• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2015년도 춘계학술대회
• /
• pp.790-791
• /
• 2015

본 연구에서는 타 기술과의 융합을 통하여 그 영역이 지속적으로 확대되고 있는 정보보호 산업의 글로벌 시장동향을 분석하였다. 국내 정보보호 산업 시장은 2013년 현재 국내시장이 세계시장에서 차지하는 점유율이 매우 낮다는 점과 수차례의 보안사고로 인한 경각심 고조, 물리보안 수출의 확대 등의 요인을 고려하면 세계 정보보호 산업에 비해 높은 성장률을 보일 것으로 전망된다. 주목해야 할 점은 국내 시장은 제품시장이 주도하지만, 세계시장은 서비스 시장이 주도할 것이라는 전망이다. 따라서 국내 정보보호 산업의 현재의 부진을 극복하기 위해서는 상대적으로 부가가치가 높은 서비스 시장에 보다 중점을 둔 시장육성 전략이 요구된다.

• Journal of Information Technology Applications and Management
• /
• 제18권1호
• /
• pp.55-74
• /
• 2011

The growth in the use of ubiquitous computing based on mobile services as an enabler to conduct business more effectively has been phenomenal. Technology acceptance model (TAM) has been applied in different contexts to examine a wide range of information technologies (IT). As more and more companies are finding ways to utilize ubiquitous computing based on mobile services, an important issue is to understand what factors will impact the decisions of consumers in adopting the services. Based on TAM with three additional groups of external factors, i.e., service-related factors (ubiquitous access, context awareness) and technology-related factors (perceived security risk, network connectivity) that are theoretically justified as having influence on both perceived usefulness and perceived ease of use which are additionally considered, a research model for the investigated technology acceptance was developed and empirically examined, using responses from more than intended users of ubiquitous computing based on mobile services. The specific purposes of this study are as follows. Firstly, this study is to identify service beliefs considering unique characteristics for ubiquitous services such as perceived ubiquitous access and perceived context awareness. Secondly, this study is to investigate network characteristics beliefs such as perceived security and perceived connectivity. Thirdly, this paper investigates the relationship among variables such as ubiquitous characteristics, network characteristics, behavioral beliefs, and intention to use ubiquitous web services. This study uses a structural equation model to test the research model. The major results of this study are as follows. Firstly, ubiquitous access has a influence on perceived usefulness and perceived ease of use. Context awareness has an influence on perceived usefulness. Secondly, User familiarity has an influence on perceived usefulness and perceived ease of use, and intention to use. User innovativeness has an influence on perceived ease of use. Thirdly, perceived security risk has an influence on perceived usefulness and perceived ease of use. Network connectivity has an influence on perceived usefulness and perceived ease of use. Fourth, there exist differential effects among factors in structural model among information, transaction, and entertainment services.

• 정보보호학회논문지
• /
• 제27권4호
• /
• pp.913-921
• /
• 2017

스마트폰의 대중화 보급은 모바일 인터넷 사용자를 증가시켰고 이로 인해 모바일 전자상거래 서비스도 급속히 성장하고 있다. 이런 급격한 성장과 더불어 모바일커머스 사용자의 보안 및 개인정보유출에 대한 불안감도 더욱더 커지고 있다. 따라서 모바일커머스의 지속적인 확대와 성장을 위해서는 보안과 개인정보보호가 무엇보다 중요하다는 인식하에 보안과 개인정보보호가 사용자의 모바일커머스 사용의도에 미치는 영향력을 심도 있게 분석하고자 하였다. 이에 본 연구에서는 모바일커머스 방문 경험자를 중심으로 설문조사를 하여 보안과 개인정보보호 인식이 지각된 위험과 지각된 신뢰, 사용의도 간에 미치는 영향을 분석하였다. 연구결과, 보안과 개인정보보호는 모바일 상거래에 대한 불안과 불확실성을 감소시킴으로써 사용자들의 모바일커머스에 대한 신뢰향상에 기여하며, 이런 결과가 사용의도를 높이는 심리적 기제에 영향을 미치는 중요한 요인으로 나타났다.

• 한국통신학회논문지
• /
• 제39C권1호
• /
• pp.1-8
• /
• 2014

본 논문에서는 AP와 모바일 단말을 이용하여 내부 네트워크의 정보 유출 및 변조를 방지하고 비인가 단말의 탐지 및 접속 차단을 하는 방법을 제안한다. 기존의 비인가 단말 탐지 및 차단 기법은 Evil Twin과 같은 형태의 탐지 기법이 주를 이루고 있다. 그러나 기존의 연구들은 다양한 형태로 발생하는 보안 사고를 모두 해결할 수 없으며 다양한 환경의 네트워크에서 효과적으로 대응하는데 문제가 있다. 이러한 문제를 해결하기 위해 기업에서는 다양한 정책과 가이드라인을 통해 대비를 하지만 꾸준히 늘어나는 보안 문제로 인해 모든 것을 대비하기는 어려운 상황이다. 본 논문에서는 위의 문제를 해결하기 위해 상황 인지 기술과 모바일 단말 관리 기술 기반의 비인가 단말 탐지 및 차단 기법을 제안한다. 먼저, 모바일 단말이 내부 네트워크의 진입을 시도할 때 모바일 단말의 상황정보를 인지하여 모바일 단말의 접속 허가 여부 및 권한을 판별하고 이 결과 값을 이용하여 모바일 단말에게 알맞은 관리 기술을 적용하여 내부 데이터 유출 및 침해를 방지한다.

