• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.187-196
• /
• 2020

In order to manage information security risk, various information security level evaluation and information security management system certification have been conducted on a larger scale than ever. However, there are continuous cases of infringement of information protection for companies with excellent information security evaluation and companies with excellent information security management system certification. The existing information security risk management methodology identifies and analyzes risks by identifying information assets inside the information system. Existing information security risk management methodology lacks a review of where cyber threats come from and whether security devices are properly operated for each route. In order to improve the current risk management plan, it is necessary to look at where cyber threats come from and improve the containment level for each inflow section to absolutely reduce unnecessary cyber threats. In addition, it is essential to measure and improve the appropriate configuration and operational level of security equipment that is currently overlooked in the risk management methodology. It is necessary to block and enter cyber threats as much as possible, and to detect and respond to cyber threats that inevitably pass through open niches and use security devices. Therefore, this paper proposes additional evaluation items for evaluating the containment level against cyber threats in the ISMS-P authentication items and vulnerability analysis and evaluation items for major information and communication infrastructures, and evaluates the level of security equipment configuration for each inflow.

• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.33-40
• /
• 2021

Automatic Speech Recognition(ASR) is a technology that analyzes human speech sound into speech signals and then automatically converts them into character strings that can be understandable by human. Speech recognition technology has evolved from the basic level of recognizing a single word to the advanced level of recognizing sentences consisting of multiple words. In real-time voice conversation, the high recognition rate improves the convenience of natural information delivery and expands the scope of voice-based applications. On the other hand, with the active application of speech recognition technology, concerns about related cyber attacks and threats are also increasing. According to the existing studies, researches on the technology development itself, such as the design of the Automatic Speaker Verification(ASV) technique and improvement of accuracy, are being actively conducted. However, there are not many analysis studies of attacks and threats in depth and variety. In this study, we propose a cyber attack model that bypasses voice authentication by simply manipulating voice frequency and voice speed for AI voice recognition service equipped with automated identification technology and analyze cyber threats by conducting extensive experiments on the automated identification system of commercial smartphones. Through this, we intend to inform the seriousness of the related cyber threats and raise interests in research on effective countermeasures.

• The Korea Journal of Herbology
• /
• v.24 no.4
• /
• pp.115-120
• /
• 2009

Objectives : Due to the morphological similarity and frequent occurrence of intermediate forms as well as morphological variations of aerial part, the correct identification between Rhei Radix et Rhizoma and Rhei Undulatai Rhizoma is very difficult. To develop a reliable method for correct identification and improving the quality standards of Rhei Radix et Rhizoma and Rhei Undulatai Rhizoma, we analyzed RAPD and developed SCAR marker. Methods : To amplify target DNA at the genomic level, 32 Operon 10-mer random primers were applied with four Rheum species, R. officinale, R. palmatum, R. tanguticum and R. undulatum. The nucleotide sequences were determined and species-specific primers were prepared depending on the species-specific RAPD amplicons after subcloned into the pGEM-Teasy vector. To develop the SCAR markers, species-specific PCR amplification and multiplex-PCR were carried out using the single species-specific primer pairs and combinations of them, respectively. Results : We used RAPD analysis of four Rheum plant species to obtain several species-specific RAPD amplicons. From nucleotide sequences of these RAPD amplicons, we developed two SCAR markers that amplified 314 bp and 390 bp DNA fragments in only R. undulatum but not in R. officinale, R. palmatum, R. tanguticum and R. undulatum, for distinguishing Rhei Undulatai Rhizoma and Rhei Radix et Rhizoma. Furthermore, we established SCAR markers for the simultaneous discrimination of the three species within a single reaction by using multiplex-PCR. Conclusions : These genetic markers can be used for the efficient discrimination of plants species and commercial herbal medicines between Rhei Undulatai Rhizoma and Rhei Radix et Rhizoma, to ultimately prevent indiscriminate distribution and prescription of these herbal medicines.

