• Journal of Intelligence and Information Systems
• /
• v.18 no.1
• /
• pp.125-141
• /
• 2012

These days, the malicious attacks and hacks on the networked systems are dramatically increasing, and the patterns of them are changing rapidly. Consequently, it becomes more important to appropriately handle these malicious attacks and hacks, and there exist sufficient interests and demand in effective network security systems just like intrusion detection systems. Intrusion detection systems are the network security systems for detecting, identifying and responding to unauthorized or abnormal activities appropriately. Conventional intrusion detection systems have generally been designed using the experts' implicit knowledge on the network intrusions or the hackers' abnormal behaviors. However, they cannot handle new or unknown patterns of the network attacks, although they perform very well under the normal situation. As a result, recent studies on intrusion detection systems use artificial intelligence techniques, which can proactively respond to the unknown threats. For a long time, researchers have adopted and tested various kinds of artificial intelligence techniques such as artificial neural networks, decision trees, and support vector machines to detect intrusions on the network. However, most of them have just applied these techniques singularly, even though combining the techniques may lead to better detection. With this reason, we propose a new integrated model for intrusion detection. Our model is designed to combine prediction results of four different binary classification models-logistic regression (LOGIT), decision trees (DT), artificial neural networks (ANN), and support vector machines (SVM), which may be complementary to each other. As a tool for finding optimal combining weights, genetic algorithms (GA) are used. Our proposed model is designed to be built in two steps. At the first step, the optimal integration model whose prediction error (i.e. erroneous classification rate) is the least is generated. After that, in the second step, it explores the optimal classification threshold for determining intrusions, which minimizes the total misclassification cost. To calculate the total misclassification cost of intrusion detection system, we need to understand its asymmetric error cost scheme. Generally, there are two common forms of errors in intrusion detection. The first error type is the False-Positive Error (FPE). In the case of FPE, the wrong judgment on it may result in the unnecessary fixation. The second error type is the False-Negative Error (FNE) that mainly misjudges the malware of the program as normal. Compared to FPE, FNE is more fatal. Thus, total misclassification cost is more affected by FNE rather than FPE. To validate the practical applicability of our model, we applied it to the real-world dataset for network intrusion detection. The experimental dataset was collected from the IDS sensor of an official institution in Korea from January to June 2010. We collected 15,000 log data in total, and selected 10,000 samples from them by using random sampling method. Also, we compared the results from our model with the results from single techniques to confirm the superiority of the proposed model. LOGIT and DT was experimented using PASW Statistics v18.0, and ANN was experimented using Neuroshell R4.0. For SVM, LIBSVM v2.90-a freeware for training SVM classifier-was used. Empirical results showed that our proposed model based on GA outperformed all the other comparative models in detecting network intrusions from the accuracy perspective. They also showed that the proposed model outperformed all the other comparative models in the total misclassification cost perspective. Consequently, it is expected that our study may contribute to build cost-effective intelligent intrusion detection systems.

• Journal of KIISE:Computing Practices and Letters
• /
• v.8 no.1
• /
• pp.88-95
• /
• 2002

In recent years, the security of hardware and software systems is one of the most essential factor of our safe network community. As elliptic Curve Cryptosystems proposed by N. Koblitz and V. Miller independently in 1985, require fewer bits for the same security as the existing cryptosystems, for example RSA, there is a net reduction in cost size, and time. In this thesis, we propose an efficient hardware architecture of underlying field arithmetic processor for Elliptic Curve Cryptosystems, and a very useful method for implementing the architecture, especially multiplicative inverse operator over GF$GF (2^m)$ onto FPGA and futhermore VLSI, where the method is based on optimized unit operation components. We optimize the arithmetic processor for speed so that it has a resonable number of gates to implement. The proposed architecture could be applied to any finite field $F_{2m}$. According to the simulation result, though the number of gates are increased by a factor of 8.8, the multiplication speed We optimize the arithmetic processor for speed so that it has a resonable number of gates to implement. The proposed architecture could be applied to any finite field $F_{2m}$. According to the simulation result, though the number of gates are increased by a factor of 8.8, the multiplication speed and inversion speed has been improved 150 times, 480 times respectively compared with the thesis presented by Sarwono Sutikno et al. [7]. The designed underlying arithmetic processor can be also applied for implementing other crypto-processor and various finite field applications.

