• Industry Promotion Research
• /
• v.8 no.4
• /
• pp.177-186
• /
• 2023

Modern society is operated based on the internet, wireless networks, and digital devices to the extent that it is called a digital society. In particular, as most of financial transactions, information movement, and commercial activities are based online, various social problems and side effects related to this are increasing rapidly. Representative examples include industrial espionage activities and leakage of industrial technology, and social problems such as illegal goods trade such as drugs using online and online gambling are increasing to a serious level. These digital-based social problems cannot be solved only by the activities and capabilities of judicial institutions such as police and prosecutors. Now that the private investigation market is open, active intervention using them is necessary. To this end, it is necessary to actively cultivate private investigator's ability to investigate and collect evidence in relation to digital social and criminal problems. In addition, each private investigation education institution or association should actively invest and research this.

• Korean Security Journal
• /
• no.22
• /
• pp.197-230
• /
• 2010

This study examined the institutional improvement directions of industrial security programs, particularly focusing upon policies and practices in the U.S., to enhance the effectiveness of industrial security programs in Korea. This study also aimed to investigate the significance of institutional and/or policy implementations in preventing economic espionage attempt. Data leakage and/or loss of trade secrets in corporations has been a scary proposition and a serious headache to both the CEOs and the CSOs(Chief Security Officers). Security professionals or practitioners have always had to deal with data leakage issues that arise from e-mail, instant messaging(IM), and other Internet communication channels. In addition, with the proliferation of wireless and mobile technology, it's now much easier than ever for loss by data breaches to occur, whether accidentally or maliciously or even by an economic espionage attempt. The researcher in this study used both a case study and a comparative research to analyze the different strategies and approaches between the U.S. and Korea in regard of implementing policies to mitigate damages by economic espionage attempts and prevent them from occurring. The researcher first examined the current policies and practices in the U.S. in terms of federal government's and agencies' approach and strategies on industrial security programs and their partnerships with private-commercial-sectors. The purpose of this paper is to explain and suggest selected findings, and a discussion of actions to be taken on implementing a proactive and tactical approach to enhance the effectiveness of industrial security programs to fight against information loss or data leaks. This study used case reviews, literatures, newspapers, articles, and Internet resources relating to the subject of this study for triangulation of data. The findings during this research are as follows. This research suggests that both the private and the governmental sector should closely cooperate in the filed of industrial security to strengthen its traditional prevention strategies and reduce opportunities of economic espionage as well. This study finally recognizes both the very importance of institutional development led by the Government in preventing economic espionage attempts and its effectiveness when properly united with effective industrial security programs.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39C no.10
• /
• pp.920-929
• /
• 2014

Recently, embedded system which demand is explosively increasing in the fields of communication, traffic, medical and industry facilities, expands to cyber physical system (CPS) which monitors and controls the networked embedded systems. In addition, internet of things(IoT) technology using wearable devices such as Google Glass, Samsung Galaxy Gear and Sony Smart Watch are gaining attention. In this situation, Samsung Smart Home and LG Home Chat are released one after another. However, since these services can be available only between smart phones and home appliances, there is a disadvantage that information cannot be passed to other terminals without commercial global messaging server. In this paper, to solve above issues, we propose the structure of an indoor location network based on unit space, which prevents the information of the devices or each individual person from leaking to outside and can selectively communicate to all existent terminals in the network using IoT chatting. Also, it is possible to control general devices and prevent external leakage of private information.

• Journal of Digital Convergence
• /
• v.18 no.6
• /
• pp.53-63
• /
• 2020

Electronic financial transactions are also actively increasing due to the rapid spread of information communication media such as the Internet, smart devices, and IoT, but as a derivative by-product, threats of financial security such as leakage of various personal information and hacking are also increasing. Therefore, the importance of financial security against this is increasing, but in Korea, financial security technology is relatively insufficient compared to advanced countries in the field of financial security, such as Active-X. Therefore, this study aims to present the major development direction in the domestic financial security field by comparing key technology trends with IPC classification frequency analysis, keyword frequency analysis, and keyword network analysis based on domestic and foreign financial security-related patent data. In conclusion, it seems that recent domestic and foreign trends have focused on the development of related technologies according to the development of smart device-based electronic financial services. Accordingly, it is intended to be used as the basis data for technology development of financial security by mapping the trend of financial security research trend and technology trend analysis through thesis data analysis that reflects the research of the preceding aspect as the technology of commercialization in the future.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.15 no.5
• /
• pp.981-986
• /
• 2020

The Internet of Things refers to a space-of-things connection network configured to allow things with built-in sensors and communication functions to interact with people and other things, regardless of the restriction of place or time.IoT is a network developed for the purpose of services for human convenience, but the scope of its use is expanding across industries such as power transmission, energy management, and factory automation. However, the communication protocol of IoT, MQTT, is a lightweight message transmission protocol based on the push technology and has a security vulnerability, and this suggests that there are risks such as personal information infringement or industrial information leakage. To solve this problem, we designed a synchronous MQTT security channel that creates a secure channel by using the characteristic that different chaotic dynamical systems are synchronized with arbitrary values in the lightweight message transmission MQTT protocol. The communication channel we designed is a method of transmitting information to the noise channel by using characteristics such as random number similarity of chaotic signals, sensitivity to initial value, and reproducibility of signals. The encryption method synchronized with the proposed key value is a method optimized for the lightweight message transmission protocol, and if applied to the MQTT of IoT, it is believed to be effective in creating a secure channel.

