• Journal of Digital Contents Society
• /
• 제19권1호
• /
• pp.93-102
• /
• 2018

This study aims to present policy implications by analyzing information security behavior factors of internet users. The research model, based on PMT and UTAUT2, consists of perceived threat, severity, social influence, self-efficacy, experience and habits, PC and privacy behaviors, security behaviors on new services and set demographic characteristics, use places of internet, use of paid products, and experiences of accident as moderate variables to analyze the effect on security behavior. The results showed that perceived severity, self-efficacy significantly influenced on experience and habits, and experience and habits and self-efficacy had a high influence on PC and privacy behavior. Also, PC and privacy behaviors have a high impact on security behavior of new services. Age, income, use of paid products, and experience of accidents have a moderating effects on security behaviors. The results of this study are expected to help policy decision making to improve the level of information security of internet users.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 한국정보보호학회 2001년도 종합학술발표회논문집
• /
• pp.297-301
• /
• 2001

PC카드 형태로 개발되어 사용되는 보안토큰은 다양한 보안서비스를 바탕으로 차세대 정보보호 기술의 핵심기술로 떠오르고 있다. PC카드 보안토큰 휴대용 컴퓨터 운용을 위한 메모리 카드 표준 인터페이스를 수용하여 다양한 암호알고리즘 수행이 가능하고, 사용자의 요구조건을 비교적 쉽게 수용하고, 아울러 다양한 응용분야에 사용되는 등의 장점을 가지고 있다. 본 논문에서는 Motorola PowerPC 기반의 MPC860 마이크로 프로세서가 장착된 제어보드를 이용하여 PC카드 보안토큰에 대한 PCMCIA(Personal Computer Memory Card International Association) 카드 장치구동기 및 API(Application Program Interface)를 설계/구현하여 각각의 기능시험을 통해 그 기능들을 검증하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 한국정보처리학회 2018년도 추계학술발표대회
• /
• pp.257-259
• /
• 2018

모바일 환경이 발전함에 따라 기존 PC 환경에서의 보안 위협이 모바일 환경으로 옮겨 짐으로써, 기존 PC 환경에서 발생하던 악성 광고 인젝션 또한 모바일 환경으로 옮겨져 가고 있다. 악성 광고 인젝션은 컨텐츠 제공자에게 정당한 광고의 노출을 방해함으로써 수익 창출을 방해하고, 사용자에게는 원치 않는 광고로 인해 불편함을 야기한다. 이러한 모바일 환경에서의 악성 광고 인젝션을 막기 위해 몇 가지 연구가 진행되었지만 아직 악성 광고 인젝션 앱의 특징에 대한 연구가 미비하다. 따라서, 본 논문에서는 GPC(Google Play Crawler)를 통해 선별한 앱들 중 실제로 악성 광고 인젝션을 수행하는 앱들을 분석하여 악성 광고 앱들의 특징을 도출해 내고, 도출된 특징의 활용 방안에 대해 서술한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 한국정보처리학회 2013년도 추계학술발표대회
• /
• pp.800-803
• /
• 2013

이메일을 기반으로 좀비PC 및 봇넷그룹을 탐지하는 알고리즘은 기존에 연구가 되었으나, 기존의 검증방식은 가상의 메일계정을 이용해 스팸메일을 수집하는 스팸트랩 시스템에서 추출한 이메일을 대상으로 하였다. 본 논문에서는 상용환경의 이메일을 대상으로 좀비PC를 탐지하고, 좀비PC를 이용한 추가 사이버 공격을 예방하기 위해 기존의 알고리즘을 보완하고, 이에 대한 좀비PC 탐지결과를 분석한다. 이를 통해, 주요 포탈 및 기업의 메일서버에서 수신하는 이메일을 대상으로 좀비IP를 탐지하여, 스팸메일을 차단하고 ISP와 연계하여 실제 조치를 유도할 수 있을 것으로 기대한다.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• 제18권1호
• /
• pp.76-81
• /
• 2007