• Journal of the Korea society of information convergence
• /
• v.7 no.1
• /
• pp.25-46
• /
• 2014

After examining the current situations of financial frauds and the reasons for their occurrence in the financial institutions through examples of financial frauds in domestic and abroad, this study presents ways to prevent such financial scams. The preventive measures consist of activities before and after the occurrence of financial frauds and during normal financial operations. The activities are as follows: 1. Preventive activity should be strengthened before the occurrence of financial frauds. That is, first, the enforcement of consistent internal control is needed. Second, in order to block the probability of financial frauds involved with employees, ethics education and a reward program for inside tippers need to be run. Third, financial institutions need to apply for comprehensive insurance policy to minimize the lost in case. 2. Preventive activity should be strengthened during normal financial operations. First, self authentication system for customers needs to be introduced. Second, dealings of day, week, and month need to be thoroughly checked and the system of audit needs to be expanded. Third, message service for the information on financial frauds and their preventive measures needs to be expanded. Fourth, public notification system against examples of financial frauds needs to be expanded. 3. Preventive activity after the occurrence of financial frauds should be strengthened. First, awareness for preventive measures such as imposing penalty on the manager needs to be enhanced. Second, strict restrictions on financial frauders such as a criminal charge needs to be strengthened. Third, there should be legal devices and resolutions in order to retrieve all the money deceived by financial frauds.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.1
• /
• pp.205-214
• /
• 2013

The study of the compatibility of EPUB DRM, granted by the Korea Copyright Commission, as a CT R & D project (Project Title: Development of standard reference software technology for the International Standard EPUB-based eBook DRM) developed standards such as profile standards for encryption, digital signature and authentication certificates and standards for technical terms of rights information. In 2012, these four standards have been established as the Korean Industrial Standards under the names of 'Encryption specification for EPUB DRM', 'the Digital signature specification for EPUB DRM', 'the Certificate specification for EPUB DRM', and 'Definitions of Right Terms for EPUB DRM' through the ODPF(Open Digital Standardization Forum) and the TTA(Telecommunications Technology Association). In spite of the establishment of the eBook DRM standards, however, the absence of the standard technology which supports the compatibility for issues and changes of licenses makes it unable to use eBooks served by different eBook distributors. This study tries to investigate technological approaches to methods of license issues supporting eBook DRM compatibility on the basis of the above-mentioned four EPUB DRM standards and to provide an industrially accepted technological model.

• Journal of Science and Technology Studies
• /
• v.17 no.1
• /
• pp.117-144
• /
• 2017

In Korea, currently, only the growth possibility of bioinformation industry has received the public attention, and social discussion on bioinformation management is meager. Based on this critical perspective, this study investigates the current status of public awareness of the bioinformation which can be a basis for the social discussion for bioinformation management. The most significant characteristics identified in the survey is that many citizens, while expressing their agreement on the use of biometric technology by purpose and taking an open stance on national fingerprint information collection, have considerable concern for the identity authentication system using the current biometric technology. In particular, the survey pointed out that it is hard to trust the institutions that collect the bioinformation. Also, the public expressed the particular concern for the health data including the body information and showed overwhelming consent for the necessity of more stringent regulation compared with other personal information. In regards to the medical information gathered from medical institutions, nearly 80% of the survey respondents did not agree on providing the information to commercial enterprises, and even 60% of them disagreed on using it for academic and statistical research. This result well demonstrates that thorough management of the bioinformation is required for its utilization.

