• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.93-100
• /
• 2021

Damage caused by intelligent cyber attacks not only disrupts system operations and leaks information, but also entails massive economic damage. Recently, cyber attacks have a distinct goal and use advanced attack tools and techniques to accurately infiltrate the target. In order to minimize the damage caused by such an intelligent cyber attack, it is necessary to block the cyber attack at the beginning or during the attack to prevent it from invading the target's core system. Recently, technologies for predicting cyber attack paths and analyzing risk level of cyber attack using big data or artificial intelligence technologies are being studied. In this paper, a cyber attack path analysis method using attack tree and RFI is proposed as a basic algorithm for the development of an automated cyber attack path prediction system. The attack path is visualized using the attack tree, and the priority of the path that can move to the next step is determined using the RFI technique in each attack step. Based on the proposed mechanism, it can contribute to the development of an automated cyber attack path prediction system using big data and deep learning technology.

• Korean Journal of Artificial Intelligence
• /
• v.11 no.1
• /
• pp.9-15
• /
• 2023

As mobile devices such as smartphones, tablets, and kiosks become increasingly prevalent, there is growing interest in developing alternative input systems in addition to traditional tools such as keyboards and mouses. Many people use their own bodies as a pointer to enter simple information on a mobile device. However, methods using the body have limitations due to psychological factors that make the contact method unstable, especially during a pandemic, and the risk of shoulder surfing attacks. To overcome these limitations, we propose a simple information input system that utilizes gaze-tracking technology to input passwords and control web surfing using only non-contact gaze. Our proposed system is designed to recognize information input when the user stares at a specific location on the screen in real-time, using intelligent gaze-tracking technology. We present an analysis of the relationship between the gaze input box, gaze time, and average input time, and report experimental results on the effects of varying the size of the gaze input box and gaze time required to achieve 100% accuracy in inputting information. Through this paper, we demonstrate the effectiveness of our system in mitigating the challenges of contact-based input methods, and providing a non-contact alternative that is both secure and convenient.

• Management & Information Systems Review
• /
• v.14
• /
• pp.151-180
• /
• 2004

Owing to the digital revolution, Internet Commerce and Electronic commerce, revolutionize the way of doing business and making payment. The entrance of the Internet has a prominent for spread of Electronic Commerce and those phenomenons will result in paperless trading and cashless trade. By virtue of Internet, an increasing share of business transactions occurs online. Electronic payment is essential for the smooth progress of the electronic commerce as electronic payment plays the important role in the electronic commerce, that is, the value transfer restyling from the electronic commerce. Traditionally international settlement systems such as letters of credits, remittance and documentary collections operated as important and poplar method of payment, Now, information technology has made it possible to pay for the sale of goods and services over the internet. In international trade, there are service providers (bolero, TradeCard, BeXcom) to settle payment electronically through the Internet. The purpose of this study is to Conduct comparative analysis with approach manner functional respect systematic respect, role. It is shown which the Electronic payment system is better. In this study, the author attempts to find the problems is (bolero, TradeCard, BeXcom) and solutions in switching from the documentary payment system to the electronic one. This conclusion of this study can be summarized as followings. In resoect of the law, bolero should seek to prevert the users from being treated unfairly due to multilateral agreement on Rulebook. TradeCard, BeXcom do not have the proper law that users are governed. so far as the practice problems concerned, stability of computer's operation and security of message interchange should be warranted and improved continuously. Through the standardization of the electronic document and the development of software, the examination of the shipping occuments must be done automatically. Bolero should induce more banks to take part in Bolero, and make the carrier the cost and time in managing the traditional document which will be used for the time being. In respect of information technology and security, to deduce the risk in the electronic settlement system and positively uses the global authentication guideline(Identrus).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.405-416
• /
• 2022

Current AI technology is improving the quality of life by using machine learning based on data. When using machine learning, transmitting distributed data and collecting it in one place goes through a de-identification process because there is a risk of privacy infringement. De-identification data causes information damage and omission, which degrades the performance of the machine learning process and complicates the preprocessing process. Accordingly, Google announced joint learning in 2016, a method of de-identifying data and learning without the process of collecting data into one server. This paper analyzed the effectiveness by comparing the difference between the learning performance of data that went through the de-identification process of K anonymity and differential privacy reproduction data using actual financial data. As a result of the experiment, the accuracy of original data learning was 79% for k=2, 76% for k=5, 52% for k=7, 50% for 𝜖=1, and 82% for 𝜖=0.1, and 86% for Federated learning.