• The Korean Journal of Archival Studies
• /
• no.25
• /
• pp.3-46
• /
• 2010

Digital records management is one whole system in which many social and technical elements are interacting. To maintain the trustworthiness, the repository needs periodical audit and certification. Thus, individual electronic records management agency needs toolkit that can be used to self-evaluate their trustworthiness continuously, and self-assess their atmosphere and system to recognize deficiencies. The purpose of this study is development of self-certification toolkit for repositories, which synthesized and analysed such four international standard and best practices as OAIS Reference Model(ISO 14721), TRAC, DRAMBORA, and the assessment report conducted and published by TNA/UKDA, as well as MoRe2 and current national laws and standards. As this paper describes and demonstrate the development process and the framework of this self-certification toolkit, other electronic records management agencies could follow the process and develop their own toolkit reflecting their situation, and utilize the self-assessment results in-house. As a result of this research, 12 areas for assessment were set, which include (organizational) operation management, classification system and master data management, acquisition, registration and description, storage and preservation, disposal, services, providing finding aids, system management, access control and security, monitoring/audit trail/statistics, and risk management. In each 12 area, the process map or functional charts were drawn and business functions were analyzed, and 54 'evaluation criteria', consisted of main business functional unit in each area were drawn. Under each 'evaluation criteria', 208 'specific evaluation criteria', which supposed to be implementable, measurable, and provable for self-evaluation in each area, were drawn. The audit and certification toolkit developed by this research could be used by digital repositories to conduct periodical self-assessment of the organization, which would be used to supplement any found deficiencies and be used to reflect the organizational development strategy.

• The Korean Journal of Air & Space Law and Policy
• /
• v.33 no.2
• /
• pp.291-314
• /
• 2018

In recent 3 years, Korea's low-cost airlines have expanded their areas of passenger transportation not only to domestic market but also to Japan, China, Southeast Asia and US territory as a total of 6 companies (8 airlines including small air operation business carriers). Currently, three more airlines have filed for air transportation business certification as future low-cost carriers, and this expansion is expected to continue. To cope with the aggressive airline operations of domestic and foreign low-cost carriers and to enhance their competitiveness, each low-cost airline is taking a number of strategies for promoting cabin service. Therefore, the workload of the cabin crew is increased in proportion to the expansion, and the fatigue directly connected with the safety task performance is increased. It is stipulated in the Enforcement Regulations of the Korea Aviation Safety Act that at minimum, one cabin crew is required per 50 passenger seating capacity, and all low cost carriers are boarding only the minimum cabin crew. Sometimes it is impossible for them to sit in a floor level emergency exit for evacuation, which is the main task of the cabin crew, and this can cause confusion among evacuating passengers in the event of an emergency. In addition, if one of the minimum cabin crew becomes incapacitated due to an injury or the like, it will become a serious impediment in performing emergency evacuation duties. Even in the normal situation, since it will be violating the Act prescription on the minimum cabin crew complement, passengers will have to move to another available airline flights, encountering extreme inconvenience. Annex 6 to the Convention on International Civil Aviation specifies international standards for the determination of the minimum number of cabin crew shall be based only on the number of passenger seats or passengers on board for safe and expeditious emergency evacuation. Thereby in order to enhance the safety of the passengers and the crew on board, it is necessary to consider the cabin crew's fatigue that may occur in the various job characteristics (service, safety, security, first aid)and floor level emergency exit seating in calculating the minimum number of cabin crew. And it is also deemed necessary for the government's regulatory body to enhance the cabin safety for passengers and crew when determining the number of minimum cabin crew by reflecting the cabin crew's workload leading to their fatigue and unavailability to be seated in a floor level emergency exit on low cost carriers.

• Journal of Korean Society of Disaster and Security
• /
• v.14 no.4
• /
• pp.69-80
• /
• 2021