• Journal of KIISE:Software and Applications
• /
• v.35 no.10
• /
• pp.616-626
• /
• 2008

The face shape extracted by the depth values has different appearance as the most important facial feature information and the face images decomposed into frequency subband are signified personal features in detail. In this paper, we develop a method for recognizing the range face images by combining the multiple frequency domains for each depth image and depth fusion using fuzzy integral. For the proposed approach, the first step tries to find the nose tip that has a protrusion shape on the face from the extracted face area. It is used as the reference point to normalize for orientated facial pose and extract multiple areas by the depth threshold values. In the second step, we adopt as features for the authentication problem the wavelet coefficient extracted from some wavelet subband to use feature information. The third step of approach concerns the application of eigenface and Linear Discriminant Analysis (LDA) method to reduce the dimension and classify. In the last step, the aggregation of the individual classifiers using the fuzzy integral is explained for extracted coefficient at each resolution level. In the experimental results, using the depth threshold value 60 (DT60) show the highest recognition rate among the regions, and the depth fusion method achieves 98.6% recognition rate, incase of fuzzy integral.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.743-755
• /
• 2013

In recent years, the malicious apps with malicious code in normal apps are increasingly redistributed in Android market, which may incur various problems such as the leakage of authentication information and transaction information and fraudulent transactions when banking apps to process the financial transactions are exposed to such attacks. Thus the financial authorities established the laws and regulations as an countermeasures against those problems and domestic banks provide the integrity verification functions in their banking apps, yet its reliability has not been verified because the studies of the safety of the corresponding functions have seldom been conducted. Thus this study suggests the vulnerabilities of the integrity verification functions of banking apps by using Android reverse engineering analysis techniques. In case the suggested vulnerabilities are exploited, the integrity verification functions of banking apps are likely to be bypassed, which will facilitate malicious code inserting attacks through repackaging and its risk is very high as proved in a test of this study. Furthermore this study suggests the specific solutions to those vulnerabilities, which will contribute to improving the security level of smartphone financial transaction environment against the application forgery attacks.

• Archives of design research
• /
• v.18 no.1 s.59
• /
• pp.135-144
• /
• 2005

Consumers' awareness of product value, and their product preferences, are becoming increasingly influential in product development, particularly in corporations' efforts in manufacturing products with a competitive edge. Corporations conduct surveys on consumers' product satisfaction and preferences and conduct in-depth studies on consumer needs. They then manufacture products in accordance with the results of these surveys and studies. With the necessity and demand for digital door lock products recently growing, this research sought to explore product competitiveness reinforcement factors that could facilitate market penetration, and to formulate corresponding design strategies. In-depth consumer interviews were also conducted to identify consumer lifestyles and needs. Furthermore, consumer preference images, purchase and use-related patterns, and the status of door lock markets were studied. In the past, to design and manufacture consumer-oriented products, corporations primarily resorted to the improvement of the products' technological features. At present, the users' product preferences and the ways that they use these products are the factors that determine product design. Consumers today tend to adjust their lifestyles according to available products, and prefer products that have greater value in terms of lifestyle and culture. Strategic points for reinforcing competitiveness were presented in this study: first, offering different values that will enhance consumer satisfaction, second, positively developing bio-recognizable methods that will boost consumer preference, third, meeting the consumers' expectations that door lock products should not be mere 'entrance and exit control' systems, but network security systems and fourth, adopting convenient authentication methods backed by advanced technologies.

• Journal of Korean Society of Transportation
• /
• v.25 no.3
• /
• pp.65-74
• /
• 2007

Vehicle inspection is a system to help all vehicles function safely through periodic maintenance. Vehicle inspections have been performed since 1962 in Korea by the government in order to reduce traffic accidents due to vehicle defects. Also, vehicle inspections may help protect citizens against uninsured vehicles and illegal vehicle remodeling by discovering and disclosing those vehicles. The prime objective of vehicle inspection is to guarantee all vehicles drive safely on the road by inspecting and fixing items which can affect traffic accidents. In addition, vehicle inspections may help to improve the public order related to vehicle operations and prevent crime through the confirmation of vehicle identity and authentication of ownership. Although there are many benefits of vehicle inspection. there are some negative opinions of the system. In this study, a methodology to analyze the effectiveness of the vehicle inspection system quantitatively in terms of traffic safety was developed. According to the developed methodology. accidents were reduced by 23.735, which is 11% of the total number of accidents in 2005.