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.133-140
• /
• 2024

The spread of Direct-to-Consumer (DTC) genetic testing, where users request tests directly, has been increasing. With growing demand, certification systems have been implemented to grant testing qualifications to non-medical institutions, and the scope of tests has been expanded. However, unlike cases in less regulated foreign countries, disease-related tests are still excluded from the domestic regulations. The existing de-identification method does not adequately ensure the uniqueness and familial sharing of genomic information, limiting its practical utility. Therefore, this study proposes the application of fully homomorphic encryption in the analysis process to guarantee the usefulness of genomic information while minimizing the risk of leakage. Additionally, to safeguard the individual's right to self-determination, a privacy preservation model based on Opt-out is suggested. This aims to balance genomic information protection with maintainability of usability, ensuring the availability of information in line with the user's preferences.

• International Journal of Computer Science & Network Security
• /
• v.23 no.12
• /
• pp.101-106
• /
• 2023

Chronic illnesses are among the most common serious problems affecting human health. Early diagnosis of chronic diseases can assist to avoid or mitigate their consequences, potentially decreasing mortality rates. Using machine learning algorithms to identify risk factors is an exciting strategy. The issue with existing feature selection approaches is that each method provides a distinct set of properties that affect model correctness, and present methods cannot perform well on huge multidimensional datasets. We would like to introduce a novel model that contains a feature selection approach that selects optimal characteristics from big multidimensional data sets to provide reliable predictions of chronic illnesses without sacrificing data uniqueness.[1] To ensure the success of our proposed model, we employed balanced classes by employing hybrid balanced class sampling methods on the original dataset, as well as methods for data pre-processing and data transformation, to provide credible data for the training model. We ran and assessed our model on datasets with binary and multivalued classifications. We have used multiple datasets (Parkinson, arrythmia, breast cancer, kidney, diabetes). Suitable features are selected by using the Hybrid feature model consists of Lassocv, decision tree, random forest, gradient boosting,Adaboost, stochastic gradient descent and done voting of attributes which are common output from these methods.Accuracy of original dataset before applying framework is recorded and evaluated against reduced data set of attributes accuracy. The results are shown separately to provide comparisons. Based on the result analysis, we can conclude that our proposed model produced the highest accuracy on multi valued class datasets than on binary class attributes.[1]

• Journal of Information Technology Services
• /
• v.15 no.4
• /
• pp.125-151
• /
• 2016

In recent years, O2O (Online to Offline) services get a lot of attention to improve the trust in online shopping and minimize the inconvenience and the cost burden in offline shopping as the number of consumers, who do not show concern about the purchase platform like online or offline, increases. Even though the services have been getting the spotlight as a strong business platform for next generation commerce, there have been only a few studies on the O2O services. The purpose of this research is to investigate the factors which affect the consumer's intention to use location-based O2O services. The study is based on VAM (Value-based Adoption Model) which is able to analyze those factors from the aspects of benefit and sacrifice. We used the partial least squares (PLS) method for empirical analysis, and the result shows that contextual offers, instant connectivity, webrooming and economic efficiency, which fall under the benefit, affect perceived value positively while annoyance and face consciousness, which fall under the sacrifice, do not affect perceived value significantly. In addition, contextual offers and instant connectivity affect trust positively. Location accuracy, which falls under the benefit of location-based O2O service, do not significantly affect perceived value and trust while security risk affects trust and use intention negatively. It appears that trust affects perceived value and use intention positively.