This study tried to suggest improvement measures by discovering problems or matters requiring improvement among the annual regional safety evaluation systems. Briefly introducing the structure and contents of the study, which is the introduction, describes the regional safety evaluation method newly applied by the Ministry of Public Administration and Security in 2020. Utilization plans were also introduced according to the local safety level that was finally evaluated by the local government. In this paper, various views of previous researchers related to regional safety are summarized and described. In addition, problems were drawn in the composition of the index of local safety, the method of calculating the index, and the application of the current index. Next, the problems of specific regional safety evaluation indicators were analyzed and solutions were presented. First, "Number of semi-basement households" is replaced with "Number of households receiving basic livelihood" of 「Social Vulnerability Index」 in the field of disaster risk factors is replaced with "the number of households receiving basic livelihood". In addition, the "Vinyl House Area" is evaluated by replacing "the number of households living in a Vinyl House, the number of container households, and the number of households in Jjok-bang villages" with data. Second, in the management and evaluation of habitual drought disaster areas, local governments with a water supply rate of 95% or higher in Counties, Cities, and Districts are treated as "missing". This is because drought disasters rarely occur in the metropolitan area and local governments that have undergone urbanization. Third, the activities of safety sheriffs, safety monitor volunteers, and disaster safety silver monitoring groups along with the local autonomous prevention foundation are added to the evaluation of the evaluation index of 「Regional Autonomous Prevention Foundation Activation」 in the field of response to disaster prevention measures. However, since the name of the local autonomous disaster prevention organization may be different for each local government, if it is an autonomous disaster prevention organization organized and active for disaster prevention, it would be appropriate to evaluate the results by summing up all of its activities. Fourth, among the Scorecard evaluation items, which is a safe city evaluation tool used by the United Nations Office for Disaster Risk Reduction(UNDRR), the item "preservation of natural buffers to strengthen the protection functions provided by natural ecosystems" is borrowed, which is closely related to natural disasters. The Scorecard evaluation is an assessment index that focuses on improving the disaster resilience of local governments while carrying out the campaign "Creating cities resilient to climate crises and disasters" emphasized by UNDRR. Finally, the names of "regional safety level" and "local safety index" are similar, so the term of local safety level is changed to "natural disaster safety level" or "natural calamity safety level". This is because only the general public can distinguish the local safety level from the local safety index.

• Journal of Service Research and Studies
• /
• v.13 no.1
• /
• pp.108-126
• /
• 2023

This study explored the sustainability of a blockchain-based cultural art performance video platform through the construction of Gyeonggi Art On, a new media art broadcasting station in Gyeonggi-do. In addition, the technical limitations of video content transaction using block chain, legal and institutional issues, and the protection of personal information and intellectual property rights were reviewed. As for the research method, participatory observation methods such as in-depth interviews with developers and operators and participation in meetings were conducted. The researcher participated in and observed the entire development process, including designing and developing blockchain nodes, smart contracts, APIs, UI/UX, and testing interworking between blockchain and content distribution services. Research Question 1: The results of the study on 'Which technology model is suitable for a blockchain-based performance video content distribution public platform?' are as follows. 1) The blockchain type suitable for the public platform for distribution of art performance video contents based on the blockchain is the private type that can be intervened only when the blockchain manager directly invites it. 2) In public platforms such as Gyeonggi ArtOn, among the copyright management model, which is an art based on NFT issuance, and the BC token and cloud-based content distribution model, the model that provides content to external demand organizations through API and uses K-token for fee settlement is suitable. 3) For public platform initial services such as Gyeonggi ArtOn, a closed blockchain that provides services only to users who have been granted the right to use content is suitable. Research question 2: What legal and institutional problems should be reviewed when operating a blockchain-based performance video distribution public platform? The results of the study are as follows. 1) Blockchain-based smart contracts have a party eligibility problem due to the nature of blockchain technology in which the identities of transaction parties may not be revealed. 2) When a security incident occurs in the block chain, it is difficult to recover the loss because it is unclear how to compensate or remedy the user's loss. 3) The concept of default cannot be applied to smart contracts, and even if the obligations under the smart contract have already been fulfilled, the possibility of incomplete performance must be reviewed.

• Asia-Pacific Journal of Business Venturing and Entrepreneurship
• /
• v.19 no.3
• /
• pp.139-153
• /
• 2024

The importance of sustainable growth and cost reduction has increased globally, leading to the expansion of outsourcing by companies. Additionally, the spread of the platform economy has brought changes in the way we work, and the online outsourcing market, where tasks are mediated through platforms, is growing. Academically, while research on general outsourcing is actively conducted, studies on online outsourcing are relatively insufficient compared to its actual utilization. This study aims to analyze the factors and performance factors of online outsourcing utilization by startups, to identify the effects and concerns of using online outsourcing from multiple perspectives, and to suggest the roles of various stakeholders for effective utilization and industry development. For the research, a survey was conducted with 281 employees of startups who have experience in using online outsourcing, and the main findings are as follows. First, the enhancement of efficiency, profitability, and innovation through the use of online outsourcing positively affects organizational commitment and job satisfaction of startup members. Especially, the improvement of efficiency due to the use of online outsourcing has a significant effect on enhancing job satisfaction. Second, concerns about the burden of online outsourcing fees or uncertain outcomes negatively affect organizational commitment and job satisfaction. Third, there are perceptual differences in the motivations and performance regarding the utilization of online outsourcing depending on the job position. Practitioners perceive that the use of online outsourcing increases organizational commitment, whereas managers have relatively higher concerns about the uncertainty of outsourced task outcomes and information security. Through this study, the possibility that human resource shortages and employee management issues in startups can be improved through online outsourcing was confirmed. By verifying the influence of various factors of online outsourcing utilization, this study also provides meaningful implications for establishing business strategies for online outsourcing intermediary platform companies and for formulating startup support policies by government and other startup support organizations.

