• Journal of Digital Convergence
• /
• v.13 no.9
• /
• pp.269-276
• /
• 2015

Recently, with the activation of the industry related to the big data, the global security companies have expanded their scopes from structured to unstructured data for the intelligent security threat monitoring and prevention, and they show the trend to utilize the technique of user's tendency analysis for security prevention. This is because the information scope that can be deducted from the existing structured data(Quantify existing available data) analysis is limited. This study is to utilize the analysis of security tendency(Items classified purpose distinction, positive, negative judgment, key analysis of keyword relevance) applying the machine learning algorithm($Na{\ddot{i}}ve$ Bayes, Decision Tree, K-nearest neighbor, Apriori) in the big data environment. Upon the capability analysis, it was confirmed that the security items and specific indexes for the decision of security tendency could be extracted from structured and unstructured data.

• Korean Security Journal
• /
• no.48
• /
• pp.113-146
• /
• 2016

Criminal profiling is a effective and efficient measure for enhancing industrial security of casino business. Particularly, developing criminal profiling of deviant behaviors in casino will help security management to become more effective and efficient in practical ways. Unfortunately, however, there is lack of empirical profiling study in this regard. To fill the vacuum of literature on this topic, this study was purported to create offender profiles of different types of deviant behaviors in casino based on various theories and techniques in criminal profiling literature, such as investigative psychology, linkage analysis, and behavioral evidence analysis. To fulfill the purposes, this study collected behavioral evidence from 90 casino security officers in South Korea. Offenders' behavioral evidence was analyzed to develop offender profiles of seven different types of deviant behaviors, and then the profiles were compared with each profiles that security officers focus on to identify offenders during their work hours. Results showed that, first, there were unique profiles of each type of seven different categories of deviant behaviors in terms of offenders' ways of speaking and acting, their appearance and attitudes. In addition, this study found that there were some amount of gaps between actual offenders' profiles and profiles that security officers have in mind. Based on the results, this study provided policy implications in terms of managing casino industrial security, education and training for security officers, and future study on casino security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1399-1410
• /
• 2015

Gartner is requiring companies to considerably change their survival paradigms insisting that companies need to understand and provide again the upcoming era of data competition. With the revealing of successful business cases through statistic algorithm-based predictive analytics, also, the conversion into preemptive countermeasure through predictive analysis from follow-up action through data analysis in the past is becoming a necessity of leading enterprises. This trend is influencing security analysis and log analysis and in reality, the cases regarding the application of the big data analysis framework to large-scale log analysis and intelligent and long-term security analysis are being reported file by file. But all the functions and techniques required for a big data log analysis system cannot be accommodated in a Hadoop-based big data platform, so independent platform-based big data log analysis products are still being provided to the market. This paper aims to suggest a framework, which is equipped with a real-time and non-real-time predictive analysis engine for these independent big data log analysis systems and can cope with cyber attack preemptively.

• Journal of Internet Computing and Services
• /
• v.14 no.4
• /
• pp.35-42
• /
• 2013

Nowadays many tasks are performed using the Web. Accordingly, many web-based application systems with various and complicated functions are being requested. In order to develop such web-based application systems efficiently, object-oriented analysis and design methodology is used, and Java EE(Java Platform, Enterprise Edition) technologies are used for its implementation. The security issues have become increasingly important. For such reasons, Java EE provides mechanism related to security but it does not provide interconnections with object-oriented analysis and design methodology for developing web application system. Consequently, since the security method by Java EE mechanism is implemented at the last step only, it is difficult to apply constant security during the whole process of system development from the requirement analysis to implementation. Therefore, this paper suggests an object-oriented analysis and design methodology emphasized in the security for secure web application systems from the requirement analysis to implementation. The object-oriented analysis and design methodology adopts UMLsec, the modeling language with an emphasis on security for the requirement analysis and system analysis & design with regard to security. And for its implementation, RBAC (Role Based Access Control) of servlet from Java EE technologies is used. Also, the object-oriented analysis and design methodology for the secure web application is applied to online banking system in order to prove its effectiveness.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1994.11a
• /
• pp.303-315
• /
• 1994

