• Title/Summary/Keyword: 사이버 범죄

Search Result 238, Processing Time 0.022 seconds

Implementation of the Large-scale Data Signature System Using Hash Tree Replication Approach (해시 트리 기반의 대규모 데이터 서명 시스템 구현)

  • Park, Seung Kyu
    • Convergence Security Journal
    • /
    • v.18 no.1
    • /
    • pp.19-31
    • /
    • 2018
  • As the ICT technologies advance, the unprecedently large amount of digital data is created, transferred, stored, and utilized in every industry. With the data scale extension and the applying technologies advancement, the new services emerging from the use of large scale data make our living more convenient and useful. But the cybercrimes such as data forgery and/or change of data generation time are also increasing. For the data security against the cybercrimes, the technology for data integrity and the time verification are necessary. Today, public key based signature technology is the most commonly used. But a lot of costly system resources and the additional infra to manage the certificates and keys for using it make it impractical to use in the large-scale data environment. In this research, a new and far less system resources consuming signature technology for large scale data, based on the Hash Function and Merkle tree, is introduced. An improved method for processing the distributed hash trees is also suggested to mitigate the disruptions by server failures. The prototype system was implemented, and its performance was evaluated. The results show that the technology can be effectively used in a variety of areas like cloud computing, IoT, big data, fin-tech, etc., which produce a large-scale data.

  • PDF

Detecting gold-farmers' group in MMORPG by analyzing connection pattern (연결패턴 정보 분석을 통한 온라인 게임 내 불량사용자 그룹 탐지에 관한 연구)

  • Seo, Dong-Nam;Woo, Ji-Young;Woo, Kyung-Moon;Kim, Chong-Kwon;Kim, Huy-Kang
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.3
    • /
    • pp.585-600
    • /
    • 2012
  • Security issues in online games are increasing as the online game industry grows. Real money trading (RMT) by online game users has become a security issue in several countries including Korea because RMT is related to criminal activities such as money laundering or tax evasion. RMT-related activities are done by professional work forces, namely gold-farmers, and many of them employ the automated program, bot, to gain cyber asset in a quick and efficient way. Online game companies try to prevent the activities of gold-farmers using game bots detection algorithm and block their accounts or IP addresses. However, game bot detection algorithm can detect a part of gold-farmer's network and IP address blocking also can be detoured easily by using the virtual private server or IP spoofing. In this paper, we propose a method to detect gold-farmer groups by analyzing their connection patterns to the online game servers, particularly information on their routing and source locations. We verified that the proposed method can reveal gold-farmers' group effectively by analyzing real data from the famous MMORPG.

Construction of an Audio Steganography Botnet Based on Telegram Messenger (텔레그램 메신저 기반의 오디오 스테가노그래피 봇넷 구축)

  • Jeon, Jin;Cho, Youngho
    • Journal of Internet Computing and Services
    • /
    • v.23 no.5
    • /
    • pp.127-134
    • /
    • 2022
  • Steganography is a hidden technique in which secret messages are hidden in various multimedia files, and it is widely exploited for cyber crime and attacks because it is very difficult for third parties other than senders and receivers to identify the presence of hidden information in communication messages. Botnet typically consists of botmasters, bots, and C&C (Command & Control) servers, and is a botmasters-controlled network with various structures such as centralized, distributed (P2P), and hybrid. Recently, in order to enhance the concealment of botnets, research on Stego Botnet, which uses SNS platforms instead of C&C servers and performs C&C communication by applying steganography techniques, has been actively conducted, but image or video media-oriented stego botnet techniques have been studied. On the other hand, audio files such as various sound sources and recording files are also actively shared on SNS, so research on stego botnet based on audio steganography is needed. Therefore, in this study, we present the results of comparative analysis on hidden capacity by file type and tool through experiments, using a stego botnet that performs C&C hidden communication using audio files as a cover medium in Telegram Messenger.

A Study on the Fraud Detection for Electronic Prepayment using Machine Learning (머신러닝을 이용한 선불전자지급수단의 이상금융거래 탐지 연구)

  • Choi, Byung-Ho;Cho, Nam-Wook
    • The Journal of Society for e-Business Studies
    • /
    • v.27 no.2
    • /
    • pp.65-77
    • /
    • 2022
  • Due to the recent development in electronic financial services, transactions of electronic prepayment are rapidly growing, leading to growing fraud attempts. This paper proposes a methodology that can effectively detect fraud transactions in electronic prepayment by machine learning algorithms, including support vector machines, decision trees, and artificial neural networks. Actual transaction data of electronic prepayment services were collected and preprocessed to extract the most relevant variables from raw data. Two different approaches were explored in the paper. One is a transaction-based approach, and the other is a user ID-based approach. For the transaction-based approach, the first model is primarily based on raw data features, while the second model uses extra features in addition to the first model. The user ID-based approach also used feature engineering to extract and transform the most relevant features. Overall, the user ID-based approach showed a better performance than the transaction-based approach, where the artificial neural networks showed the best performance. The proposed method could be used to reduce the damage caused by financial accidents by detecting and blocking fraud attempts.