• Journal of Intelligence and Information Systems
• /
• v.22 no.1
• /
• pp.107-118
• /
• 2016

The advent of 5G mobile communications, which is expected in 2020, will provide many services such as Internet of Things (IoT) and vehicle-to-infra/vehicle/nomadic (V2X) communication. There are many requirements to realizing these services: reduced latency, high data rate and reliability, and real-time service. In particular, a high level of reliability and delay sensitivity with an increased data rate are very important for M2M, IoT, and Factory 4.0. Around the world, 5G standardization organizations have considered these services and grouped them to finally derive the technical requirements and service scenarios. The first scenario is broadcast services that use a high data rate for multiple cases of sporting events or emergencies. The second scenario is as support for e-Health, car reliability, etc.; the third scenario is related to VR games with delay sensitivity and real-time techniques. Recently, these groups have been forming agreements on the requirements for such scenarios and the target level. Various techniques are being studied to satisfy such requirements and are being discussed in the context of software-defined networking (SDN) as the next-generation network architecture. SDN is being used to standardize ONF and basically refers to a structure that separates signals for the control plane from the packets for the data plane. One of the best examples for low latency and high reliability is an intelligent traffic system (ITS) using V2X. Because a car passes a small cell of the 5G network very rapidly, the messages to be delivered in the event of an emergency have to be transported in a very short time. This is a typical example requiring high delay sensitivity. 5G has to support a high reliability and delay sensitivity requirements for V2X in the field of traffic control. For these reasons, V2X is a major application of critical delay. V2X (vehicle-to-infra/vehicle/nomadic) represents all types of communication methods applicable to road and vehicles. It refers to a connected or networked vehicle. V2X can be divided into three kinds of communications. First is the communication between a vehicle and infrastructure (vehicle-to-infrastructure; V2I). Second is the communication between a vehicle and another vehicle (vehicle-to-vehicle; V2V). Third is the communication between a vehicle and mobile equipment (vehicle-to-nomadic devices; V2N). This will be added in the future in various fields. Because the SDN structure is under consideration as the next-generation network architecture, the SDN architecture is significant. However, the centralized architecture of SDN can be considered as an unfavorable structure for delay-sensitive services because a centralized architecture is needed to communicate with many nodes and provide processing power. Therefore, in the case of emergency V2X communications, delay-related control functions require a tree supporting structure. For such a scenario, the architecture of the network processing the vehicle information is a major variable affecting delay. Because it is difficult to meet the desired level of delay sensitivity with a typical fully centralized SDN structure, research on the optimal size of an SDN for processing information is needed. This study examined the SDN architecture considering the V2X emergency delay requirements of a 5G network in the worst-case scenario and performed a system-level simulation on the speed of the car, radius, and cell tier to derive a range of cells for information transfer in SDN network. In the simulation, because 5G provides a sufficiently high data rate, the information for neighboring vehicle support to the car was assumed to be without errors. Furthermore, the 5G small cell was assumed to have a cell radius of 50-100 m, and the maximum speed of the vehicle was considered to be 30-200 km/h in order to examine the network architecture to minimize the delay.

• Proceedings of the Korea Technology Innovation Society Conference
• /
• 2015.05a
• /
• pp.545-570
• /
• 2015

