• The Journal of the Convergence on Culture Technology
• /
• v.6 no.1
• /
• pp.455-461
• /
• 2020

Electronic payment system using Internet banking is a very important application for users of e-commerce environment. With rapidly growing use of fintech applications, the risk and damage caused by malicious hacking or identity theft are getting significant. To prevent the damage, fraud detection system (FDS) calculates the risk of the electronic payment transactions using user profiles including types of goods, device status, user location, and so on. In this paper, we propose a new risk calculation method using relative location of users such as SSID of wireless LAN AP and MAC address. Those relative location information are more difficult to imitate or copy compared with conventional physical location information like nation, GPS coordinates, or IP address. The new method using relative location and cumulative user characteristics will enable stronger risk calculation function to FDS and thus give enhanced security to electronic payment systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1419-1429
• /
• 2017

Recently, environment based authentication technique had proposed reinforced authentication, which generating statistical model per user after user login history classifies into account takeover or legitimate login. But reinforced authentication is likely to be attacked if user was not attacked in past. To improve this problem in this paper, we propose unconsciousness authentication technique that generates 2-Class user model, which trains user's environmental information and others' one using machine learning algorithms. To evaluate performance of proposed technique, we performed evasion attacks: non-knowledge attacker that does not know any information about user, and sophisticated attacker that only knows one information about user. Experimental results against non-knowledge attacker show that precision and recall of Class 0 were measured as 1.0 and 0.998 respectively, and experimental results against sophisticated attacker show that precision and recall of Class 0 were measured as 0.948 and 0.998 respectively.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.11
• /
• pp.2609-2614
• /
• 2015

National research and development projects institutions have implemented various measures in order to prevent R&D expenses abuse and negate enforcement. but it reveals a limit to prevent abuse of R&D expenses[1,2]. In this paper, to prevent abuses resulting from the R & D for the unusual trading post caught collecting information from the R & D phase implementation plan to detect unusual transactions. The results are subjective and research institutions, and specialized agencies to take advantage of shared, real-time cross-linkage between the credit card companies. Studies of data quality diagnostic techniques developed for this purpose related regulations and manuals, Q & A, FAQ, Outside-in business rules that derive from a variety of information, such as personnel interviews (Outside-In) was used for analysis.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.235-255
• /
• 2019

Recent technological advances and industry changes, the game industry is maximizing fun by supporting cross-play that can be enjoyed by different platform users in PC, Mobile and Console games. If the boundaries are lost through the cross play, unexpected security threats can occur due to new services, even if existing security is maintained above a certain level. The existing online game security researches are mostly fraud detection that can occur in PC and mobile environment, but it is also necessary to study the security of the console game as cross play becomes possible. Therefore, this paper systematically identifies the security threats that can occur when enjoying cross play against console game users using STRIDE and LINDDUN threat modeling, derives security requirements using the international common evaluation standard.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.312-318
• /
• 2021

Lack of knowledge and digital skills is a threat to the information security of the state and society, so the formation and development of organizational culture of information security is extremely important to manage this threat. The purpose of the article is to assess the state of information security of the state and society. The research methodology is based on a quantitative statistical analysis of the information security culture according to the EU-27 2019. The theoretical basis of the study is the theory of defense motivation (PMT), which involves predicting the individual negative consequences of certain events and the desire to minimize them, which determines the motive for protection. The results show the passive behavior of EU citizens in ensuring information security, which is confirmed by the low level of participation in trainings for the development of digital skills and mastery of basic or above basic overall digital skills 56% of the EU population with a deviation of 16%. High risks to information security in the context of damage to information assets, including software and databases, have been identified. Passive behavior of the population also involves the use of standard identification procedures when using the Internet (login, password, SMS). At the same time, 69% of EU citizens are aware of methods of tracking Internet activity and access control capabilities (denial of permission to use personal data, access to geographical location, profile or content on social networking sites or shared online storage, site security checks). Phishing and illegal acquisition of personal data are the biggest threats to EU citizens. It have been identified problems related to information security: restrictions on the purchase of products, Internet banking, provision of personal information, communication, etc. The practical value of this research is the possibility of applying the results in the development of programs of education, training and public awareness of security issues.

