• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.91-104
• /
• 2003

A masquerader is someone who pretends to be another user while invading the target user's accounts, directories, or files. The masquerade attack is the most serious computer misuse. Because, in most cases, after securing the other's password, the masquerader enters the computer system. The system such as IDS could not detect or response to the masquerader. The masquerade detection is the effort to find the masquerader automatically. This system will detect the activities of a masquerader by determining that user's activities violate a profile developed for that user with his audit data. From 1988, there are many efforts on this topic, but the success of the offers was limited and the performance was unsatisfactory. In this report we propose efficient masquerade detection system using SVM which create the user profile.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.3-11
• /
• 2009

Forward secrecy in an e-mail system means that the compromising of the long-term secret keys of the mail users and mail servers does not affect the confidentiality of the previous e-mail messages. Previous forward-secure e-mail protocols used the certified public keys of the users and thus needed PKI(Public Key Infrastructure). In this paper, we propose a password-based authenticated e-mail protocol providing forward secrecy. The proposed protocol does not require certified public keys and is sufficiently efficient to be executed on resource-restricted mobile devices.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.283-293
• /
• 2012

A new type of malware that extracts personal and account data over an extended period of time and that apparently is resistant to detection by vaccines has been identified. Generally, a malware is installed on a computer through network-to-network connections by utilizing Web vulnerabilities that contain injection, XSS, broken authentication and session management, or insecure direct-object references, among others. After the malware executes registration of an arbitrary service and an arbitrary process on a computer, it then periodically communicates the collected confidential information to a hacker. This paper is a systematic approach to analyzing a new type of malware called "winweng," a kind of worm that frequently made appearances during the first half of 2011. The research describes how the malware came to be in circulation, how it infects computers, how its operations expose its existence and suggests improvements in responses and countermeasures. Keywords: Malware, Worm, Winweng, SNORT.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.105-112
• /
• 2009

Nowadays, completely automated public turing tests to tell computers and humans apart(CAPTCHAs) are widely used to prevent various attacks by automated software agents such as creating accounts, advertising, sending spam mails, and so on. In early CAPTCHAs, the characters were simply distorted, so that users could easily recognize the characters. From that reason, using various techniques such as image processing, artificial intelligence, etc., one could easily break many CAPTCHAs, either. As an alternative, By adding noise to CAPTCHAs and distorting the characters in CAPTCHAs, it made the attacks to CAPTCHA more difficult. Naturally, it also made users more difficult to read the characters in CAPTCHAs. To improve the readability of CAPTCHAs, some CAPTCHAs used different colors for the characters. However, the usage of the different colors gives advantages to the adversary who wants to break CAPTCHAs. In this paper, we suggest a method of increasing the recognition ratio of CAPTCHAs based on colors.

• Journal of Internet of Things and Convergence
• /
• v.8 no.5
• /
• pp.55-61
• /
• 2022

Today's payment systems are becoming unmanned and changing to a way of paying with kiosks. This has the advantage of convenient payment because consumers can select a menu and specify the number of products to be purchased with just a touch of the screen. However, from the point of view of system security, the actual kiosk system has various vulnerabilities. This can hijack the administrator account, gain system privileges, and perform malicious actions. In addition, it is exposed to a number of security threats, such as the possibility of wasting unnecessary resources by abnormally increasing the number of payments, and causing the device to fail to operate normally. Therefore, in this paper, if any node of a participant in the solana blockchain approves an incorrect fork, the stake of the voting nodes is deleted. Also, since all participants can see the transaction history due to the nature of the block chain, I intend to write a thesis on a system that improves the vulnerability of kiosk payments by separating the access rights through the private blockchain.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.8
• /
• pp.39-48
• /
• 2023

This study was conducted to provide a solution to the problem of sizing errors occurring in online purchases due to discrepancies and non-standardization in clothing sizes. This paper discusses an implementation approach for a machine learning-based recommender system capable of providing personalized sizes to online consumers. We trained multiple validated collaborative filtering algorithms including Non-Negative Matrix Factorization (NMF), Singular Value Decomposition (SVD), k-Nearest Neighbors (KNN), and Co-Clustering using purchasing data derived from online commerce and compared their performance. As a result of the study, we were able to confirm that the NMF algorithm showed superior performance compared to other algorithms. Despite the characteristic of purchase data that includes multiple buyers using the same account, the proposed model demonstrated sufficient accuracy. The findings of this study are expected to contribute to reducing the return rate due to sizing errors and improving the customer experience on e-commerce platforms.

