• Information Systems Review
• /
• v.10 no.2
• /
• pp.123-135
• /
• 2008

The online advertising industry's business model undertakes the change from CPM (cost-per-mille)-based to CPC(cost-per-click)-based. However, due to the problem of 'Click Fraud', CPA (cost-per-action) has been regarded as a new step. For CPA, publishers need to get information after a user clicks an advertisement. Therefore, in CPA, the key is to get Conversion Action Data (CAD). This paper introduces two existing mechanisms for getting CAD, compare their characteristics, and analyze their limitations. Then the two new mechanisms are introduced and their requirements and feasibility are analyzed. Lastly, we compare the existing two and the new two mechanisms, and point out each mechanism's business possibility, value and Application Area. This paper will help publishers choose the most appropriate mechanism on the basis of their situation.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.11
• /
• pp.6849-6855
• /
• 2014

Recently, with the increasing use of smart phones, security issues, such as safety and reliability of the use of the Android application has become a topic to provide services in various forms. An Android application is performed using several important files in the form of an apk file. On the other hand, they may be subject to unauthorized use, such as the loss of rights and privileges due to the insertion of malicious source code of these apk files. This paper examines the Android environment to study ways to define the threats related to the unauthorized use of the application source code, and based on the results of the analysis, to prevent unauthorized use of the application source code. In this paper, a system is provided using a third body to prevent and detect applications that have been counterfeited or forged illegally and installed on Android devices. The application provides services to existing systems that are configured with only the service server that provides users and applications general, This paper proposes the use of a trusted third party for user registration and to verify the integrity of the application, add an institution, and provide a safe application.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1513-1526
• /
• 2016

Since finance companies started e-banking services, those services have been diversified and use of them has continued to increase. Finance companies are implementing financial security policy for safe e-banking services, but e-Banking incidents are continuing to increase and becoming more intelligent. Along with the rise of internet banks and boosting Fintech industry, financial supervisory institutes are not only promoting user convenience through improving e-banking regulations such as enforcing Non-face-to-face real name verification policy and abrogating mandatory use of public key certificate or OTP(One time Password) for e-banking transactions, but also recommending the prevention of illegal money transfer incidents through upgrading FDS(Fraud Detection System). In this study, we assessed a blacklist based auto detection method suitable for overall situations for finance company, a real-time based suspicious transaction detection method linking with blacklist statistics model by each security level, and an alternative FDS model responding to typical transaction patterns of which information were collected from previous e-Banking incidents.

• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.53-59
• /
• 2013

As the hacking technology for cyber-terror and financial fraud evolves, the research and development for advanced and standardized information security technology is growing to be more and more important. In this paper, the domestic level of technology and standardization for information security as compared to advanced country is diagnosed, and future policy is presented by analyzing the influence effect for market and technology. The information security is classified into information security-based & user protection, network & system security, and application security & evaluation validation with details of OTP-based validation, smart-phone app security, and mobile electronic finance, etc. The analytic results indicate that domestic level is some poor for advanced country, the technological development and standardization capability for smart-phone app security and mobile electronic finance is needed, and finally the government's supporting policy for the future Internet is urgently needed.

• Journal of Information Processing Systems
• /
• v.8 no.3
• /
• pp.495-520
• /
• 2012

A secure Electronic Payment System (EPS) is essential for the booming online shopping market. A successful EPS supports the transfer of electronic money and sensitive information with security, accuracy, and integrity between the seller and buyer over the Internet. SET, CyberCash, Paypal, and iKP are the most popular Credit Card-Based EPSs (CCBEPSs). Some CCBEPSs only use SSL to provide a secure communication channel. Hence, they only prevent "Man in the Middle" fraud but do not protect the sensitive cardholder information such as the credit card number from being passed onto the merchant, who may be unscrupulous. Other CCBEPSs use complex mechanisms such as cryptography, certificate authorities, etc. to fulfill the security schemes. However, factors such as ease of use for the cardholder and the implementation costs for each party are frequently overlooked. In this paper, we propose a Web service based new payment system, based on ANSI X9.59-2006 with extra features added on top of this standard. X9.59 is an Account Based Digital Signature (ABDS) and consumer-oriented payment system. It utilizes the existing financial network and financial messages to complete the payment process. However, there are a number of limitations in this standard. This research provides a solution to solve the limitations of X9.59 by adding a merchant authentication feature during the payment cycle without any addenda records to be added in the existing financial messages. We have conducted performance testing on the proposed system via a comparison with SET and X9.59 using simulation to analyze their levels of performance and security.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.10a
• /
• pp.755-758
• /
• 2016

The use of smart phones has had a great impact on the mobile internet business. It shows a lot of growth in the healthcare sector not only commerce, advertising, billing, games, video content, media, amd O2O business. The United States has eased the regulations for healthcare apps smart phone devices in 2015, and China has established a five-year road map to solve shortage of doctors and hospital beds by utilizing mobile devices such as wearable in the same year. The application of wearable devices in the medical field is gradually increasing in Korea too, but there is a security problem as leading challenge. Security incidents in non-ICT sectors such as financial, medical, etc. have increased by using ICT each year. Personal information leakage is also increasing in field likely occurring the potential secondary damages such as financial fraud, illegal promotions, insurance and pharmaceutical companies abuse. In this study, we analyze malwares as the mobile threats, the five risks of mobile smart phone, mobile use cases and the mobile threat countermeasures for healthcare.

