• The Korean Journal of Financial Management
• /
• v.8 no.1
• /
• pp.139-153
• /
• 1991

This paper examines the pecuniary effects stemming from insider trading in the equities of firms targeted for acquisition. Illegal exchanges by those having advantageous information are found to result in excessive returns to stockholders of the sought firms. However, unusual market activities are not typical immediately subsequent to the illegal trading date, suggesting that nonpublic information is synthesized by market mechanisms with sufficient speed so that others cannot profit by imitating the better informed traders. The obtained evidence does not support the contention that insider trading on nonpublic information harms the outsider stockholders of involved firms.

• Journal of KIISE:Information Networking
• /
• v.35 no.1
• /
• pp.76-90
• /
• 2008

Wireless sensor networks are expected to play a vital role in the upcoming age of ubiquitous computing such as home environmental, industrial, and military applications. Compared with the vivid utilization of the sensor networks, however, security and privacy issues of the sensor networks are still in their infancy because unique challenges of the sensor networks make it difficult to adopt conventional security policies. Especially, node compromise is a critical threat because a compromised node can drain out the finite amount of energy resources in battery-powered sensor networks by launching various insider attacks such as a false data injection. Even cryptographic authentication mechanisms and key management schemes cannot suggest solutions for the real root of the insider attack from a compromised node. In this paper, we propose a novel trust-based secure aggregation scheme which identifies trustworthiness of sensor nodes and filters out false data of compromised nodes to make resilient sensor networks. The proposed scheme suggests a defensible approach against the insider attack beyond conventional cryptographic solutions. The analysis and simulation results show that our aggregation scheme using trust evaluation is more resilient alternative to median.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.4
• /
• pp.11-17
• /
• 2017

Organizations are experiencing an ever-growing concern of how to prevent confidential information leakage from internal employees. Those who have authorized access to organizational data are placed in a position of power that could well be abused and could cause significant damage to an organization. In this paper, we investigate the task of detecting such insider through a method of modeling a user's normal behavior in order to detect anomalies in that behavior which may be indicative of an data leakage. We make use of Hidden Markov Models to learn what constitutes normal behavior, and then use them to detect significant deviations from that behavior. Experiments have been made to determine the optimal HMM parameters and our result shows detection capability of 20% false positive and 80% detection rate.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.167-172
• /
• 2016

The purpose of this study is to provide implications for preventing insider information leakages in public agencies for national security. First, the study examined the definitions and current usage of information security systems of public agencies were examined. Second, web-service base information leaks and malware-base information leaks were discussed and three major credit card companies' personal information leakage cases were analyzed. Based on the analysis, four solutions were provided. First, information leakages can be protected by using web filtering solutions based on the user, which make possible to limit frequencies of malware exposures. Second, vaccine programs and vaccine management system should be implemented to prevent information leakages by malware. Third, limit the use of portable devices within local networks to prevent information leakages and vaccines programs for malware should be regularly used. Forth, to prevent information leakages by smartphone malwares, data encryption application should be used to encrypt important information.

• Convergence Security Journal
• /
• v.11 no.5
• /
• pp.3-12
• /
• 2011

According to the NIS, damages due to leaking industrial technology are reaching tens of trillion won. The type of damages are classified according to insider leaks, joint research, and hacking, illegal technology leaks and collaborated camouflaged. But 80% of them turned out to be an insider leak about connecting with physical security. The convergence of IT and non IT is accelerating, and the boundaries between all area are crumbling. Information Security Industry has grown continuously focusing Private Information Security which is gradually expanding to Knowledge Information Security Industry, but Information Security Industry hereafter is concentrated with convergence of IT Security Technology and product, convergence of IT Security and Physical Security, and IT convergence Industry Security. In this paper, for preventing company information leaks, logical security and physical security both of them are managed at the same level. In particular, using convergence of physical security systems (access control systems, video security systems, and others) and IT integrated security control system, convergence security monitoring model is proposed that is the prevention of external attacks and insider leaks, blocked and how to maximize the synergy effect of the analysis.

