• Asia pacific journal of information systems
• /
• 제30권2호
• /
• pp.308-327
• /
• 2020

The importance of information security is increasing, and various efforts are being made to improve users' information security behaviors. Among these various efforts, information security education is mainly aimed at providing users with information security knowledge and improving information security awareness. This study classified the types of information security education into offline and online to examine the effects of each education method on attitudes toward information security (perceived severity, vulnerability, self-efficacy and response-efficacy) and information security behaviors. A survey was conducted for users with information security education experiences. The results obtained by comparing the differences in the path coefficients of personal information security behaviors according to information security education experiences showed that security behaviors were more significant in the online experience group than the offline group. In addition, gender differences were analyzed, and it was found that females had a greater impact on information security attitudes than males. This study also found that among Internet users with online information security education experience, females tend to have more information security behavior than males, but there were contrasting results among users with offline information security education experiences. The results of this study finally address the necessity of reflecting users' personalities in the systematic design of information security education in the future. Furthermore, the results of this study support the need for an appropriate education system that sufficiently understands education types to maximize the effects of information security education.

• Asia pacific journal of information systems
• /
• 제17권2호
• /
• pp.29-47
• /
• 2007

Owing to the rapid growth of using the Internet, not only click-and-mortar companies but also brick-and-mortar ones have been expanding their distribution channels into online, Moreover, since online channels are more attractive than offline ones in control and maintenance, switching customers into online ones is emerged as one of very important managerial issues in a view of reduction of cost as well as expansion of services. However, the switched customers should be faced by uncertainties which could not have been experienced in offline. Specifically, in online channels, buyers and sellers are separated temporally and spacially and there are always so many kinds of threat for security as well as not enough systems and conventions for them yet. Therefore, trust has been considered as one of the most critical mechanisms for resolution of such uncertainties in online transactions. However, it is not easy to build and maintain the relationships in online since most of them are virtual and indirect generally. Therefore, in order to switch offline customers into online ones, it is very important to make strategies based on identification of the relationship between online transaction and offline trust which has been built in offline business. Generally offline trust, which has been built independent of online, could not include trust for online-dependent activities such as payment security during or after transactions, while most of online trust include it. Therefore, a customer with high offline trust does not always perceive high security and assure safe transactions. Accordingly, while online trust, where technical capabilities for online security is one of main bases, includes control trust implicitly or explicitly, offline trust does not. However. in spite of such clear discrimination and independence between offline trust and perceived security, there can be the significant dependency between these two beliefs. The customers with high offline trust believe that the company would do some activities for online security for customers' safe transactions since it has been believed of doing well for customers' trust. Theoretically, users' perception of security is interpreted as a kind of control trus, which is trust for company's technical control capacities in order to resolve technical uncertainties in online. Therefore, the relationship between two beliefs can be considered as transference from offline trust to another type trust. that is, control trust. The objective of this study is to analyze the effect of offline trust on online transaction uses mediated by perceived security. For this purpose, we suggest a research model based on technology acceptance model (TAM). Reuse intention is adopted as a dependent variable and TAM is modified by adding perceived risk (PR) as well as two beliefs of using Internet banking, perceived usefulness (PU) and perceived ease of use (PEOU). Moreover, perceive security (PS) is adopted as an external variable for PR and PU, while offline trust (OT) is an antecedent of PS. For an empirical test, sampling from 108 visitors to the banks in Daegu, Korea, we analyze our model by partial least square (PLS) approach. In result, our model is shown to explain 51.4% of the variance in reuse intention and all hypothesis are supported statistically. A theoretical implication of this study is to identify a role of PS between offline trust and reuse intention of using online transaction services. According to our result, PS can be considered as a mediation variable for bridging between two different concepts: trust that explains social aspects of customers and companies, and TAM that explains customers' reuse intention.

• 한국IT서비스학회지
• /
• 제10권2호
• /
• pp.293-308
• /
• 2011

The preliminary security assessment is an information security process to analyze security weaknesses before beginning of services. Discovering security weakness through preliminary security assessment is highly required because it costs much when security incident occur in the middle of service operation. However, this assessment is not widely spread in the online game service domain yet. In this paper, we summarize the security risk existed in the online game service, and we classify the security requirements related to the each risk. Also, through the case study, we evaluated the effectiveness of preliminary security assessment in this domain. In addition, we suggest checklists that should be reviewed once in game-client side, network-side and game-server side for the purpose of security enhancement.

• 한국컴퓨터정보학회논문지
• /
• 제20권12호
• /
• pp.61-66
• /
• 2015

In this paper, we draw a security assessment by analyzing possible vulnerabilities of the designated PC service which is supposed for strengthening security of current online identification methods that provide various areas such as the online banking and a game and so on. There is a difference between the designated PC service and online identification methods. Online identification methods authenticate an user by the user's private information or the user's knowledge-based information, though the designated PC service authenticates a hardware-based unique information of the user's PC. For this reason, high task significance services employ with online identification methods and the designated PC service for improving security multiply. Nevertheless, the security assessment of the designated PC service has been absent and possible vulnerabilities of the designated PC service are counterfeiter and falsification when the hardware-based unique-information is extracted on the user's PC and sent an authentication server. Therefore, in this paper, we analyze possible vulnerabilities of the designated PC service and draw the security assessment.