• Journal of Internet Computing and Services
• /
• v.18 no.3
• /
• pp.71-83
• /
• 2017

In recent years, by utilizing the greatest strengths of process mining, the various research activities have been actively progressed to use auditing work of business organization. On the other hand, there is insufficient research on systematic and efficient analysis of massive data generated under big data environment using process mining, and proactive monitoring of risk management from audit side, which is one of important management activities of corporate organization. In this study, we intend to realize Hadoop-based internal audit integrated real-time monitoring system in order to detect the abnormal symptoms in prevent accidents in advance. Through the integrated real-time monitoring system for purchasing audit, we intend to realize strengthen the delivery management of purchasing materials ordered, reduce cost of purchase, manage competitive companies, prevent fraud, comply with regulations, and adhere to internal control accounting system. As a result, we can provide information that can be immediately executed due to enhanced purchase audit integrated real-time monitoring by analyzing data efficiently using process mining via Hadoop-based systems. From an integrated viewpoint, it is possible to manage the business status, by processing a large amount of work at a high speed faster than the continuous monitoring, the effectiveness of the quality improvement of the purchase audit and the innovation of the purchase process appears.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.2
• /
• pp.71-85
• /
• 2016

The purpose of this research is to study technical and policy improvements of carrier billing services, which are a developing and growing industry, by adopting a meta-analysis method. Implications were derived from studying 15 years-worth of academic research papers (from 2001 to 2015), by analyzing the trends over a total of 109 such research papers on carrier billing services. First, looking at the characteristics of the main studies of the papers from 2008 to 2009, it papers appeared that dealt with preventing fraudulent transactions and preserving consumer protection. Privacy, policy proposals and studies for new systems were researched from 2010-2012. Service, success factors, damage prevention systems research, law, and institutions were discussed in 2013-2015 mainly. Second, the research showed that the number of carrier billing service studies increased due to social issues(telecommunications billing services deregulation, the emergence smartphones, fraud). Third, in sectorial research results, technology was the focus area of 47 papers (43.1%), the service sector was the focus of 39 pieces (35.8%) and law and policy improvement accounted for 23 pieces (21.1%). The study of technology and service areas was the most active and according to changes in the environment, law and policy improvement were second to most active. This study will contribute to improving relevant institutions and research directions about study trends in carrier billing services.

• Korean journal of communication and information
• /
• v.75
• /
• pp.43-79
• /
• 2016

An increase in the number of immigrants to Korea since the late 1980s' has signified the proliferation of globalization and global capitalism. In Korea, most married immigrants are women, as the culture emphasizes patrilineage and the stability of the institution of marriage, particularly in rural areas. Immigrant women have experienced dual ordeals. The Aogra Internet community in Korea has been one of the most representative sites that has shown the power of communities in cyberspace since 2002, leading the discussion of social issues and deliberative democracy both online and offline. This paper analyzed Koreans' writings (such as long comments) on immigrant women in the Agora community. The analysis revealed the following results: first, immigrant women were referred to using terms related to prostitution, with excessive expression of disgust, which is called a "narrative of identity." Second, anti-multiculturalists called Korean men victims of married immigrant women and expressed hatred toward immigrant women, which is called a "narrative of sacrifice." Third, anti-multiculturalists justified their emotions as just resentment based on ideas of justice, equality, and patriotism, concealing the emotion of disgust, which is called the "narrative of justice, equality." Fourth, antimulticulturalists played roles to spread the emotion of disgust, by repeatedly referring to international marriage fraud and immigrant workers' crimes, which is called "narrative of crime." Fifth, some positive writings on immigrant women were based on empathy(a concept defined in this context by Martha Nussbaum), but they can be analyzed as narratives encouraging cultural integration through the perspective of orientalism. Therefore, comments on immigrant women in the Agora represent a "catch-22" dilemma. To deal with conflicts arising from disgust and violations of human rights, civic education focusing on humanism is needed in this multicultural era.

• Journal of Internet Computing and Services
• /
• v.17 no.6
• /
• pp.123-131
• /
• 2016

Process mining in big data environment utilize a number of data were generated from the business process. It generates lots of knowledge and insights regarding implementation and improvement of the process through the event log of the company's enterprise resource planning (ERP) system. In recent years, various research activities engaged with the audit work of company organizations are trying actively by using the maximum strength of the mining process. However, domestic studies on applicable sales auditing system for the process mining are insufficient under big data environment. Therefore, we propose process-mining methods that can be optimally applied to online and traditional auditing system. In advance, we propose continuous monitoring information system that can early detect and prevent the risk under the big data environment by monitoring risk factors in the organizations of enterprise. The scope of the research of this paper is to design a pre-verification system for risk factor via practical examples in sales auditing. Furthermore, realizations of preventive audit, continuous monitoring for high risk, reduction of fraud, and timely action for violation of rules are enhanced by proposed sales auditing system. According to the simulation results, avoidance of financial risks, reduction of audit period, and improvement of audit quality are represented.