• Journal of the Korea Convergence Society
• /
• v.12 no.1
• /
• pp.49-55
• /
• 2021

Recently, with the development of database, it is possible to store a lot of data generated in finance, security, and networks. These data are being analyzed through classifiers based on machine learning. The main problem at this time is data imbalance. When we train imbalanced data, it may happen that classification accuracy is degraded due to over-fitting with majority class data. To overcome the problem of data imbalance, oversampling strategy that increases the quantity of data of minority class data is widely used. It requires to tuning process about suitable method and parameters for data distribution. To improve the process, In this study, we propose a strategy to explore and optimize oversampling combinations and ratio based on various methods such as synthetic minority oversampling technique and generative adversarial networks through genetic algorithms. After sampling credit card fraud detection which is a representative case of data imbalance, with the proposed strategy and single oversampling strategies, we compare the performance of trained classifiers with each data. As a result, a strategy that is optimized by exploring for ratio of each method with genetic algorithms was superior to previous strategies.

• Informatization Policy
• /
• v.29 no.4
• /
• pp.43-66
• /
• 2022

With the development of artificial intelligence technology, competition for artificial intelligence technology patents around the world is intensifying. During the period 2000 ~ 2021, artificial intelligence technology patent applications at the US Patent and Trademark Office have been steadily increasing, and the growth rate has been steeper since the 2010s. As a result of analyzing Korea's artificial intelligence technology competitiveness through patent indices, it is evaluated that patent activity, impact, and marketability are superior in areas such as auditory intelligence and visual intelligence. However, compared to other countries, overall Korea's artificial intelligence technology patents are good in terms of activity and marketability, but somewhat inferior in technological impact. While noise canceling and voice recognition have recently decreased as topics for artificial intelligence, growth is expected in areas such as model learning optimization, smart sensors, and autonomous driving. In the case of Korea, efforts are required as there is a slight lack of patent applications in areas such as fraud detection/security and medical vision learning.

• Analytical Science and Technology
• /
• v.20 no.2
• /
• pp.155-163
• /
• 2007

Porosity paper evidence is encountered in case of forgery, kidnapping, fraud and terrorist activity. The present study was designed to evaluate the effect of three chemical reagents (Ninhydrin, 1,8-diazafluoren-9-one (DFO), Iodine fuming) to the quality of developed latent fingerprints on porosity printing papers and newspaper. In case of printing papers, print quality was better with Iodine fuming method than Ninhydrin and DFO treatment to developing latent fingerprints. Developing latent fingerprint on newspapers was achieved with Iodine fuming processing. The processing of Iodine fuming followed by DFO and by using blue light (orange red filter) exhibited better results with Iodine fuming. Enhancement of latent fingerprint detection image using Digital Imaging System was achieved.

• Journal of Service Research and Studies
• /
• v.5 no.2
• /
• pp.111-118
• /
• 2015

Although the development of mobile devices are made us a free life, they were displayed the subject of this financial crime and attacking forces in the other side. Among finance-related crime is become a serious crime that are targeting smartphones by SMS phishing, phishing, pharming, voice phishing etc. In particular, SMS phishing is increased according to phenomenon using the nature of a text message in the mobile. SMS phishing is become new crime due to the burden to the smartphone user. Their crime is also the advanced way from the existing fraud, such as making the malicious apps. Especially it generates loopholes in the law by a method such as using a foreign server. For safe from SMS phishing attacks, proactive pre-diagnosis is even more important rather than post responses. It is necessary to deploy blocking programs for detecting SMS phishing attacks in advance to do this. In this paper we are investigating the process of block types and block apps that are currently deployed and presenting the evaluation of the application of the detection block setting app.

• KIPS Transactions on Software and Data Engineering
• /
• v.12 no.6
• /
• pp.259-266
• /
• 2023

It is very difficult to measure the performance of the machine learning model in the business service stage. Therefore, managing the performance of the model through the operational department is not done effectively. Academically, various studies have been conducted on the concept drift detection method to determine whether the model status is appropriate. The operational department wants to know quantitatively the performance of the operating model, but concept drift can only detect the state of the model in relation to the data, it cannot estimate the quantitative performance of the model. In this study, we propose a performance prediction model (PPM) that quantitatively estimates precision through the statistics of concept drift. The proposed model induces artificial drift in the sampling data extracted from the training data, measures the precision of the sampling data, creates a dataset of drift and precision, and learns it. Then, the difference between the actual precision and the predicted precision is compared through the test data to correct the error of the performance prediction model. The proposed PPM was applied to two models, a loan underwriting model and a credit card fraud detection model that can be used in real business. It was confirmed that the precision was effectively predicted.