A Study on Evaluation Parameters of Safety City Models (안전도시 모델의 평가지표에 관한 연구)

  • Joon-Hak Lee;Okkyung Yuh
    • Journal of Korean Society of Disaster and Security
    • /
    • v.16 no.2
    • /
    • pp.1-13
    • /
    • 2023
  • As interest in urban safety has increased since COVID-19, various institutions have developed and used indicators that evaluate the safety city model. Yongsan-gu was ranked No. 1 in 2021 by Social Safety Index evaluation and was selected as the safest city in Korea. However, the Itaewon disaster in Yongsan-gu in 2022 caused many casualties. The study of indicators for evaluating cities' safety was necessary. This study aims to examine domestic and foreign safe city models and review the differences between each model and the indicators used to evaluate safe cities. As a result of collecting 11 safe city models and analyzing each evaluation index, safe city models can be classified into program-based safe city models, such as the World Health Organization's International safe community and the UN Office for Disaster Risk Reduction's International Safe city. Considering the diversification of threats to safety, it is reasonable to comprehensively consider digital security, health safety, infrastructure safety, personal safety, environmental safety, traffic safety, fire safety, crime safety, life safety, suicide, and infectious diseases when evaluating safe cities as evaluation parameters.

A Tracking Method of Same Drug Sales Accounts through Similarity Analysis of Instagram Profiles and Posts

  • Eun-Young Park;Jiyeon Kim;Chang-Hoon Kim
    • Journal of the Korea Society of Computer and Information
    • /
    • v.29 no.2
    • /
    • pp.109-118
    • /
    • 2024
  • With the increasing number of social media users worldwide, cases of social media being abused to perpetrate various crimes are increasing. Specifically, drug distribution through social media is emerging as a serious social problem. Using social media channels, the curiosity of teenagers regarding drugs is stimulated through clever marketing. Further, social media easily facilitates drug purchases due to the high accessibility of drug sellers and consumers. Among various social media platforms, we focused on Instagram, which is the most used social media platform by young adults aged 19 to 24 years in South Korea. We collected four types of information, including profile photos, introductions, posts in the form of images, and posts in the form of texts on Instagram; then, we analyzed the similarity among each type of collected information. The profile photos and posts in the form of image were analyzed for similarity based on the SSIM(Structural Simplicity Index Measure), while introductions and posts in the form of text were analyzed for similarity using Jaccard and Cosine similarity techniques. Through the similarity analysis, the similarity among various accounts for each collected information type was measured, and accounts with similarity above the significance level were determined as the same drug sales account. By performing logistic regression analysis on the aforementioned information types, we confirmed that except posts in image form, profile photos, introductions, and posts in the text form were valid information for tracking the same drug sales account.

Multi-dimensional Security Threats and Holistic Security - Understanding of fusion-phenomenon of national security and criminal justice in post-modern society - (다차원 안보위협과 융합 안보)

  • Yun, Min-Woo;Kim, Eun-Young
    • Korean Security Journal
    • /
    • no.31
    • /
    • pp.157-185
    • /
    • 2012
  • Today, the emergence of cyberspace and advancement of globalization caused not only the transformation of our productive and conventional life but also the revolutionary transition of use of destructive violence such as crime and warfare. This transition of environmental condition connects various security threats which separatedly existed in individual, local, national, and global levels in the past, and transformed the mechanical sum of all levels of security threats into the organic sum of multi-dimensional security threats. This article proposes that the sum of multi-dimensional security threats is caused by the interconnectivity of various different levels of security threats and the integrated interdisciplinary perspective is essential to properly understand the fundamental existence of today's security problem and the reality of fear that we face today. The holistic security, the concept proposed here, is to suggest the mode of networked response to multi-dimensional security threats. The holistic security is suggested to overcome the conventional divisional approach based on the principle of "division of labor" and bureaucratic principles, which means more concretely that national security and criminal justice are divided and intelligence, military, police, prosecution, fire-fighting, private security, and etc. are strictly separated into its own expertise and turf. Also, this article introduces integrated security approaches tried by international organization and major countries overseas with the respect of the holistic security. The author have spent some substantial experience of participant observation, meetings, seminar, conference, and expert interviews regarding the issues discussed in the article in various countries including the United States, Russia, Austria, Germany, Canada, Mexico, Israel, and Uzbekistan for the last ten years. Intelligence and information on various levels of security threats and security approaches introduced in this paper is obtained from such opportunities.

  • PDF

Privacy protection of seizure and search system (압수수색과 개인정보 보호의 문제)

  • Kim, Woon-Gon
    • Journal of the Korea Society of Computer and Information
    • /
    • v.20 no.5
    • /
    • pp.123-131
    • /
    • 2015
  • Bright development of information communication is caused by usabilities and another case to our society. That is, the surveillance which is unlimited to electronic equipment is becoming a transfiguration to a possible society, and there is case that was able to lay in another disasters if manage early error. Be what is living on at traps of surveillance through the Smart phones which a door of domicile is built, and the plane western part chaps, and we who live on in these societies are installed to several places, and closed-circuit cameras (CCTV-Closed Circuit Television) and individual use. On one hand, while the asset value which was special of enterprise for marketing to enterprise became while a collection was easily stored development of information communication and individual information, the early body which would collect illegally was increased, and affair actually very occurred related to this. An investigation agency is endeavored to be considered the digital trace that inquiry is happened by commission act to the how small extent which can take aim at a duty successful of the inquiry whether you can detect in this information society in order to look this up. Therefore, procedures to be essential now became while investigating affair that confiscation search regarding employment trace of a computer or the telephone which delinquent used was procedural, and decisive element became that dividing did success or failure of inquiry whether you can collect the act and deed which was these electronic enemy. By the way, at this time a lot of, in the investigation agencies the case which is performed comprehensively blooms attachment while rummaging, and attachment is trend apprehension to infringe discretion own arbitrary information rising. Therefore, a lot of nation is letting you come into being until language called exile 'cyber' while anxiety is exposed about comprehensive confiscation search of the former information which an investigation agency does. Will review whether or not there is to have to set up confiscation search ambit of electronic information at this respect how.