• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.541-547
• /
• 2019

As leakage cases of personal information increase, the concern of personal information protection is also increasing. As a result, most applications encrypt and store sensitive information such as personal information. Especially, in case of instant messengers, it is more difficult to find database where is not encrypted and stored. However, this kind of database encryption acts as anti-forensic from the point of view of digital forensic investigation. In this paper, we analyze database encryption process of MalangMalang Talkcafe application which is one of instant messenger. Based on our analysis, we propose a decryption method and explain the meaningful information collected in the database.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.3
• /
• pp.195-200
• /
• 2012

Smart Phone devices offer convenience for users, but present a new set of security issues due to loss or malicious code. In this paper, a mobile cloud system environment is used with existing smart phones in an attempt to solve the problems in a banking environment. In order to prevent financial damages due to loss or personal information leakage by malicious code, a mobile cloud computing service that provides control and protection of personal information in environment that ensures individual authentication is used. Existing ID / Password with certificate, with the way smart phone dual password authentication scheme using the gyro sensors proposed.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.206-208
• /
• 2022

As the big data industry has recently developed significantly, interest in privacy violations caused by personal information leakage has increased. There have been attempts to automate this through named entity recognition in natural language processing. In this paper, named entity recognition data is constructed semi-automatically by identifying sentences with de-identification information from de-identification information in Korean Wikipedia. This can reduce the cost of learning about information that is not subject to de-identification compared to using general named entity recognition data. In addition, it has the advantage of minimizing additional systems based on rules and statistics to classify de-identification information in the output. The named entity recognition data proposed in this paper is classified into twelve categories. There are included de-identification information, such as medical records and family relationships. In the experiment using the generated dataset, KoELECTRA showed performance of 0.87796 and RoBERTa of 0.88.

• The Journal of Society for e-Business Studies
• /
• v.20 no.2
• /
• pp.27-36
• /
• 2015

Current leakage of industrial technologies with revealing state secret against nation is gradually increasing and scope of the spill is diversified from technology-oriented leakage to new economic security sector like information and communication, electrical and electronic, defense industry, illegal export of strategic material, economic order disturbance by foreign country, infringement of intellectual property, etc. So the spill damage can affect not only leaked company but also national interests and entire domestic industry. According to statistics from National Industrial Security Center of National Intelligence Service, a major cause of technology leakage is not only by external things about hacking and malignant code, but internal leakage of former and current employees account for about 80%. And technology leakage due to temptation of money and personal interests followed by technology leakage of subcontractor is steadily increased. Most studies in the field of security have tended to focus on measuring security capability of company in order to prevent leakage core assets or developing measurement Indicators for management rather than security activities of the company members that is most important. Therefore, this study analyzes the effect of most underlying security education in security activities on security capabilities of enterprise. As a result, it indicates that security education have a positive(+) correlation with security capabilities.

• Proceedings of the KIEE Conference
• /
• 2006.07c
• /
• pp.1465-1466
• /
• 2006

The monitoring and diagnosing technique for lightning arresters is important to assure the reliability of power supply in GIS-substation. In this paper, we described the implementation of an expert system for GIS arrester facilities. The proposed system consists of a data acquisition module (DAM), a wireless communication module, and a personal computer. The DAM detects system voltages, total leakage currents and its harmonic components, and includes an algorithm to calculate the resistive leakage current by the principle that the magnitudes of resistive leakage current are equal at the same level of the system voltage applied to the arrestor. Also, we designed a surge event detection circuit which can acquire the date, the polarity, and the amplitude of surge events. All the acquired data are transmitted after correction by many algorithms to the remote station through the ZigBee protocol. The expert system is based on the Jave Expert System Shell (JESS) and make more reliable decision by using an exclusive inference process.

• Journal of Distribution Science
• /
• v.16 no.5
• /
• pp.61-70
• /
• 2018

Purpose - These days, an individual user, private entity, hears everyday news of hacking and personal information leakage in the era of a most-connected society. This study investigates cyber attack, cyber insurance and distribution channels for insurance goods in South Korea by analyzing various cases of cyber attacks in domestic and overseas case. Research design, data and methodology - This study adopted various study cases instead of the one large case for deep quality analysis, and focused on various cases of domestic and overseas cyber attacks with insurance. Result - As a result of analyzing the cases that were hacked, types of massive losses and damages arising out of internet blackout due to cyber risks are paralyzation of public and private website and portal, electronic administrative system, public infrastructure, and consequently a normal operation of nation is impossible. These losses and damages however can be coverable under cyber insurance. Conclusions - This paper suggests insurance carriers, as suppliers, should provide multiple channels to sell to the customer and should expand the strategy of advertisement and promotion in order for them to change their mind and compare the price and value of the information of individual users and private entity in view of cost savings.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.823-834
• /
• 2020

In the past, when the personal information leakage incident of the three card companies, the computer program development was followed by the same strict electronic financial supervision regulations as the operating environment. However, when developing a computerized program, the application data is being verified with the integrity of the test data being compromised because the identification of the scope of conversion of the test data associated with the application is unclear. Therefore, in this paper, we proved by presenting a process and algorithm for selecting a range of sufficient test data conversion targets associated with a specific application.

• Journal of Information Processing Systems
• /
• v.19 no.6
• /
• pp.767-777
• /
• 2023

In modern society, user privacy is emerging as an important issue as closed-circuit television (CCTV) systems increase rapidly in various public and private spaces. If CCTV cameras monitor sensitive areas or personal spaces, they can infringe on personal privacy. Someone's behavior patterns, sensitive information, residence, etc. can be exposed, and if the image data collected from CCTV is not properly protected, there can be a risk of data leakage by hackers or illegal accessors. This paper presents an innovative approach to "machine learning based reversible chaotic masking method for user privacy protection in CCTV environment." The proposed method was developed to protect an individual's identity within CCTV images while maintaining the usefulness of the data for surveillance and analysis purposes. This method utilizes a two-step process for user privacy. First, machine learning models are trained to accurately detect and locate human subjects within the CCTV frame. This model is designed to identify individuals accurately and robustly by leveraging state-of-the-art object detection techniques. When an individual is detected, reversible chaos masking technology is applied. This masking technique uses chaos maps to create complex patterns to hide individual facial features and identifiable characteristics. Above all, the generated mask can be reversibly applied and removed, allowing authorized users to access the original unmasking image.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.295-301
• /
• 2018

Smartphone can save many data because it provide various function such as call, message, calendar, document, camera, and so on. They include a number of important things like personal information. Thus it is necessary to backup the data to deal with smartphone change and a threat like ransomware. In this paper, we analyze the backup method using PC among several backup methods and check the possibility of leakage of personal information such as contacts from backup file. It is expected to be used to check the problems of the PC backup method or to strengthen the more secure backup technology.

• Journal of the Korea Society of Computer and Information
• /
• v.20 no.8
• /
• pp.35-43
• /
• 2015

Recently, internal information leaks is increasing rapidly by internal employees and authorized outsourcing personnel. In this paper, we propose a method to integrate internal control systems like system access control system and Digital Rights Managements and so on through expansion model of SIEM(Security Information Event Management system). this model performs a analysis step of security event link type and validation process. It develops unit scenarios to react illegal acts for personal information processing system and acts to bypass the internal security system through 5W1H view. It has a feature that derives systematic integration scenarios by integrating unit scenarios. we integrated internal control systems like access control system and Digital Rights Managements and so on through expansion model of Security Information Event Management system to defend leakage of internal information and customer information. We compared existing defense system with the case of the expansion model construction. It shows that expanding SIEM was more effectively.