• Information Systems Review
• /
• v.19 no.3
• /
• pp.155-177
• /
• 2017

The purpose of this study is to investigate those factors that are influenced when a user recognizes his/her private information value as an economic asset. The relationship among these factors will also be discussed. This research targets Internet users, and the value of their private information will be converted into economic figures. How economic value changes in relation with individual attributes, dealer's traits, and circumstantial properties will also be studied. The changes in the factors of private information value under different situations will be analyzed from an economic perspective. By using the cost-benefit analysis framework, this work hypothesizes that the user's private information value can be influenced by individual attributes and situational properties. in the business aspect, this study can help users recognize the true value of their personal information and minimize the cost resulting from private information security incidents. This work also highlights the necessity of estimating the scale of investments for protecting private information. Overall, this research will proceed under the hypothesis that the users' recognition of their private information value is influenced by the attributes of the individual, dealers, or situations.

• Management & Information Systems Review
• /
• v.35 no.2
• /
• pp.99-118
• /
• 2016

With the development of Internet and popularization of smartphones over recent years, social network services are experiencing rapid growth. On top of this, smartphone gaming market is showing a rapid growth and the use of mobile social games is on the significant rise. The occurrence of game data manipulation targeting these services and personal information leakage is highlighting the importance of social gaming security. This study is intended to propose development plans effective and efficient in social game services by figuring out factors putting effects on security dependent behavior of social game users in Korea and carrying out a practical study on the casual relationship between factors influencing security dependent behavior through recognized behavioral control and attitudes for privacy infringement of these factors. To do this, proposed was a study model in which the HBM(Health Belief Model) allowing the social game user to influence security dependent behavior was expanded and applied as a major variable. To verify the study model of this study practically, a survey was conducted among university students in Seoul-based K University and S University who had experienced using social game services. According to the study findings, firstly, the perceived seriousness turned out to provide positive influence to trust. But, the perceived seriousness turned out not to put positive effects on self-efficacy. Secondly, the perceived probability turned out not to put positive effects on self-efficacy and trust. Thirdly, the perceived gain turned out to put positive effects on self-efficacy and trust. Fourthly, the perceived disorder turned out not to put positive effects on self-efficacy and trust. Fifthly, self-efficacy turned out to put positive effects on trust. But, self-efficacy turned out not to put positive effects on security dependent behavior. Sixthly, trust turned out not to put positive effects on security dependent behavior. This study is intended to make a strategic proposal so that social game users can raise awareness of their level of security perception and security willingness through this.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.157-167
• /
• 2009

Recently, the leakage of confidential information and personal information is taking place on the Internet more frequently than ever before. Most of such online security incidents are caused by attacks on vulnerabilities in web applications developed carelessly. It is impossible to detect an attack on a web application with existing firewalls and intrusion detection systems. Besides, the signature-based detection has a limited capability in detecting new threats. Therefore, many researches concerning the method to detect attacks on web applications are employing anomaly-based detection methods that use the web traffic analysis. Much research about anomaly-based detection through the normal web traffic analysis focus on three problems - the method to accurately analyze given web traffic, system performance needed for inspecting application payload of the packet required to detect attack on application layer and the maintenance and costs of lots of network security devices newly installed. The UTM(Unified Threat Management) system, a suggested solution for the problem, had a goal of resolving all of security problems at a time, but is not being widely used due to its low efficiency and high costs. Besides, the web filter that performs one of the functions of the UTM system, can not adequately detect a variety of recent sophisticated attacks on web applications. In order to resolve such problems, studies are being carried out on the web application firewall to introduce a new network security system. As such studies focus on speeding up packet processing by depending on high-priced hardware, the costs to deploy a web application firewall are rising. In addition, the current anomaly-based detection technologies that do not take into account the characteristics of the web application is causing lots of false positives and false negatives. In order to reduce false positives and false negatives, this study suggested a realtime anomaly detection method based on the analysis of the length of parameter value contained in the web client's request. In addition, it designed and suggested a WAF(Web Application Firewall) that can be applied to a low-priced system or legacy system to process application data without the help of an exclusive hardware. Furthermore, it suggested a method to resolve sluggish performance attributed to copying packets into application area for application data processing, Consequently, this study provide to deploy an effective web application firewall at a low cost at the moment when the deployment of an additional security system was considered burdened due to lots of network security systems currently used.