• 정보보호학회논문지
• /
• 제26권4호
• /
• pp.1037-1055
• /
• 2016

개인정보보호법 제정 이후, 개인정보보호를 위한 정책 및 관련된 제반활동이 활발하게 진행되고 있다. 하지만, 개인 정보 유출 사고가 계속 발생하면서 국민들은 개인정보보호에 대한 부정적인 태도를 보이고 있다. 이에 본 논문은 국가 개인정보보호 정책이 국민에게 어떠한 의미로 인식되는지 확인하고자, SERVQUAL 기법을 이용하여 국민의 인식 측면에서 정책의 효과성에 대한 실증적인 분석을 시도하였다. 분석 결과, 국민들은 국가 개인정보보호 정책이 효과적이라고 인식하지만 인식 수준 자체는 낮으며, 신속성, 편의성, 책임성에 대한 정책 효과를 높게 인식하지만 효율성에 대한 효과는 낮게 인식하고 있다. 국민이 만족하는 국민 지향적 개인정보보호 정책으로의 발전을 위해서는 국민의 기대/지각 인식과 효과성 인식 수준이 낮은 사항에 초점을 둔 정책의 개선이 요구된다.

• ETRI Journal
• /
• 제33권5호
• /
• pp.770-779
• /
• 2011

Security quad and cube (SQC) is a network attack analyzer that is capable of aggregating many different events into a single significant incident and visualizing these events in order to identify suspicious or illegitimate behavior. A network administrator recognizes network anomalies by analyzing the traffic data and alert messages generated in the security devices; however, it takes a lot of time to inspect and analyze them because the security devices generate an overwhelming amount of logs and security events. In this paper, we propose SQC, an efficient method for analyzing network security through visualization. The proposed method monitors anomalies occurring in an entire network and displays detailed information of the attacks. In addition, by providing a detailed analysis of network attacks, this method can more precisely detect and distinguish them from normal events.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권6호
• /
• pp.2801-2816
• /
• 2016

Owing to their low scalability, weak support on big data, insufficient data collaborative analysis and inadequate situational awareness, the traditional methods fail to meet the needs of the security data analysis. This paper proposes visualization methods to fuse the multi-source security data and grasp the network situation. Firstly, data sources are classified at their collection positions, with the objects of security data taken from three different layers. Secondly, the Heatmap is adopted to show host status; the Treemap is used to visualize Netflow logs; and the radial Node-link diagram is employed to express IPS logs. Finally, the Labeled Treemap is invented to make a fusion at data-level and the Time-series features are extracted to fuse data at feature-level. The comparative analyses with the prize-winning works prove this method enjoying substantial advantages for network analysts to facilitate data feature fusion, better understand network security situation with a unified, convenient and accurate mode.

• Journal of Information Technology Applications and Management
• /
• 제25권4호
• /
• pp.1-21
• /
• 2018

Due to the increase in the use of the Internet, it is becoming more common to provide or use a social login for registering for services. Herein, the purpose of this study is to analyze the influence of security, individual innovativeness, ubiquity and brand awareness on the use of social log-in service through the individuals' attitude who have memorized various IDs and passwords by using Technology Acceptance Model (TAM). In addition, the effect of individual innovativeness on the relationship between social login characteristic factors and attitudes toward social login services are examined. Based on the statistical results, it is found that the significant factors affecting the attitude toward the social login service are the security, ubiquity, brand awareness and perceived usefulness. Moreover, the individual innovativeness is found to have the moderating effects in the relationship between the three factors (the perceived usefulness, and perceived ease of use, and security) and attitude toward the social login service. Positive attitudes increase with the usefulness, ease of using social login serive when individual innovativeness is high. On the other hand, when individual innovativeness is low, the stronger the effect of security on attitude toward the social login services. In accordance with these results, the implications and limitations of this study are discussed.

• 디지털산업정보학회논문지
• /
• 제10권4호
• /
• pp.97-107
• /
• 2014

The development of ICT has led positive aspects such as popularization of Internet. It, on the other hand, is causing a negative aspect, Cyber Terror. Although the causes for recent and continuous increase of cyber security incidents are various such as lack of technical and institutional security measure, the main cause which threatens the cyber security is the users' lack of awareness and attitude. The purpose of this study is the positive analysis of how the personal and job characteristics influence the cyber security training participation rate and the response ability to cyber terror response training with a sample case of K-corporation employees. In this paper, the relationship among career, gender, department, whether he/she is a cyber security specialist, whether he/she is a regular employee), "ratio of cyber security training courses during recent three years", "ratio that he/she has opened the malicious email in cyber terror response training during recent three years", "response index of virus active-x installation (higher index means poorer response)" is closely examined. Moreover, based on the examination result, the practical and political implications regarding K-corporation's cyber security courses and cyber terror response training are studied.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제17권2호
• /
• pp.609-625
• /
• 2023

This study is a demand research for the selection of public safety science and technology equipment and suggests an empirical research method. The technology demand survey is the beginning of the selection of innovative technology. And it is the basis of collecting information required for the technology required in the market and helping to apply it to the field. The demand survey for police science and technology can reduce the uncertainty of crime prevention and help the smooth implementation of security policies. However, in Korea, adoption of security science and technology equipment was centered on social issues or researchers' opinions rather than the demands of field users. Until, there was no research has been conducted on the demands of field police officers for selection of security science and technology equipment in Korea. Also, there was no preferential study for the demand for security science and technology equipment. Therefore, this study proposes a methodology that can systematically identify the needs for the technology and equipment of field experts suitable for the public security situation for the selection of security science and technology equipment. Specifically, we propose a sample design for a technology classification system and a survey tool for technology awareness and satisfaction. It is expected that this tool will provide a classification system for security science and technology equipment selected for the Korean police and will help determine the priority of equipment suitable for the field.