• Journal of Information Technology Services
• /
• v.22 no.5
• /
• pp.109-124
• /
• 2023

This study aims to apply the concept of regulatory stringency to the regulatory sandbox with a fresh perspective. The regulatory sandbox is a system that gives opportunities under certain conditions to new technologies or businesses that have not been launched due to inadequacy or insufficiency in legal systems. Previous research on regulatory sandboxes has mainly focused on discussions about their impact on specific technologies or business domains. This study attention to the results according to the evaluations. Among them, whether special cases for demonstration can evolve into official permission has garnered significant attention. For this study, among the cases that passed the regulatory sandbox evaluation from February, 2019, to December, 2022, 162 cases in the field of ICT convergence were selected. The evaluation results were classified into three groups 'positive interpretation (Fast Track)', 'temporary permission', and 'special case for demonstration.' Each case was assigned to one of the three groups. Through the comparative analysis, the common characteristics and differences were summarized. Then, this study explored improvement measures to pass a less restrictive regulatory sandbox. The analysis of the cases revealed that the differences in each evaluation result were attributed to variations in the technological characteristics and user protection features. Considering these differences, as well as the higher weight and importance of the preparation stage for sandbox application, this study suggested a three-step approach to prepare for temporary permission and positive interpretation rather than special case for demonstration. In addition, this thesis discussed the policy limitations of the regulatory sandbox mechanism in South Korea and the limitations of the current study. Hopefully, the results of this study would be beneficial to individuals and companies, particularly venture companies and startups seeking to develop new technologies or businesses and utilize regulatory sandboxes.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.11
• /
• pp.419-426
• /
• 2016

As the threat of cyber incident grows continuously, the need of IOC(Indicators of Compromise) is increasing to identify the cause of incidents and share it for quick response to similar incidents. But only few companies use it domestically and the research about the application of IOC is deficient compared to foreign countries. Therefore in this paper, a quick and standardized way to create IOC automatically based on the analysis result of malwares from Cuckoo Sandbox and its application is suggested.

• Journal of Korea Game Society
• /
• v.17 no.3
• /
• pp.107-116
• /
• 2017

Sandbox game users can double their satisfaction by re-creating a variety of play patterns. This creative process is due to the expansion of play through 'customizing' and 'action autonomy'. The purpose of this study is to investigate the structural limitations of freedom of online game. In a standalone game, the scalability due to the degree of freedom gives the user a strong motivation for world persistence. On the other hand, in online sandbox games such as MMORPG, it is confirmed that the goal-oriented tendency to gain advantage is the inherent limit of the freedom and expandability of the sandbox game. In this study, it is suggested that the cause and limit of growth of online-based sandbox game can be offset by the optimal solution factor.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.2
• /
• pp.766-783
• /
• 2012

Recently, many malicious users have attacked web browsers using JavaScript code that can execute dynamic actions within the browsers. By forcing the browser to execute malicious JavaScript code, the attackers can steal personal information stored in the system, allow malware program downloads in the client's system, and so on. In order to reduce damage, malicious web pages must be located prior to general users accessing the infected pages. In this paper, a novel framework (JsSandbox) that can monitor and analyze the behavior of malicious JavaScript code using internal function hooking (IFH) is proposed. IFH is defined as the hooking of all functions in the modules using the debug information and extracting the parameter values. The use of IFH enables the monitoring of functions that API hooking cannot. JsSandbox was implemented based on a debugger engine, and some features were applied to detect and analyze malicious JavaScript code: detection of obfuscation, deobfuscation of the obfuscated string, detection of URLs related to redirection, and detection of exploit codes. Then, the proposed framework was analyzed for specific features, and the results demonstrate that JsSandbox can be applied to the analysis of the behavior of malicious web pages.

• Journal of Soil and Groundwater Environment
• /
• v.20 no.2
• /
• pp.41-46
• /
• 2015

The drag of the excess charge in an electrical double layer at the solid fluid interface due to water flow induces the streaming current, i.e., the streaming potential (SP). Here we introduce a sandbox experiment to study this hydroelectric coupling in case of a tracer test. An acrylic tank was filled up with homogeneous sand as a sand aquifer, and the upstream and downstream reservoirs were connected to the sand aquifer to control the hydraulic gradient. Under a steady-state water flow condition, a tracer test was performed in the sandbox with the help of peristaltic pump, and tracer samples were collected from the same interval of five screened wells in the sandbox. During the tracer test, SP signals resulting from the distribution of 20 nonpolarizable electrodes were measured at the top of the tank by a multichannel meter. The results showed that there were changes in the observed SP after injection of tracer, which indicated that the SP was likely to be related to the solute transport.