• Journal of Korean Society for Quality Management
• /
• v.51 no.4
• /
• pp.607-618
• /
• 2023

Purpose: In this study, we proposed a plan to establish and implement a safety and health management system by utilizing corporate resources so that manufacturing companies can effectively respond to the Serious Accident Punishment Act. Methods: We identified critical factors and response strategies necessary for manufacturing companies to respond to the Severe Accident Punishment Act effectively and surveyed employees working at the company regarding their importance and performance. Results: In this study, we presented a method of strategically constructing the response strategies (20) shown in previous studies by matching them with the company's resources (leadership, organization, budget, education, and awareness). In particular, leadership refers to the ability of managers who can prevent serious accidents by carrying out safety and health security obligations to avoid safety and health hazards or risks to employees in the business or workplace that is controlled, operated, and managed. Conclusion: Based on the manager's firm leadership, the system's purpose and direction must be accurately set and sufficiently communicated to members. In addition, for companies to identify and improve risk factors on their own, a Process approach must be established to improve execution by referring to legal standards together with field managers and supervisors.

• Journal of Digital Convergence
• /
• v.10 no.9
• /
• pp.59-72
• /
• 2012

The police, as an advance guard for performing governmental functions, should conduct their duties to protect lives, physical bodies, and properties in the nation against various kinds of crimes, prevent from a public risk by detecting a factor that can menace public safeguard and public order and suppress it when a risk factor occurs. Practically it is impossible to protect lives, physical bodies, and properties in the nationprovided that social stability is not taken as security. The roles of the criminal investigation police that take a countermeasure to prevent a risk in prior by detecting hindrance factor of social stability and process any occurred crime in conformity with pertinent laws could control a successful performance in each of the police activities themselves. The study assumes that the organizational capabilities of the criminal investigation police exercises a significant influence upon organizational concentration. In spite of the fact that it is natural that the organizational capabilities of the criminal investigation police exercises a significant influence upon organizational concentration, until now it is very deficient in studies of this field. It is a viewpoint that an organizational concentration would be improved when a capability of the organizational staff will be improved, they would have a targeting capability for sharing organizational goals and vision and a systematic capability would be supported by the dimension of the criminal investigation police. The study was aimed to deduce a developmental method for the criminal investigation police by conducting an analysis on the impact of the organizational capabilities of the criminal investigation police upon organizational concentration that it suggest method that the criminal investigation police will make a contribution for maintaining a social order.

• Journal of Technology Innovation
• /
• v.30 no.1
• /
• pp.1-20
• /
• 2022

Digital transformation refers to the economic and social effects of digitisation and digitalisation. Although digital transformation acts as a useful tool for economic/social development and enhancing the convenience of life, it can have negative effects (misuse of personal information, ethical problems, deepening social gaps, etc.). The government is actively establishing policies to promote digital transformation to secure competitiveness and technological hegemony, however, understanding of digital transformation-related risk issues and implementing policies to prevent them are relatively slow. Thus, this study systematically identifies risk issues of the future society that can be caused by digital transformation based on quantitative analysis of media articles big data through the Embedded Topic Modeling method. Specifically, first, detailed issues of negative effects of digital transformation in major countries were identified. Then detailed issues of negative effects of artificial intelligence in major countries and Korea were identified. Further, by synthesizing the results, future direction of the government's digital transformation policies for responding the negative effects was proposed. The policy implications are as follows. First, since the negative effects of digital transformation does not only affect technological fields but also affect the overall society, such as national security, social issues, and fairness issues. Therefore, the government should not only promote the positive functions of digital transformation, but also prepare policies to counter the negative functions of digital transformation. Second, the detailed issues of future social risks of digital transformation appear differently depending on contexts, so the government should establish a policy to respond to the negative effects of digital transformation in consideration of the national and social context. Third, the government should set a major direction for responding negative effects of digital transformation to minimize confusion among stakeholders, and prepare effective policy measures.