• Information Systems Review
• /
• v.22 no.4
• /
• pp.135-161
• /
• 2020

With the growth of blockchain and cryptocurrency-related markets, cryptocurrency exchanges are growing as a new industry. However, as the legal and regulatory definitions of cryptocurrencies are still in progress, unlike existing industrial groups, they are not under the supervision of regulatory agencies. As a result, users (i.e., cryptocurrency investors) have suffered two types of damage that could occur from hacking and other accidents on the exchanges. One type of the damage is the loss of assets caused by the extortion of personal information or account and the other is the damage from users who might be involved in external frauds. Both are analyzed in comparison with existing operators whose functions are like the exchanges. The results of this study show that membership (KYC: Know Your Client), log-in, and additional authentication in transactions are on the similar level to those of the operators while the fraud detection system (FDS) and anti-money laundering (AML) of fiat currencies and cryptocurrencies need rapid improvement.

• The Journal of Economics, Marketing and Management
• /
• v.3 no.1
• /
• pp.33-39
• /
• 2015

Managers are always trying to be the best internal controls in their organizations copper approximate because they know that be effective internal control over previous systems, to fulfill the mission of the organization and minimize unexpected events will be extremely difficult. On the other hand, the existence of internal controls to increase efficiency, reduce head loss, assets and achieving a reasonable assurance of the reliability of financial statements and compliance with laws and regulations will be. Internal control, not an event, but a series of operations and activities on the basis of output. Internal controls help to achieve the goal of minimizing the problems of implementing appropriate internal controls. Internal control is an integral component of corporate governance that will provide reasonable assurance of achieving the organization's objectives. preventing, detecting errors and fraud goes to work. Responsibility for the prevention and detection of fraud and error in the public sector is the responsibility of managers. Managers of internal control and consistently applying appropriate accounting systems, this responsibility will play (Lin et al., 2011). Since the public sector organizations differ from each other, thus establishing internal controls cant be the same for all organizations and agencies of the public sector. Establish specific controls on each system to factors such as size, type of operation and organizational goals that the system is designed, it depends. On the other hand, rapid advances in information technology, the need to update internal control guidelines in relation to Create a new computer system so as to ensure that the activities of managers and effective control Should be updated if necessary.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.66-69
• /
• 2014

클라우드는 IT를 직접 소유하기 보다 제 3 자가 제공하는 소프트웨어, 플랫폼, 인프라구조 등을 필요에 따라 선택하고 이용하는 방식으로 시스템을 중앙에서 집중 관리하여 규모의 경제를 달성하는 데 용이하지만 해커에게는 더 없이 매력적인 공격 대상이 된다. 아무리 완벽한 보안 설비와 정책을 이행하고 있더라도 사용자의 아이디와 패스워드가 도용 되었을 때 발생되는 문제점은 치명적이다. 본 논문에서는 사용자의 편의성을 보장하면서 계정도용을 방지하기 위한 새로운 보안 요구사항을 제시하고자 한다.

• Journal of Korea Multimedia Society
• /
• v.16 no.12
• /
• pp.1413-1426
• /
• 2013

RFID thecnology has been widely adopted by industries for supply chain management. When a product item is manufactured RFID tag is attached to the product item and supply chain management among factories, distributors, retailers and customers needs to handle ownership transfer for the product item carefully. With RFID technology, the secure and efficient ownership transfer protocol is an important issue for the identification of product items and the overall system efficiency on supply chain. Many ownership transfer protocols have been proposed now. They have security problems and use complex operations such as encryption operation and hash function. Lo et al. proposed a protocol using lightweight operations such as shift, addition, XOR, and random number generation[1]. However, this protocol has a security problem in which the secret key between the tag and the new owner is disclosed to the attackers, and it is also weak against the Fraud attack[2]. In this paper, we propose a new ownership transfer protocol using lightweight operations such as shift, addition, and random number generation. This protocol is the modified version of Lo et al.'s protocol and is secure against the security attacks.

• 제어로봇시스템학회:학술대회논문집
• /
• 2004.08a
• /
• pp.1350-1354
• /
• 2004

This paper proposes a simple but practically useful model for preventing fraud of users called "ERBAC03". The new model consists of qualified mandatory and discretionary features for roles and locations, including the assignment of permissions for the appropriate roles and the assignment of roles for the appropriate locations. Moreover, a static separation of duty (SSoD) principle is applied to the new model for integrity requirements of security systems. The paper also explores some extensions of ERBAC03 including the new model using the SSoD concept from some experiments. The experimental results prove the efficiency improvement of the proposed model that can make benefits for large enterprises.

