• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.707-724
• /
• 2024

Recently, Golang has been gaining attention in programming language rankings each year due to its cross-compilation capabilities and high code productivity. However, malware developers have also been increasingly using it to distribute malware such as ransomware and backdoors. Interestingly, Golang, being an open-source language, frequently changes the important values and configuration order of a crucial structure called Pclntab, which includes essential values for recovering deleted symbols whenever a new version is released. While frequent structural changes may not be an issue from a developer's perspective aiming for better code readability and productivity, it poses challenges in cybersecurity, as new versions with modified structures can be exploited in malware development. Therefore, this paper proposes GoAsap, a detection and analysis system for Golang executables targeting the new versions, and validates the performance of the proposed system by comparing and evaluating it against six existing binary analysis tools.

• Journal of Platform Technology
• /
• v.11 no.6
• /
• pp.89-105
• /
• 2023

With the development of information technology, most of the information has been converted into digital information, leading to the Big Data era. The demand for search platform has increased to enhance accessibility and usability of information in the databases. Big data search software platforms consist of two main components: (1) an indexing component to generate and store data indices for a fast and efficient data search and (2) a searching component to look up the given data fast. As an amount of data has explosively increased, data indexing performance has become a key performance bottleneck of big data search platforms. Though many companies adopted big data search platforms, relatively little research has been made to improve indexing performance. This research study employs Elasticsearch platform, one of the most famous enterprise big data search platforms, and builds physical clusters of 3 nodes to investigate optimal indexing performance configurations. Our comprehensive experiments and studies demonstrate that the proposed optimal Elasticsearch configuration achieves high indexing performance by an average of 3.13 times.

• The Transactions of the Korea Information Processing Society
• /
• v.13 no.9
• /
• pp.429-436
• /
• 2024

As Large Language Models (LLMs) continue to advance, effectively harnessing their potential has become increasingly important. LLMs, trained on vast datasets, are capable of generating text across a wide range of topics, making them useful in applications such as content creation, machine translation, and chatbots. However, they often face challenges in generalization due to gaps in specific or specialized knowledge, and updating these models with the latest information post-training remains a significant hurdle. To address these issues, Retrieval-Augmented Generation (RAG) models have been introduced. These models enhance response generation by retrieving information from continuously updated external databases, thereby reducing the hallucination phenomenon often seen in LLMs while improving efficiency and accuracy. This paper presents the foundational architecture of RAG, reviews recent research trends aimed at enhancing the retrieval capabilities of LLMs through RAG, and discusses evaluation techniques. Additionally, it explores performance optimization and real-world applications of RAG in various industries. Through this analysis, the paper aims to propose future research directions for the continued development of RAG models.

• Korean Security Journal
• /
• no.47
• /
• pp.119-137
• /
• 2016

In a recent period, it becomes more and more important to keep the cutting-edge industrial technology secured. This is because competitive technology appears to be a cornerstone of national power. Although the industrial espionage must be an illegal behavior or a kind of white-collar crime, there has been few researches on industrial espionage from a criminological perspective. This study investigates the relationship between industrial espionage, self-control, and organizational commitment. The hypotheses of this study were found to be statistically significant. The hypothesis 1 that the high self-control reduces the possibility of industrial espionage was accepted, and the hypothesis 2 that the high organizational commitment reduces the possibility of industrial espionage was also accepted. This results showed that self-control and organizational commitment were the key factors to prevent industrial espionage, which eventually reinforces industrial security. This study used a convenient sampling, which might be the limits of this study. By using a convenient sampling, the result of the study could not depend on representative sample. Nonetheless, this study was trying to explore the relationship between industrial espionage, self-control, and organizational commitment which was not researched yet. The purpose of this study is to contribute to find out the criminological causes of industrial espionage and eventually to prevent it.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.445-457
• /
• 2013

This paper is about the study to build a quantitative methodology to assess cyber threats and vulnerabilities on control systems. The SCADA system in power industry is one of the most representative and biggest control systems. The SCADA system was originally a local system but it has been extended to wide area as both ICT and power system technologies evolve. Smart Grid is a concept to integrate energy and IT systems, and therefore the existing cyber threats might be infectious to the power system in the integration process. Power system is operated on a real time basis and this could make the power system more vulnerable to the cyber threats. It is a unique characteristic of power systems different from ICT systems. For example, availability is the most critical factor while confidentiality is the one from the CIA triad of IT security. In this context, it is needed to reflect the different characteristics to assess cyber security risks in power systems. Generally, the risk(R) is defined as the multiplication of threat(T), vulnerability(V), and asset(A). This formula is also used for the quantification of the risk, and a conceptual methodology is proposed for the objective in this study.

