• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.133-146
• /
• 2015

Ever sophisticated e-finance fraud techniques have led to an increasing number of reported phishing incidents. Financial authorities, in response, have recommended that we enhance existing Fraud Detection Systems (FDS) of banks and other financial institutions. FDSs are systems designed to prevent e-finance accidents through real-time access and validity checks on client transactions. The effectiveness of an FDS depends largely on how fast it can analyze and detect abnormalities in large amounts of customer transaction data. In this study we detect fraudulent transaction patterns and establish detection rules through e-finance accident data analyses. Abnormalities are flagged by comparing individual client transaction patterns with client profiles, using the ruleset. We propose an effective flagging method that uses decision trees to normalize detection rules. In demonstration, we extracted customer usage patterns, customer profile informations and detection rules from the e-finance accident data of an actual domestic(Korean) bank. We then compared the results of our decision tree-normalized detection rules with the results of a sequential detection and confirmed the efficiency of our methods.

• Information Systems Review
• /
• v.17 no.1
• /
• pp.141-169
• /
• 2015

Electronic financial accidents are constantly happening and these accidents are taking place by a combination of several causes such as technique, human, and structure. Among electronic financial accidents, personal information disclosure is most frequently happening and becomes big problems, because secondary damage like voice phishing causes great loss to society. This research model is that financial information security compliance affects the crisis response of financial institutions and financial authorities and these crisis responses affect financial information security trust. Research target is people who experienced the disclosure of their own financial information. For empirical verification, survey questionnaires were distributed and total 103 questionnaires were collected and analyzed. As results of data analysis, all hypotheses were accepted. First, financial information security compliance influenced the crisis response of financial institutions and authorities. Second, the crisis response of financial institutions and authorities affect financial information security trust. Third, at the moderating effect analysis, the importance of personal financial information moderated the effect of the crisis response of financial institutions on financial information security trust. And the disclosure level of personal financial information moderated the effect of the crisis response of financial authorities on financial information security trust.

• Journal of Internet Computing and Services
• /
• v.16 no.1
• /
• pp.21-28
• /
• 2015

Currently there are wide variety of web services and applications available for users. Such services restrict access to only authorized users, and therefore its users often need to go through the inconvenience of getting an authentication from each service every time. To resolve of such inconvenience, a third party application with OAuth(Open Authorization) protocol that can provide restricted access to different web services has appeared. OAuth protocol provides applicable and flexible services to its users, but is exposed to reply attack, phishing attack, impersonation attack. Therefore we propose method that after authentication Access Token can be issued by using the E-mail authentication. In proposed method, regular user authentication success rate is high when value is 5 minutes. However, in the case of the attacker, the probability which can be gotten certificated is not more than the user contrast 0.3% within 5 minutes.

• Journal of Digital Convergence
• /
• v.15 no.4
• /
• pp.285-293
• /
• 2017

They are rapidly evolving malicious attacks on smart devices, and to timely protect the smart devices from these attacks has become a very important issue. In particular, smishing attack has emerged as one of the most important threats on the smartphone. In this paper, we propose the cloud service that can fundamentally protect the user from the risk of smishing attack. The proposed scheme provides cloud messaging service that can filter text messages including URLs in the user's smart device, view and manage them through a virtual machine provided by a cloud server. The existing techniques for preventing smshing attacks protect only malicious code of a known pattern and there is the possibility of error such as FP(False Positive) or FN(False Negative). However, since the proposed method automatically filters all text messages including URLs, storing, viewing, and managing them in their own storage space on the cloud server, it can completely block the installation of malwares(malicious codes) on the user's smart device through smishing attacks.

• The Journal of the Convergence on Culture Technology
• /
• v.4 no.1
• /
• pp.193-200
• /
• 2018

This study is an experiential case study of cybercrime fraud that combines pharming and voice phishing in April 2017. Research on victims who have actually suffered in the study of crime or disaster is a very useful field in establishing crime prevention measures. This study is significant in that Korea is relatively poor in this kind of research. I got cyber fraud as a consequence of my loss of reasonable judgment due to mental confusion when a companion dog who was raised for 8 years was in a very dangerous situation with cystitis. Fortunately, I received all the damages in a quick report, but the period was eight months. It took too much time to get back all the damages, so I had to suffer another pain. Based on my experience, I suggest damage prevention measures. First, when a certain condition and a certain amount are transferred, the transaction is automatically stopped or a more strict confirmation procedure is added. Secondly, trafficking means to arrest the perpetrator without any harm to the victim is sought. Third, the victims of crime should be promptly reimbursed for damages or a system for lending their living funds to zero or lower interest rate.