• Journal of Digital Convergence
• /
• v.11 no.3
• /
• pp.273-277
• /
• 2013

Phishing attacks have been implemented in smarter, more advanced ways with the passage of time. Hackers use intelligent phishing attacks to take over computers and to penetrate internal networks in major organizations. So, in this paper, a model for a prevention of phishing attack spread is conceptual designed in order to protect internal users and sensitive or important information from sophisticated phishing attacks. Internal users simultaneously utilize both external web and organizational mail services. And hackers can take the both side equally as a vector. Thus, packets in each service must be monitored and stored to recognize threatening elements from both sides. The model designed in this paper extends the mail server based security structure used in conventional studies for the protection of Internet mail services accessed by intranet users. This model can build a list of phishing sites as the system checks e-mails compared to that of the method that directly intercepts accesses to phishing sites using a proxy server, so it represents no standby time for request and response processes.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.7
• /
• pp.183-194
• /
• 2018

With the rapid development of IoT(Internet of Things) technology, various convenient services such as smart home and smart city have been realized. However, IoT devices in unmanned environments are exposed to various security threats including eavesdropping and data forgery, information leakage due to unauthorized access. To build a secure IoT environment, it is necessary to use proper cryptographic technologies to IoT devices. But, it is impossible to apply the technologies applied in the existing IT environment, due to the limited resources of the IoT devices. In this paper, we survey the classification of IoT devices according to the performance and analyze the security requirements for IoT devices. Also we survey and analyze the use of cryptographic technologies in the current status of IoT open standard platform such as AllJoyn, oneM2M, IoTivity. Based on the research of cryptographic usage, we examine whether each platform satisfies security requirements. Each IoT open platform provides cryptographic technology for supporting security services such as confidentiality, integrity, authentication an authorization. However, resource constrained IoT devices such as blood pressure monitoring sensors are difficult to apply existing cryptographic techniques. Thus, it is necessary to study cryptographic technologies for power-limited and resource constrained IoT devices in unattended environments.

• Journal of Intelligence and Information Systems
• /
• v.18 no.1
• /
• pp.91-107
• /
• 2012

As the Internet becomes more popular, many people use it to communicate. With the increasing number of personal homepages, blogs, and social network services, people often expose their personal information online. Although the necessity of those services cannot be denied, we should be concerned about the negative aspects such as personal information leakage. Because it is impossible to review all of the past records posted by all of the people, an automatic personal information detection method is strongly required. This study proposes a method to detect or classify online documents that contain personal information by analyzing features that are common to personal information related documents and learning that information based on the Na$\ddot{i}$ve Bayes algorithm. To select the document classification algorithm, the Na$\ddot{i}$ve Bayes classification algorithm was compared with the Vector Space classification algorithm. The result showed that Na$\ddot{i}$ve Bayes reveals more excellent precision, recall, F-measure, and accuracy than Vector Space does. However, the measurement level of the Na$\ddot{i}$ve Bayes classification algorithm is still insufficient to apply to the real world. Lewis, a learning algorithm researcher, states that it is important to improve the quality of category features while applying learning algorithms to some specific domain. He proposes a way to incrementally add features that are dependent on related documents and in a step-wise manner. In another experiment, the algorithm learns the additional dependent features thereby reducing the noise of the features. As a result, the latter experiment shows better performance in terms of measurement than the former experiment does.

• Smart Media Journal
• /
• v.8 no.3
• /
• pp.23-30
• /
• 2019

With the popularization of the Internet and smartphone uses, people in the modern era are living in a multi-channel environment in which they access the information system freely through various methods and media. In the process of utilizing such services, users must authenticate themselves, the typical of which is ID & password authentication. It is considered the most convenient method as it can be authenticated only through the keyboard after remembering its own credentials. On the other hand, modern web services only allow passwords to be set with high complexity by different combinations. Passwords consisting of these complex strings also increase proportionally, since the more services users want to use, the more user authentication information they need to remember is recommended periodically to prevent personal information leakage. It is difficult for the blind, the disabled, or the elderly to remember the authentication information of users with such high entropy values and to use it through keyboard input. Therefore, this paper proposes a user authentication method using Google Assistant, MFCC and DTW algorithms and speaker authentication to provide the handicapped users with an easy user authentication method in the login process.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.6 no.7
• /
• pp.9-16
• /
• 2016

As life in a rapidly changing Internet age at home and abroad, large amounts of information are being used medical, financial, services, etc. Accordingly, especially hospitals, is an invasion of privacy caused by leakage and intrusion of personal information in the system in medical institutions, including clinics institutions. To protect the privacy & information protection of personal health medical information in medical institutions at home and abroad presented by national policies and de-identification processing technology standards in accordance with the legislation. By comparative analysis in existing domestic and foreign institutional privacy and de-identification technique, derive a advanced one of pseudonymization and anonymization techniques for destination data items that fell short in comparison to the domestic laws and regulations, etc. De-identification processing technology for personal health information is compared to a foreign country pharmaceutical situations. We propose a new de-identification techniques by reducing the risk of re-identification processing to enable the secondary use of domestic medical privacy.