• Journal of Global Scholars of Marketing Science
• /
• v.17 no.1
• /
• pp.101-122
• /
• 2007

Recently, as internet shopping mall users rapidly, a form of shopping changed from off line to on line. The rapid growth of customers and transaction volume through evolution of new media, internet, brings new problems to internet marketers. It is the most important task that how internet shopping mall operators obtain their customers trust and repeat buying. This empirical research investigates online shoppers for their trust dimensions for online retailers. The study aimed to determine whether e-trust antecedents(perceived reputation, perceived quality, perceived value) influence trust dimension and whether the multidimensional trust contributed differently to perceived risk and willingness to depend on e-retailers. Consequences of the research are as follows: First, it reveals that of reputation, web site quality of the internet shopping mall have influence upon trust dimension. Second, the higher level of trust consumers have, the higher level of willingness to depend and intent to revisit on the retailers they have. But level of perceive risk consumers have not influences on willingness to depend on the retailers. It is necessary for internet shopping mall to development its reputation and familiarity to obtain customer's trust. Accordingly, this research will be helping internet shopping mall insight for marketing strategies, constantly should study about action and mind of consumer.

• Asia-Pacific Journal of Business Venturing and Entrepreneurship
• /
• v.7 no.2
• /
• pp.63-76
• /
• 2012

The possibility of successful commercialization of technologically innovative products depends on the degree to which consumers select and utilize the product. Therefore, the research that endeavors to find the usage behavior and the acceptance intention of users of technologically innovative products is a very important quest. This study empirically analyzes the factors that influence commercialization of a technologically innovative product: cloud computing. Existing studies examined acceptance intentions by expanding the TAM model and excluded attitude and usage behavior. This study determined attitude, usage behavior and personal characteristics of consumers to be important influencing factors. The results of the empirical analysis are as follows: First, the self-efficacy of personal characteristics had a significant effect on ease of use and acceptance intention and perceived costs had a significant influence on the factors of perceived usefulness and perceived ease of use. Second, research on the systematic characteristics of cloud computing confirmed that security was an important factor affecting acceptance intention while innovativeness was critical to ease of use. Third, of the usage characteristics among users of technologically innovative products, perceived usefulness had an effect on the acceptance and usage behavior of cloud computing, and perceived ease of use had an important influence on perceived usefulness. Currently, when cloud computing services have not yet become widespread to the public, this study proposed meaningful results for policy direction and commercialization strategies by revealing variables that influence acceptance and usage behavior.

• Information Systems Review
• /
• v.16 no.1
• /
• pp.89-106
• /
• 2014

The war simulation systems in Republic of Korea Army have been getting more and more important because soldiers can effectively and efficiently learn and share their war-related knowledge based on the interactions through the systems. But, up to now, the access to the war simulation systems has been limited to only soldiers. So, little research on them has been conducted. This study explores the effects of the antecedents to the flow experience and the characteristics of the systems on soldiers' intentions to use them. Based on the 118 samples collected from officers in Republic of Korea Army, this study empirically shows the logical reality of the war simulation systems and the flow experience positively influence soldiers' intentions to use the systems and the clarified goals, feedbacks, and the levels of the missions in the systems are significant antecedents to the flow experience. Useful implications are presented and discussed based on the new findings.

• Korean Security Journal
• /
• no.14
• /
• pp.161-179
• /
• 2007

The numerous definition of terrorism is viewed as the use of force or violence by individual or group that is directed toward civilian populations and intended to instill fear as a means of coercing individuals or groups to change their political or social positions. Recently, the paradigm of terror has been developed as new terrorism motivated by 9. 11 terror in 2001. In these contexts, this study analyzed the case study of recent counter-terrorism of international events and suggested the policy implications. This study is split into four chapters. Chapter I is the introduction part. Chapter II introduces the reader to new terrorism theory, and Chapter III deals with the case study of the international counter-terrorism policy around the world, Chapter IV deals with the policy implications of the case study. The greater the political, economical and social advantages opening large international ceremonies, the larger the probability of being targets for terrorists and criminals. As terrorism is one of the important issue, the security problems at international ceremonies in Korea, rising country as political essence in Asian-Pacific region, become very important. With experienced know-hows against terror and preparations for security, local and central governments must promote the private security companies filling up vacancies of police and official security system and develop international ceremonies, rising high valuable industries in 21st century, with diplomatic efforts. International major events is the largest event related events with politics, economy, culture, and such large-scale events should be a comprehensive counterplan in the light of safety check for the location of a hazard and safety check of facilities in and out, attendance on athlete and visitor and escort of VIPs.

• The Journal of the Korea Contents Association
• /
• v.13 no.1
• /
• pp.30-39
• /
• 2013

In recent years, with the development of devices to collect multimedia data such as small CMOS camera sensor and micro phone, studies on wireless multimedia sensor network technologies and their applications that extend the existing wireless sensor network technologies have been actively done. In such applications, various basic schemes such as the processing, storage, and transmission of multimedia data are required. Especially, a security for real world environments is essential. In this paper, in order to defend the sniffing attack in various hacking techniques, we propose a multipath routing scheme for physically avoiding the data transmission path from the risk factors. Our proposed scheme establishes the DEFCON of the sensor nodes that are geographically close to risk factors and the priorities according to the importance of the data. Our proposed scheme performs risk factor detour multipath routing through a safe path considering the DEFCON and data priority. Our experimental results show that although our proposed scheme takes the transmission delay time by about 5% over the existing scheme, it reduces the eavesdropping rate that can attack and intercept data by the risk factor by about 18%.