In this paper, we analyzed the vulnerability of information leakage due to the leakage electromagnetic waves of a PC keyboard. First, we reviewed the keyboard protocol and hardware structure, we analyzed the correlation between the data signal, which is transmitted from the keyboard to the main body, and the leakage signal on the power cable. With the result, we grasped the cause of the Conducted Emission of a PC keyboard. Also, we compared the limit level of the CISPR 22 standard with the amplitude of the keyboard leakage electromagnetic waves we calculated. By analyzing the signal on the power cable of the PC main body through the simple experiment, we show that it is possible to extract the contents of the PC key. Therefore it is verified that the secret information of the PC user could leak out.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제29권4호
• /
• pp.885-895
• /
• 2019

As seen in recent cases of hacking in financial services, attackers are attempting to hacking trustee with poor security management, rather than directly hacking a financial company. As a result, the consignor is strengthening the security check and control of the trustee, but small trustee has difficulties to invest in information security with the lack of computer facilities and the excessive cost of security equipment. In this paper I investigate the vulnerability of personal information processing life cycle standards in order to enhance the security of small consignee that receive personal information form the credit card company. To solve the vulnerability the company should use litigation management system constructed on cloud computing service and install VPN to secure confidentiality and intergrity in data transfer section. Also, to enhance the security of users, it is suggested to protect personal credit information by installing PC firewall and output security on user PC.

• Convergence Security Journal
• /
• 제15권6_2호
• /
• pp.89-97
• /
• 2015

The Smart phone is the mobile phone added to mounted equipment miniaturized operating system of PC and wireless phone possible hardware, software modules. This study is examine about Smart phone supply spreading process and characteristic by age. And this study is wish to investigate about age-based features of the media usage attitude via a Smart phone as a reference questionnaire of KISA and KISDI. Smart phone is easy-to-use and excellent portability and mobility like Pocket PC. It is easy to information and data search anytime and anywhere unaffected by time and place. It is to possible a variety of information exchange with several acquaintances and easy to photos and video photography. Wish to improve the life satisfaction with widely using for smart phones at all ages.

• Journal of Convergence for Information Technology
• /
• 제9권9호
• /
• pp.27-32
• /
• 2019

Along with the growth of u-Healthcare, we propose a security enhancement based on network separation for CloudHIS with for handling healthcare information to cope with cyber attack. To protect against all security threats and to establish clear data security policies, we apply desktop computing servers to cloud computing services for CloudHIS. Use two PCs with a hypervisor architecture to apply physical network isolation and select the network using KVM switched controller. The other is a logical network separation using one PC with two OSs, but the network is divided through virtualization. Physical network separation is the physical connection of a PC to each network to block the access path from both the Internet and the business network. The proposed system is an independent desktop used to access an intranet or the Internet through server virtualization technology on a user's physical desktop computer. We can implement an adaptive solution to prevent hacking by configuring the CloudHIS, a cloud system that handles medical hospital information, through network separation for handling security enhancement.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• 제58권9호
• /
• pp.1658-1666
• /
• 2009

This paper proposes an approach of Mult_HPSO based on the PC cluster system to reduce or remove the stagnation on an early convergence effect of PSO, reduce an execution time and improve a search ability on an optimal solution. Hybrid PSO(HPSO) is combines the PSO(Particle Swarm Optimization) with the mutation of conventional GA(Genetic Algorithm). The conventional PSO has operated a search process in a single swarm. However, Multi_PSO operates a search process through multiple swarms, which increments diversity of expected solutions and reduces the execution time. Multiple Swarms are composed of unsynchronized PC clusters. We apply to SCED(security constrained economic dispatch) problem, a nonlinear optimization problem, which considers line flow constraints and N-1 line contingency constraints. To consider N-1 line contingency in power system, we have chosen critical line contingency through a process of Screening and Selection based on PI(performace Index). We have applied to IEEE 118 bus system for verifying a usefulness of the proposed approaches.

• Journal of Advanced Information Technology and Convergence
• /
• 제8권2호
• /
• pp.79-87
• /
• 2018

The current PC user authentication uses character password based on user's knowledge. However, this can easily be exploited by password cracking or key-logging programs. In addition, the use of a difficult password and the periodic change of the password make it easy for the user to mistake exposing the password around the PC because it is difficult for the user to remember the password. In order to overcome this, we propose user gesture recognition and challenge-response authentication. We apply user's hand gesture instead of character password. In the challenge-response method, authentication is performed in the form of responding to a quiz, rather than using the same password every time. To apply the hand gesture to challenge-response authentication, the gesture is recognized and symbolized to be used in the quiz response. So we show that this method can be applied to PC user authentication.