• Journal of KIISE:Information Networking
• /
• v.31 no.6
• /
• pp.556-565
• /
• 2004

A Sandbox has been widely used to prevent damages caused by running of unknown malicious codes. It prevents damages by containing running environment of a program. There is a trade-off in using sandbox, between configurability and ease-of-use. MAPbox, an instance system of sandbox, had employed sandbox classification technique to satisfy both configurability and ease-of-use [1]. However, the configurability of MAPbox can be improved further. In this paper, we introduce a technique to attach dynamic class facility to MAPbox and implement MAPbox-advanced one. Newly generated class in our system has an access control with proper privileges. We show an example for improvements which denote our system have increased the configurability of MAPbox. It was determined as abnormal by MAPbox although is not. Our system could determine it as normal. We also show our techniques to overcome obstacles to implement the system.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.10a
• /
• pp.264-267
• /
• 2018

본 연구에서는 API 호출을 은닉할 수 있는 새로운 유형의 유저모드 기반 루트킷으로 Cuckoo Sandbox를 회피하는 기법과 이를 탐지하기 위한 연구를 한다. Cuckoo Sandbox의 행위 분석을 회피하기 위해 잠재적으로 출현 가능한 은닉된 코드 이미지 기반의 신종 루트킷 원리를 연구하고 탐지하기 위한 방안을 함께 연구한다. 네이티브 API 호출 코드 영역을 프로세스 공간에 직접 적재하여 네이티브 API를 호출하는 기법은 Cuckoo Sandbox에서 여전히 잠재적으로 행위 분석 회피가 가능하다. 본 연구에서는 은닉된 외부주소 호출 코드 영역의 탐지를 위해 프로세스의 가상메모리 공간에서 실행 가능한 페이지 영역을 탐색 후 코사인 유사도 분석으로 이미지 탐지 실험을 하였으며, 코드 영역이 맵핑된 정렬 단위의 4가지 실험 조건에서 평균 83.5% 유사도 탐지 결과를 확인하였다.

• Journal of Legislation Research
• /
• no.53
• /
• pp.213-267
• /
• 2017

Regulatory barrier is considered most challenging out of all FinTech barriers, which many technology innovators have always experienced. Even though technological solutions promise customers accessibility to more cost-effective and secured financial services, it is quite challenging to create regulatory environment that enables innovation FinTech industry. Especially, a common challenge FinTech innovators and business face is regulatory uncertainty and confusion rather than any particular regulation. Since many FinTech models are continuously introducing new innovative ways in providing financial services, significant confusion could be raised in applying principles of existing law and regulations. In addition, it is uncertain whether or not applying complex regulatory compliance model intended for large financial institutions to small start-ups is appropriate since most existing regulations and rules are established and introduced without considering innovative tools such as mobile instruments, e-trade, and internet. Therefore, new mechanism to access to regulatory information in a more cost-effective, quick and immediate way should be created. Regulators, technological innovators, and financial customers should cooperate each other to find out appropriate solutions for those issues. Many regulators are introducing regulatory sandbox which provides service providers with opportunities to test their innovations, during the test, providing regulators with enough time to understand risks of innovations. However, regulatory sandbox is not a panacea for all challenges to FinTech innovations. Therefore, regulators should make comprehensive and multidimensional efforts including regulatory sandbox in supporting FinTech ecosystem.

• Journal of The Korean Association of Information Education
• /
• v.20 no.3
• /
• pp.313-322
• /
• 2016

The effect on creative problem solving ability and learning flow is analyzed by applying game-based learning using sandbox game, Minecraft Edu for elementary school students. It appeared to be effective when applied to sand box utilizing game-based learning than traditional lecture teaching method on creative problem solving ability and learning flow. It is found to be a significant difference observed in all sub-elements on Creative problem solving ability and it is found to be a significant difference in all sub-elements on learning flow except sense of control and transformation of time.

• Journal of Korean Society for Quality Management
• /
• v.49 no.4
• /
• pp.505-525
• /
• 2021

Purpose: The purpose of this study was to investigate factors influencing the intention to use Fintech Digital Sand(D-Testbed), which facilitate digital innovation in the financial sectors and allow fintech startups to simulate the PoC their innovative ideas before starting a business. Methods: This study used the Extended Technology Acceptance Model (TAM2), with independent variables such as social influence, personal innovativeness, service quality, relative advantage, and security concerns used in previous studies, for analysis. For mediator variables, the perceived usefulness and perceived ease of use were used in this study. Results: The results indicated that social influence and perceived usefulness have a positive effect on the intention to use. It was also analyzed that relative advantage has a mediating effect on perceived usefulness whereas service quality nor personal innovativeness are not statistically significant mediation. On the other hand, perceived ease of use on the intention is not statistically significant. By this, it was confirmed that the intention to use Fintech Digital Sand(D-Testbed) was to improve the business performance of fintech companies, but not because it was easy to learn and take less effort. Conclusion: The finding of the study provides valuable implications for invigorating the use of fintech digital sandbox(D-testbed) and identifying the factors that affect the perception and intention to use among employees in fintech companies in advance.