Korea is among the ten countries with the largest R&D budget and the highest R&D investment-to-GDP ratio, yet the subject of security and protection of R&D results remains relatively unexplored in the country. Countries have implemented in their legal systems measures to properly protect cutting-edge industrial technologies that would adversely affect national security and economy if leaked to other countries. While Korea has a generally stable legal framework as provided in the Regulation on the National R&D Program Management (the "Regulation") and the Act on Industrial Technology Protection, many difficulties follow in practice when determining details on security management and obligations and setting standards in carrying out national R&D projects. This paper proposes to modify and improve security level classification standards in the Regulation. The Regulation provides a dual security level decision-making system for R&D projects: the security level can be determined either by researcher or by the central agency in charge of the project. Unification of such a dual system can avoid unnecessary confusions. To prevent a leakage, it is crucial that research projects be carried out in compliance with their assigned security levels and standards and results be effectively managed. The paper examines from a practitioner's perspective relevant legal provisions on leakage of confidential R&D projects, infringement, injunction, punishment, attempt and conspiracy, dual liability, duty of report to the National Intelligence Service (the "NIS") of security management process and other security issues arising from national R&D projects, and manual drafting in case of a breach. The paper recommends to train security and technological experts such as industrial security experts to properly amend laws on security level classification standards and relevant technological contents. A quarterly policy development committee must also be set up by the NIS in cooperation with relevant organizations. The committee shall provide a project management manual that provides step-by-step guidance for organizations that carry out national R&D projects as a preventive measure against possible leakage. In the short term, the NIS National Industrial Security Center's duties should be expanded to incorporate national R&D projects' security. In the long term, a security task force must be set up to protect, support and manage the projects whose responsibilities should include research, policy development, PR and training of security-related issues. Through these means, a social consensus must be reached on the need for protecting national R&D projects. The most efficient way to implement these measures is to facilitate security training programs and meetings that provide opportunities for communication among industrial security experts and researchers. Furthermore, the Regulation's security provisions must be examined and improved.

• Journal of agricultural medicine and community health
• /
• v.27 no.2
• /
• pp.87-105
• /
• 2002

In order to find out the knowledge, attitude, and experience of community health practitioners(CHP) on complementary therapy, 393 community health practitioners who provide primary health care service in Busan, Kyeongnam, and Daegu, Gyeongbuk regions were interviewed or surveyed by mail from February 1st to March 31st, 2002. In terms of interest of CHPs toward 11 different hinds of complementary therapy, the rate of interest for soojichim was the highest with 75.3%. Aroma therapy had the interest of 71.0% of the CHPs, oriental medicine had 67.4%, and massage had 67.4%. The interest for shiatsu was 64.6%, while homeopath had the lowest rate of interest of 18.1%. In terms of reliance on the treatment results, oriental medicine scored the highest with 92.6%, and soojichim, massage, and shiatsu followed with 85.5%, 83.7%, and 81.7% respectively. Homeopath had the lowest reliance of 18.1%. The 65.1% of the CHPs had the experience of recommending oriental medicine to patients. 50.4% indicated that they had recommended soojichim, and 44.8% had recommended massage before. Shiatsu and aromatherapy followed with 34.4% and Homeopath had the lowest rate of 2.80%. When CHPs were asked if they had received any training in complementary therapy, 33.1% indicated that they had studied soojichim and 13.2%stated that they had learned oriental medicine. Aromatherapy, massage, and shiatsu followed with 11.2%, 8.4%, and 5.6% respectively On the other hand, none of the CHPs had received training in homeopath. In terms of using complementary therapy during the past 5 years, 23.9% had been treated with oriental medicine, and 18.896 had received soojichim. 5.9% had received aromatherapy, 5.3% had used massage, and 5.1% had experience with shiatsu. None of the practitioners had used homeopath during the past 5 years. Significantly many number of practitioners indicated that they had excellent treatment results with all hinds of complementary therapy, and there were rare cares of side effects. When they were asked if they wanted complementary therapy to become part of the curriculum during re-training or training for public service personnels, 78100 wanted soojichim, 69.2% wanted oriental medicine, and 67.9% wanted aroma therapy. 63.9% wanted shiatsu to be included, and 63.1% wanted massage. When CHPs were asked if they wanted to use complementary therapy during primary health care, 63.6% wanted to use soojichim, 52.9% wanted massage, and 51.9% wanted to use aroma therapy. Oriental medicine also showed a high rate of 50.1%. On the other hand, only a small percentage wanted to use chiropractic or homeopath with 17.0% and 12,2% respectively. Among the CHPs, there were some who had administered complementary therapy during the past 5 years. 84% had administered soojichim, 4.6% had administered oriental medicine, and 2.5% had administered massage 2.5% of the CHPs answered that they had administered aromatherapy. However, none of them had administered apitherapy or homeopath. Most of patients showed positive responses, and the rate of side effect was very low. As shown in the above results, although CHPs have a high rate of interest, reliance, and experience in recommending complementary therapy, only a low percentage of them had received any training in complementary therapy. In addition, since there were little side effects when they received or administered complementary therapy, they hoped complementary therapy, which can be beneficial to health, to be introduced to the curriculum. Therefore, in order to provide community members with complementary therapy and the correct information regarding the selection of complementary therapy that could be beneficial to health, a policy of continuous interest and support is needed so that CHPs can he provided with a systemic and rational curriculum of complementary therapy.