• The Journal of the Korea Contents Association
• /
• v.22 no.7
• /
• pp.63-72
• /
• 2022

With the advent of cryptocurrencies such as Bitcoin in 2009, the paradigm of money, a means of payment, has been changing significantly. And it has a great impact on our daily lives. Thus central banks have attempted various analyzes on the issuance and impact of digital currencies including electronic payments but a study on which issuance method is suitable is insufficient. In this study, the issuance of digital currency was analyzed compared to the electronic payments which are currently used. As a result, the account-based model did not show any significant differences from the current RTGS(real-time gross settlement systems) and retail payment systems. But the token-based model is expected that it can improve the efficiency of finance and induce technological innovation in the financial field. However, it was analyzed that this model would weaken the intermediary function of financial institutions such as loans due to the characteristics of digital signature technology. In addition, in order to protect consumers against security attacks such as hacking and phishing of CBDCs, legal and institutional supports similar to the current electronic payment method are required, and continuous technology development efforts are also required for the CBDC issuance model to maintain convenience and anonymity equivalent to cash.

• Journal of Convergence for Information Technology
• /
• v.11 no.5
• /
• pp.30-37
• /
• 2021

Various devices are connected to the Internet, and attacks using the Internet are occurring. Among such attacks, there are attacks that use malicious URLs to make users access to wrong phishing sites or distribute malicious viruses. Therefore, how to detect such malicious URL attacks is one of the important security issues. Among recent deep learning technologies, neural networks are showing good performance in image recognition, speech recognition, and pattern recognition. This neural network can be applied to research that analyzes and detects patterns of malicious URL characteristics. In this paper, performance analysis according to various parameters was performed on a method of detecting malicious URLs using neural networks. In this paper, malicious URL detection performance was analyzed while changing the activation function, learning rate, and neural network structure. The experimental data was crawled by Alexa top 1 million and Whois to build the data, and the machine learning library used TensorFlow. As a result of the experiment, when the number of layers is 4, the learning rate is 0.005, and the number of nodes in each layer is 100, the accuracy of 97.8% and the f1 score of 92.94% are obtained.

• Convergence Security Journal
• /
• v.23 no.2
• /
• pp.27-36
• /
• 2023

In recent years, ransomware attacks have become more organized and specialized, with the sophistication of attacks targeting specific individuals or organizations using tactics such as social engineering, spear phishing, and even machine learning, some operating as business models. In order to effectively respond to this, various researches and solutions are being developed and operated to detect and prevent attacks before they cause serious damage. In particular, honeypots can be used to minimize the risk of attack on IT systems and networks, as well as act as an early warning and advanced security monitoring tool, but in cases where ransomware does not have priority access to the decoy file, or bypasses it completely. has a disadvantage that effective ransomware response is limited. In this paper, this honeypot is optimized for the user environment to create a reliable real-time dynamic honeypot file, minimizing the possibility of an attacker bypassing the honeypot, and increasing the detection rate by preventing the attacker from recognizing that it is a honeypot file. To this end, four models, including a basic data collection model for dynamic honeypot generation, were designed (basic data collection model / user-defined model / sample statistical model / experience accumulation model), and their validity was verified.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.3
• /
• pp.439-449
• /
• 2024

Recent rapid advancements in voice generation technology have enabled the natural synthesis of voices using text alone. However, this progress has led to an increase in malicious activities, such as voice phishing (voishing), where generated voices are exploited for criminal purposes. Numerous models have been developed to detect the presence of synthesized voices, typically by extracting features from the voice and using these features to determine the likelihood of voice generation.This paper proposes a new model for extracting voice features to address misuse cases arising from generated voices. It utilizes a deep learning-based audio codec model and the pre-trained natural language processing model BERT to extract novel voice features. To assess the suitability of the proposed voice feature extraction model for voice detection, four generated voice detection models were created using the extracted features, and performance evaluations were conducted. For performance comparison, three voice detection models based on Deepfeature proposed in previous studies were evaluated against other models in terms of accuracy and EER. The model proposed in this paper achieved an accuracy of 88.08%and a low EER of 11.79%, outperforming the existing models. These results confirm that the voice feature extraction method introduced in this paper can be an effective tool for distinguishing between generated and real voices.

• Information Systems Review
• /
• v.20 no.1
• /
• pp.61-80
• /
• 2018

Individuals often receive smishing campaigns (mobile phishing messages), which they treat as spam. Thus, firms should understand how their customers distinguish their promotion messages from smishing. However, only a few studies examined this important issue. The present study employs the elaboration likelihood model to develop research hypotheses on the relationship between message cue and message credibility. The message cue in this study is classified as content cue, which is found in the content of promotion messages, and as leakage cue, which is found in peripheral information in the message. Leakage cue includes orthography (inclusion of special characters)and an abbreviated link sent by a faithless sender. We also propose that contextualization has a moderating effect on the relationship between content cue and credibility. We conducted a survey experiment to examine the effect of message cues on message credibility in the context of respondents receiving discount coupons through mobile messages. The result of data analysis based on 166 responses suggests that leakage cue had a negative effect on message credibility. A message with defective content cue has a marginally negative effect on message credibility. In particular, defective content cue in a high-contextual message has a strong negative impact on message credibility. This effect was not observed in low-contextual messages. Moreover, message credibility is significantly low regardless of the degree of contextualization if there is a leakage cue in the message. Our findings suggest that mobile promotion messages should be customized for message receivers and should have no leakage cues.