• Convergence Security Journal
• /
• v.18 no.5_1
• /
• pp.45-51
• /
• 2018

As data utilization and importance becomes important, data-related accidents and damages are gradually increasing. Especially, insider threats are the most harmful threats. And these insider threats are difficult to detect by traditional security systems, so rule-based abnormal behavior detection method has been widely used. However, it has a lack of adapting flexibly to changes in new attacks and new environments. Therefore, in this paper, we propose an adaptive anomaly movement detection framework based on a statistical Markov model to detect insider threats in advance. This is designed to minimize false positive rate and false negative rate by adopting environment factors that directly influence the behavior, and learning data based on statistical Markov model. In the experimentation, the framework shows good performance with a high F2-score of 0.92 and suspicious behavior detection, which seen as a normal behavior usually. It is also extendable to detect various types of suspicious activities by applying multiple modeling algorithms based on statistical learning and environment factors.

• The Journal of Society for e-Business Studies
• /
• v.23 no.4
• /
• pp.153-169
• /
• 2018

Previous e-financial anomalies analysis and detection technology collects large amounts of electronic financial transaction logs generated from electronic financial business systems into big-data-based storage space. And it detects abnormal transactions in real time using detection rules that analyze transaction pattern profiling of existing customers and various accident transactions. However, deep analysis such as attempts to access e-finance by insiders of financial institutions with large scale of damages and social ripple effects and stealing important information from e-financial users through bypass of internal control environments is not conducted. This paper analyzes the management status of e-financial security programs of financial companies and draws the possibility that they are allies in security control of insiders who exploit vulnerability in management. In order to efficiently respond to this problem, it will present a comprehensive e-financial security management environment linked to insider threat monitoring as well as the existing e-financial transaction detection system.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.5
• /
• pp.67-74
• /
• 2023

In this paper, we analyze the authentication protocol for DRM proposed by Hussain et al. in 2022, and present an improved solution. Hussain et al. argued that their authentication protocol guarantees man-in-the-middle attack, replay attacks, and mutual authentication. However, as a result of analyzing Hussain et al.'s authentication protocol in this paper, Hussain et al.'s authentication protocol still has an insider attack problem, a problem with Yu et al.'s authentication protocol that they pointed out. For this reason, when an inside attacker acquires information on a mobile device, a user impersonation attack was also possible. In addition, there were problems with the user's lack of ID format verification and the problem of the secret key mismatch of the digital contents between the server and the user. Therefore, this paper proposes an improved solution to solve these problems. As a result of analysis in this paper, the improved solution is safe from various attacks such as smart card attack, insider attack, and password guessing attack and can safely authenticate users of DRM.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.6
• /
• pp.53-60
• /
• 2024

In this paper, we analyze the authentication scheme of Hwang et al. proposed in 2023 and propose a new authentication scheme that improves its problems. Hwang et al. claimed that their authentication scheme was practical and secure, but as a result of analysis in this paper, it is possible to attack the password/ID guessing attack and session key disclosure attack due to insider attack and stolen smart card attack. In addition, Hwang et al.'s authentication scheme, which provides user anonymity, does not provide user untraceability due to its unstable design. The proposed authentication scheme, which improves these problems, not only provides user untraceability, but also is secure for stolen smart card attack, insider attack, session key disclosure attack, and replay attack. In addition, except for one fuzzy extraction operation, it shows the same complexity or very similar one as related authentication schemes. Therefore, the proposed authentication scheme can be said to be an authentication scheme with safety and practicality.

• The KIPS Transactions:PartC
• /
• v.14C no.3 s.113
• /
• pp.229-238
• /
• 2007

Sensor networks consist of many tiny sensor nodes that collaborate among themselves to collect, process, analyze, and disseminate data. In sensor networks, sensor nodes are typically powered by batteries, and have limited computing resources. Moreover, the redeployment of nodes by energy exhaustion or their movement makes network topology change dynamically. These features incur problems that do not appear in traditional, wired networks. Security in sensor networks is challenging problem due to the nature of wireless communication and the lack of resources. Several efforts are underway to provide security services in sensor networks, but most of them are preventive approaches based on cryptography. However, sensor nodes are extremely vulnerable to capture or key compromise. To ensure the security of the network, it is critical to develop suity mechanisms that can survive malicious attacks from "insiders" who have access to the keying materials or the full control of some nodes. In order to protect against insider attacks, it is necessary to understand how an insider can attack a sensor network. Several attacks have been discussed in the literature. However, insider attacks in general have not been thoroughly studied and verified. In this paper, we study the insider attacks against routing protocols in sensor networks using the Ad-hoc On-Demand Distance Vector (AODV) protocol. We identify the goals of attack, and then study how to achieve these goals by modifying of the routing messages. Finally, with the simulation we study how an attacker affects the sensor networks. After we understand the features of inside attacker, we propose a detect mechanism using hop count information.