• Journal of Korean society of Dental Hygiene
• /
• v.23 no.4
• /
• pp.269-276
• /
• 2023

Objectives: This study aimed to analyze the official Instagram accounts of dental hygiene departments, focusing on the relationship between the number of posts and the number of followers. Additionally, the study sought to determine the status of these Instagram accounts through classifying posts by type. Methods: A total of 49 official Instagram accounts from Korean dental hygiene departments were selected as subjects. Correlation and regression analyses were conducted using SPSS ver. 26.0 Statistics software to determine the correlation between the total number of posts and the number of followers. Results: The results indicated a statistically significant difference in follower numbers between 3 year colleges (Mean: 284.11) and 4 year universities (Mean: 167.86), based on university classification (p=0.035). Correlation analysis demonstrated that the number of posts had a significant effect on the number of followers (r=0.338, p=0.017). Conclusions: The findings showed that the differences in Instagram follower numbers and the number of posts among different university classifications significantly influenced the number of followers.

• Economic Analysis
• /
• v.26 no.4
• /
• pp.65-97
• /
• 2020

The purpose of this paper is to analyze the effects of exports on Korea's employment and to decompose driving factors of change in Korea's employment embodied in exports (EEX). This study uses a multi-regional input-output (MRIO) and structural decomposition analysis (SDA) for empirical analysis, and uses a dataset of World Input-Output Tables (WIOTs) and Socio-Economic Accounts (SEAs) from the World Input-Output Database (WIOD). The main findings of the empirical results are summarized as follows. First, Korea's EEX continues to increase and Korea's share of EEX compared to total employment shows an upward trend. However, Korea's employment inducement coefficient of value-added exports showed a downward trend during the 2000-2014 period. Second, final demand from three countries (China, the United States, and the Rest of the World (RoW)) has affected a significant portion of Korea's EEX. Finally, from the results of the SDA, the effect of changes in final demand was the most important driving factor for the increase in Korea's EEX. Based on the results of this empirical analysis, this study discusses useful policy implications that could increase domestic employment in Korea.

• Journal of the Korean Society for information Management
• /
• v.40 no.1
• /
• pp.149-173
• /
• 2023

This study examines email records management patterns of undergraduate students and their perceptions of university email policy. The research collected data from 317 undergraduate students using a survey based on the five essential elements of email records management: common elements, email creation, email management, email preservation, and perception. Also, an in-depth interview was conducted with 6 undergraduate students, according to the method of university email service: Google, Microsoft, and in-house webmail. As a result, undergraduate students used email as an address book, cloud storage, file storage, and collaboration tool, and they had difficulties in systematically managing the email records according to the records lifecycle. Also, there was a tendency to prefer using an external email platform that can use additional functions to in-house webmail that has limitations in mobile service and preservation of attachments. Thus, this study suggests ways to help undergraduate students manage their email records, including maintaining graduates' email accounts, providing sufficient email storage, and providing email records management training and guidelines for undergraduate students.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2021.06a
• /
• pp.480-480
• /
• 2021

본 연구에서는 도시재생지역의 재난재해 위험성 및 회복성 분석과 현황 분석을 위한 기초 데이터의 관리와 활용성 증대를 목적으로 데이터를 등록하고 다운로드 할 수 있는 공유 플랫폼을 개발하고자 하였다. 도시재생 데이터 플랫폼은 재난재해, 지역현황, 문서 항목으로 구분하여 도시재생 정보를 서비스한다. 재난재해 항목은 폭우, 폭설, 폭염, 강풍, 지진 5개 자연재해 유형과 이로 인해 추가 피해가 발생할 수 있는 화재, 붕괴, 폭발 사회재난 3개 유형으로 구성되어있으며, 총8 종류의 재난재해 유형에 대한 위험성과 회복성 분석 DB를 제공한다. 지역현황 정보에서는 유휴공간 및 지역자산정보 등 도시재생 현황분석에 필요한 행정(통계)데이터, 시설물정보 등을 제공한다. 아울러 본 연구를 통해 산출되는 논문 및 보고서 등을 문서 항목에서 서비스한다. 데이터셋 등록 시, 시스템에 설정된 재난재해 유형, 시설물 등을 선택해 카테고리를 분류하고, 이력관리를 목적으로 데이터명과 생산년월 등에 대한 필수항목을 입력해야만 등록이 가능하도록 설정하였다. 또한 GIS 기반 공간자료 등록 시에는 가시화 서비스를 위하여 공간자료의 포맷과 좌표체계, 생산년월, 생산기관 등을 필수 입력하도록 하였으며, GIS tool을 활용한 자료 분석에 어려움이 없도록 하였다. 쇠퇴지역의 재난재해 대비/대응을 위한 도시재생 데이터 플랫폼은 금년 시범운영 후, 차년에는 클라우드 서비스 기능을 탑재해 계정 권한과 장소에 제약을 받지 않고 도시재생 업무를 수행하는 모든 사용자가 재난재해 정보를 비롯한 도시재생 관련 정보를 수집·활용할 수 있는 데이터 공유의 장을 구현함으로써 도시재생지역의 효과적인 재난재해 대비/대응 체계를 마련하고자 하였다.