• 한국경영정보학회:학술대회논문집
• /
• 2008.06a
• /
• pp.428-433
• /
• 2008

The online advertising industry's business model undertakes the change from CPM (cost-per-mille)-based to CPC (cost-per-click)-based. However, due to the problem of 'Click Fraud', CPA (cost-per-action) has been regarded as a new step. For CPA, publishers need to get information after a user clicks an advertisement. Therefore, in CPA, the key is to get Conversion Action Data (CAD). This paper introduces two existing mechanisms for getting CAD, compare their characteristics, and analyze their limitations. Then the two new mechanisms are introduced and their requirements and feasibility are analyzed. Lastly, we compare the existing two and the new two mechanisms, and point out each mechanism's business possibility, value and Application Area. This paper will help publishers choose the most appropriate mechanism on the basis of their situation.

• Proceedings of the Korea Inteligent Information System Society Conference
• /
• 2001.01a
• /
• pp.97-108
• /
• 2001

Frauds detection is a difficult problem, requiring huge computer resources and complicated search activities Researchers have struggled with the problem. Even though a fee research approaches have claimed that their solution is much better than others, research community has not found 'the best solution'well fitting every fraud. Because of the evolving nature of the frauds. a novel and self-adapting method should be devised. In this research a new approach is suggested to solving frauds in insurance claims credit card transaction. Based on evolutionary computing approach, the method is itself self-adjusting and evolving enough to generate a new self of decision-makin rules. We believe that this new approach will provide a promising alternative to conventional ones, in terms of computation performance and classification accuracy.

• Proceedings of the Korea Inteligent Information System Society Conference
• /
• 2001.06a
• /
• pp.293-304
• /
• 2001

frauds detection is a difficult problem, requiring huge computer resources and complicated search activities. researchers have struggled with the problem. Even though a flew research approaches have claimed that their solution is much bettor than others, research community has not found 'the best solution'well fitting every fraud. Because of the evolving nature of the frauds, a Revel and self-adapting method should be devised. In this research a new approach is suggested to solving frauds in insurance claims and credit card transaction. Based on evolutionary computing approach, the method is itself self-adjusting and evolving enough to generate a new set of decision-making rules. We believe that this new approach will provide a promising alternative to conventional ones, in terms of computation performance and classification accuracy.

• Journal of Digital Contents Society
• /
• v.19 no.1
• /
• pp.193-198
• /
• 2018

In Korea, the penetration rate of Internet, telephone and smart devices is reaching the highest level in the world. Cyber financial crimes that exploit such infrastructures continue to evolve. Since the first Voice Phishing crime in May 2006, ten years later, there has been a constant occurrence of Voice Phishing crime. Voice Phishing is a crime in which a victim is phoned for false information to figure out the victim's account number and password. This method of Voice Phishing evolves day by day, and it is difficult to investigate. Most of Voice Phishing is a form of international organized crime that is based in Southeast Asia such as China, and it is not easy to eradicate by international cooperation investigation. The purpose of this study is to investigate the actual situation and case analysis of Voice Phishing crime, and to propose the countermeasures against police Voice Phishing counterplan.

• International Journal of Contents
• /
• v.7 no.3
• /
• pp.71-81
• /
• 2011

This paper is mainly associated with setting out an agenda for the transformation of security by creating a new framework for a security system, which can maximise its effectiveness. Noticeably, this research shows empirically that crimes are getting a major cost to organisations, which if reduced by security and investigations could reap substantial rewards to the finances of an organisation. However, the problem is that the delivery of security is frequently delegated to personnel (e.g. security guards) with limited training, inadequate education, and no real commitment to professionalism - 'sub-prime' security, finally causing security failures. Therefore, if security can be enhanced to reduce the crime cost, this will produce financial benefits to business, and consequently could produce a competitive advantage. For this, the paper basically draws upon Luke's theoretical framework for deconstructing 'power' into three dimensions. Using this three-dimensional approach, the paper further sets out a model of how security can be enhanced, utilising a new Security Risk Management (SRM) model, and how can this SRM model create competitive advantage in business. Finally, this paper ends with the six strategies needed to enhance the quality of security: refiguring as SRM, Professional Staff, Accurate Measurement, Prevention, Cultural Change, and Metrics.