• International Journal of Computer Science & Network Security
• /
• 제22권2호
• /
• pp.145-152
• /
• 2022

One of the impacts of Covid-19 on education systems has been the shift to online education. This shift has changed the way education is consumed and perceived by students. However, the exact nature of student perception about online education is not known. The aim of this study was to understand the perceptions of Saudi higher education students (e.g., post-school students) about online education during the Covid-19 pandemic. Various aspects of online education including benefits, features and cybersecurity were explored. The data collected were analysed using statistical techniques, especially artificial neural networks, to address the research aims. The key findings were that benefits of online education was perceived by students with positive experience or when ensured of safe use of online platforms without the fear cyber security breaches for which recruitment of a cyber security officer was an important predictor. The issue of whether perception of online education as a necessity only for Covid situation or a lasting option beyond the pandemic is a topic for future research.

• 정보보호학회논문지
• /
• 제27권5호
• /
• pp.1201-1216
• /
• 2017

최근 한국을 비롯한 전 세계적으로 많은 국가들이 분산 원장 기술(예: 블록체인)을 활용한 온라인 투표를 적극적으로 도입하여 이용하고 있으나, 현재 널리 보급된 정보통신 인프라 기반의 분산 원장 기술을 활용한 온라인 투표 시스템에 대한 잠재적인 보안 위협 분석이 미흡한 실정이다. 본 논문에서는 분산 원장 기술을 활용한 온라인 투표 시스템에 대한 모델을 제시하고 온라인 투표 과정에서 발생할 수 있는 보안 위협을 정보보호 측면에서 분석함으로서 그에 따른 대응 방안을 제시하고자 한다.

• 한국콘텐츠학회지
• /
• 제15권3호
• /
• pp.40-47
• /
• 2017

• 정보보호학회논문지
• /
• 제25권5호
• /
• pp.1097-1114
• /
• 2015

빠르게 성장한 게임 시장의 규모에 따라 게임봇, 게임핵, 골드파밍, 사설서버, 시스템 해킹, 네트워크 해킹, 계정도용 등과 같은 게임을 이용한 여러 불법 행위가 증가해 왔다. 이러한 불법 행위를 예방 및 탐지하기 위해 게임 보안 솔루션들이 존재하지만 각 게임마다의 특징이 존재하기 때문에 부정행위로부터 보호하는 것에는 어려움이 있다. 또한 게임 보안은 게임의 기획과 조화되는 게임 보안 솔루션 및 탐지 방법들이 필요하다. 본 연구에서는 최근 온라인 게임에서의 보안 관련 연구에 대한 동향을 조사하였다. 온라인 게임에서의 부정행위를 분류하였고, 온라인 게임에서의 각 특징에 따른 부정행위 예방 및 탐지 방법을 분류하였다.

• 경영정보학연구
• /
• 제9권3호
• /
• pp.83-98
• /
• 2007

본 연구에서는 최근 급속한 속도로 발전하고 있는 게임 산업에 비하여 상대적으로 미진한 상태에 있는 게임 서비스에 관한 정보보호 기술 연구를 진행하였다. 연구수행을 위하여 현재 온라인으로 서비스되고 게임들을 대상으로 침해현황을 조사하여 이를 유형별로 분류하였다. 정리된 게임 서비스 침해유형에 따라 서비스 침해를 발생시키는 원인을 분석하여 이를 해결할 수 있는 기술적 방안을 설계한 다음 현재 제공되고 있는 게임 서비스로의 적용가능성을 검증하였다. 본 연구의 결과는 게임 서비스 보호를 위한 연구의 방향성을 제시함과 동시에 게임 서비스를 포함하는 일반 응용소프트웨어에 대한 정보보호 기술개발에도 적용될 수 있을 것으로 기대한다.

• International Journal of Computer Science & Network Security
• /
• 제24권4호
• /
• pp.155-162
• /
• 2024

Anonymity online has been an ever so fundamental topic among journalists, experts, cybersecurity professionals, corporate whistleblowers. Highest degree of anonymity online can be obtained by mimicking a normal everyday user of the internet. Without raising any flags of suspicion and perfectly merging with the masses of public users. Online Security is a very diverse topic, with new exploits, malwares, ransomwares, zero-day attacks, breaches occurring every day, staying updated with the latest security measures against them is quite expensive and resource intensive. Network security through anonymity focuses on being unidentifiable by disguising or blending into the public to become invisible to the targeted attacks. By following strict digital discipline, we can avoid all the malicious attacks as a whole. In this paper we have demonstrated a proof of concept and feasibility of securing yourself on a network by being anonymous.