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.260-280
• /
• 2020

Cyber-attacks emerge in a more intelligent way, and various security technologies are applied to respond to such attacks. Still, more and more people agree that individual response to each intelligent infringement attack has a fundamental limit. Accordingly, the cyber threat intelligence analysis technology is drawing attention in analyzing the attacker group, interpreting the attack trend, and obtaining decision making information by collecting a large quantity of cyber-attack information and performing relation analysis. In this study, we proposed relation analysis factors and developed a system for establishing cyber threat intelligence, based on malicious code as a key means of cyber-attacks. As a result of collecting more than 36 million kinds of infringement information and conducting relation analysis, various implications that cannot be obtained by simple searches were derived. We expect actionable intelligence to be established in the true sense of the word if relation analysis logic is developed later.

• ETRI Journal
• /
• v.42 no.2
• /
• pp.292-304
• /
• 2020

As side-channel analysis and machine learning algorithms share the same objective of classifying data, numerous studies have been proposed for adapting machine learning to side-channel analysis. However, a drawback of machine learning algorithms is that their performance depends on human engineering. Therefore, recent studies in the field focus on exploiting deep learning algorithms, which can extract features automatically from data. In this study, we survey recent advances in deep learning-based side-channel analysis. In particular, we outline how deep learning is applied to side-channel analysis, based on deep learning architectures and application methods. Furthermore, we describe its properties when using different architectures and application methods. Finally, we discuss our perspective on future research directions in this field.

• Korean Security Journal
• /
• no.16
• /
• pp.47-64
• /
• 2008

The purpose of this study is to develop the measurement of security needs satisfaction from users of electronic security system, to verify its validity and reliability, and by applying them, to examine the effects between the communities using this system. In 2008, the users of electronic security system in big cities in Seoul(Yong-San, Jong-Lo) and Gyung-Gi Do(Su-Won) for their convenience stores, jewelry shops, communication services, banks, government and public offices, etc. were arranged for a population and 262 of them were used for the final analysis by purposive sampling. This study yields following results. First, the validity of security need satisfaction from users of electronic security system is very high, which means the explanatory adequacy of environmental security need is the highest. Second, the reliability of security need satisfaction from users of electronic security system is very high, in which the reliability value(Cronbach's $\alpha$) of internal consistency is over .765. Third, the security need of electronic security system has the most effects on the group of bank workers. That is, through a close cooperative system between the bank and the service of electronic security system, the more keeping satisfied the environmental, bodily, physical security needs are, the less the in security of this group has. Informational security need has the most effects on convenient store group. It means the service companies of electronic security system offer more services at dawn time and make or supply all sorts of visual information system, which reduces insecurity of the convenient store group.

• Convergence Security Journal
• /
• v.4 no.3
• /
• pp.9-18
• /
• 2004

This paper is to analyze security and technical problem of NEIS and suggest an improving methods about the effective system. Therefore questionnaire was performed in the five items with security as well as technical problem of NEIS to primary and secondary school teachers. The result of questionnaire analysis on each item is that they think of NEIS as the essential system for the age of information, despite problems such as the invasion of human right and security as well as reveal of personal data.

• Korean System Dynamics Review
• /
• v.16 no.4
• /
• pp.31-50
• /
• 2015

The purpose of this research is to understand a structural relationship between financial regulations and security industry based on the systems thinking perspective using causal loop analysis. As a result, the positive regulations on security technology against finance security incidents shrink the autonomy of the security industry and will deteriorate the competitiveness of the security industry through the unknown feedback loop. The conclusion provides the direction that policy makers understand causal loop diagram related current regulations and open enough to the consideration of the negative regulations.