• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.326-330
• /
• 2012

In 2011, There were about 25,000 people died because of heart disease. The aim of this paper is to design a heart attack situation monitoring and spreading system for patients. Wearable computer with a sensor is used to monitor heart rate. Heart rate is transffered to smartphone with bluetooth. After analyzing heart rate, smartphone spread out the emergency situation by various service including emergency call, SNS and SMS.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.47 no.1
• /
• pp.91-98
• /
• 2010

This paper proposes authority delegation for secure social community creation and mutual authentication scheme between the community members using proxy signature in community-based ubiquitous networks. In community-based ubiquitous network, User's context-awareness information is collected and used to provide context-awareness network service and application service for someone who need it. For the many reason, i.e. study, game, information sharing, business and conference, social community could be created by members of a social group. However, in community-based ubiquitous network, this kind of the context-awareness information could be abused and created by a malicious nodes for attack the community. Also, forgery community could be built up to attack the community members. The proposed scheme using the proxy signature provides a mutual authentication and secure secret key exchange between community members, and supports secure authority delegation that can creates social community. Also, when delegation of signing authority and mutual authentication, this scheme reduces total computation time compared to the RSA signature scheme.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.12
• /
• pp.2753-2762
• /
• 2013

Recently the paradigm of cyber attacks is changing due to the information security technology improvement. The cyber attack that uses the social engineering and targets the end users has been increasing as the organization's systems and networks security controls have been tightened. The 91% of APT(Advanced Persistent Threat) which targets an enterprise or a government agency to get the important data and disable the critical service starts with the spear phishing email. In this paper, we analysed the security threats and characteristics of the spear phishing in detail and explained why the technical solutions are not enough to prevent spear phishing attacks. Therefore, we proposed the administrative prevention methods for the spear phishing attack.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.6
• /
• pp.2881-2894
• /
• 2018

Cyber attacks are increasing continuously. On average about one million malicious codes appear every day, and attacks are expanding gradually to IT convergence services (e.g. vehicles and television) and social infrastructure (nuclear energy, power, water, etc.), as well as cyberspace. Analysis of large-scale cyber incidents has revealed that most attacks are started by PCs infected with malicious code. This paper proposes a method of detecting an attack IP automatically by analyzing the characteristics of the e-mail transfer path, which cannot be manipulated by the attacker. In particular, we developed a system based on the proposed model, and operated it for more than four months, and then detected 1,750,000 attack IPs by analyzing 22,570,000 spam e-mails in a commercial environment. A detected attack IP can be used to remove spam e-mails by linking it with the cyber removal system, or to block spam e-mails by linking it with the RBL(Real-time Blocking List) system. In addition, the developed system is expected to play a positive role in preventing cyber attacks, as it can detect a large number of attack IPs when linked with the portal site.

• The Journal of the Korea Contents Association
• /
• v.19 no.12
• /
• pp.313-320
• /
• 2019

One of the causes of many damage cases that occur today by hacking attack is social engineering attack. The attacker is usually a malicious traitor or an ignorant insider. As a solution, we are strengthening security training for all employees in the organization. Nevertheless, there are frequent situations in which computers are shared. In this case, the person in charge of the computer has difficulty in tracking and responding when a specific representative accessed and what a specific representative did. In this paper, we propose the method that the person in charge of the computer tracks in real time through the smartphone when a representative access the computer, when a representative access offline using hacked or shared authentication. Also, we propose a method to prevent the leakage of important information by encrypting and backing up important files of the PC through the smartphone in case of abnormal access.

• The Journal of the Korea Contents Association
• /
• v.22 no.9
• /
• pp.104-112
• /
• 2022

The pandemic caused by the COVID-19 virus, which has lasted for the past three years, has changed society and the way people live in many ways. These changes also affect cyberspace, so the pre-pandemic information security model and standards have limitations when applied to the current situation. In this paper, a new method to improve the information security model of public institutions was proposed in consideration of various situations in the new normal era. In other words, through the proposed information security model, the possibility of external intrusion is blocked in advance through the policy and technical supplementation of remote work, which is a weakness of the existing information security operation of public institutions. Also, how to prevent abnormal authentication attempts by building a secure VPN environment, how to prevent social engineering cyber attacks targeting fear and uncertainty caused by COVID-19, and how to use a smooth network and create a remote work environment. For this purpose, methods for securing service availability were additionally presented.

• Journal of Digital Convergence
• /
• v.11 no.5
• /
• pp.41-51
• /
• 2013

A lots of social data are distributed, utilized and opened through the social media. They have characterized effectiveness and pleasure of information to the media by social data but it is ignored about excessive exposure of information and damage from collective reply of personal attack type. In this paper, we study about analysis of opinion social data on the SNS (Social Network Service) by analyzing of collective damage reply. It is analysed by diverse measurement method for distribution and disuse of the amount of Buzz data that is analysed data from structured social network.

• Journal of Communications and Networks
• /
• v.17 no.2
• /
• pp.145-156
• /
• 2015

In recent years, electronic commerce and online social networks (OSNs) have experienced fast growth, and as a result, recommendation systems (RSs) have become extremely common. Accuracy and robustness are important performance indexes that characterize customized information or suggestions provided by RSs. However, nefarious users may be present, and they can distort information within the RSs by creating fake identities (Sybils). Although prior research has attempted to mitigate the negative impact of Sybils, the presence of these fake identities remains an unsolved problem. In this paper, we introduce a new weighted link analysis and influence level for RSs resistant to Sybil attacks. Our approach is validated through simulations of a broad range of attacks, and it is found to outperform other state-of-the-art recommendation methods in terms of both accuracy and robustness.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.394-397
• /
• 2014

Most of Koreans have smartphone. By using smartphone, they have done internet-banking, e-commerce and private scheduling. However, convenience of smart phone has been made side effect such as tool of fraud and crime. Especially, Smishing on smartphone has been increased rapidly since 2013. Smishing have utilized social-engineering technique with social issue such as Korean near-sea cruse ship, 'Sewol-Ho', Sinking and traditional thanks-giving holiday, 'Chu-Seok', etc. This paper proposed the oncoming trend of smishing on smartphone after 2014. This paper also analyzed the process and technique of smishing on internal financial fraud. It also covered smartphone forensic for using legal evidence. By discovering the connectivity of smishing and financial fraud, this paper could be reference for social security on smartphone.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.287-294
• /
• 2016

APT attack aimed at the interruption of information and communication facilities and important information leakage of companies. it performs an attack using zero-day vulnerabilities, social engineering base on collected information, such as IT infra, business environment, information of employee, for a long period of time. Fragmentary response to cyber threats such as malware signature detection methods can not respond to sophisticated cyber-attacks, such as APT attacks. In this paper, we propose a cyber intrusion detection model for countermeasure of APT attack by utilizing heterogeneous system log into big-data. And it also utilizes that merging pattern-based detection methods and abnormality detection method.