IP type had significantly higher avoidance than the EP type (F=4.551, <0.01). This study is significant in confirming differences in conflict management types by combining MBTI decision-making function types (F, T) and external life coping styles (J, P), which have not been studied in Korea to date. In the follow-up study, we propose research on conflict management types by MBTI personality type by reflecting the results of this study and expanding the number of subjects, development of conflict management programs by MBTI indicators and personality types, and analysis of program effectiveness.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.2
• /
• pp.159-169
• /
• 2023

The purpose of this study is, first, to establish a theory about the conflict between sustainable tourism development and the restoration process of modern cultural heritage. Second, a research model is established through literature research, and the difference in perception between the local government (Incheon Jung-gu Office) and the local residents is analyzed. Third, based on the results of the analysis, we will present a conflict management strategy for sustainable tourism development in the modern hotel restoration project. If a conflict management strategy is presented based on the analysis results, first, a procedure to confirm whether the goal of development for sustainable tourism development and local residents is the same before the modern cultural heritage restoration project is necessary. Second, it is necessary to coordinate opinions on priority items among sustainable tourism development indicators during the modern cultural heritage restoration project. Third, in the modern cultural heritage restoration project, priority should be given to the change of awareness of the development subject rather than the change of awareness of the local residents. Fourth, in the modern cultural heritage restoration project, the development entity should attempt continuous dialogue and compromise in an effort to find an alternative that satisfies local residents. Fifth, in the modern cultural heritage restoration project, it would be effective to pay special attention to and focus on the part of 'adjustment of opinions' where the difference of opinion between the developer and the local residents is the largest.