• Journal of the Korea Society of Computer and Information
• /
• v.29 no.4
• /
• pp.73-82
• /
• 2024

In 2017, the United Nations reported that the population aged 60 and above was increasing more rapidly than all younger age groups worldwide, projecting that by 2050, the population aged 60 and above would constitute at least 25% of the global population, excluding Africa. The world is experiencing a decline in the rate of increase in the working-age population due to global aging, and the younger generation tends to avoid difficult and challenging occupations. Although theoretically, AI equipped with artificial intelligence can replace humans in all fields, in the realm of practical information security, human judgment and expertise are absolutely essential, especially in ethical considerations. Therefore, this paper proposes a method to retrain and reintegrate IT professionals aged 50 and above who are retiring or seeking career transitions, aiming to bring them back into the industry. For this research, surveys were conducted with 21 government/public agencies representing demand and 9 security monitoring companies representing supply. Survey results indicated that both demand (90%) and supply (78%) unanimously agreed on the absolute necessity of such measures. If the results of this research are applied in the field, it could lead to the strategic development of senior information security professionals, laying the foundation for a new market in the Korean information security industry amid the era of low birth rates and longevity.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.123-130
• /
• 2021

Cybersecurity has been vital for decades and will remain vital with upcoming ages with new technological developments. Every new day brings advancement in technology, which leads to new horizons, and at the same time, it brings new security challenges. Numerous researchers around the globe are continuously striving hard to provide better solutions for the daily basis of new arising security issues. However, the challenges are always there. These challenges become new norms during the current Covid pandemic, where most industries, small industrial enterprises, education, finance, public sectors, etc. were under several attacks and threats globally. The hacker has more opportunities during the pandemic period by shifting most of the operations live. This research enlightened the several cybersecurity attacks and threats during this pandemic time globally. It provided the best possible recommendations to avoid them using the cyber awareness and with appropriately linked training. This research can provide a guideline to the above stated sector by identifying the related attacks.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.12
• /
• pp.215-225
• /
• 2011

This paper suggests several methods of improving information securities of universities through the investigations of the current status of information securities in universities, which is becoming a hot topic in knowledge and information societies. In this paper, universities were randomly selected according to their size, and surveyed through email questionnaire to the persons in charge of security in each university, and 27 universities and 18 colleges were replied. From the survey results we confirmed that the pre-prevention is the most important thing in securing information assets, also in universities, and, in this paper, systematic support must be strengthened to establish a comprehensive security management policy and guidelines for the universities, and the importance of information assets and the necessity of security needs to be shared with the members in the universities. Moreover there must be full administrative and financial support, including recruitment and training of information security professionals and the establishing a separate security division.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.177-189
• /
• 2023

Malware detection is an increasingly important operational focus in cyber security, particularly given the fast pace of such threats (e.g., new malware variants introduced every day). There has been great interest in exploring the use of machine learning techniques in automating and enhancing the effectiveness of malware detection and analysis. In this paper, we present a deep recurrent neural network solution as a stacked Long Short-Term Memory (LSTM) with a pre-training as a regularization method to avoid random network initialization. In our proposal, we use global and short dependencies of the inputs. With pre-training, we avoid random initialization and are able to improve the accuracy and robustness of malware threat hunting. The proposed method speeds up the convergence (in comparison to stacked LSTM) by reducing the length of malware OpCode or bytecode sequences. Hence, the complexity of our final method is reduced. This leads to better accuracy, higher Mattews Correlation Coefficients (MCC), and Area Under the Curve (AUC) in comparison to a standard LSTM with similar detection time. Our proposed method can be applied in real-time malware threat hunting, particularly for safety critical systems such as eHealth or Internet of Military of Things where poor convergence of the model could lead to catastrophic consequences. We evaluate the effectiveness of our proposed method on Windows, Ransomware, Internet of Things (IoT), and Android malware datasets using both static and dynamic analysis. For the IoT malware detection, we also present a comparative summary of the performance on an IoT-specific dataset of our proposed method and the standard stacked LSTM method. More specifically, of our proposed method achieves an accuracy of 99.1% in detecting IoT malware samples, with AUC of 0.985, and MCC of 0.95; thus, outperforming standard LSTM based methods in these key metrics.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.12
• /
• pp.4008-4023
• /
• 2022

Since machine learning was introduced into cross-site scripting (XSS) attack detection, many researchers have conducted related studies and achieved significant results, such as saving time and labor costs by not maintaining a rule database, which is required by traditional XSS attack detection methods. However, this topic came across some problems, such as poor generalization ability, significant false negative rate (FNR) and false positive rate (FPR). Moreover, the automatic clustering property of graph convolutional networks (GCN) has attracted the attention of researchers. In the field of natural language process (NLP), the results of graph embedding based on GCN are automatically clustered in space without any training, which means that text data can be classified just by the embedding process based on GCN. Previously, other methods required training with the help of labeled data after embedding to complete data classification. With the help of the GCN auto-clustering feature and labeled data, this research proposes an approach to detect XSS attacks (called GCNXSS) to mine the dependencies between the units that constitute an XSS payload. First, GCNXSS transforms a URL into a word homogeneous graph based on word co-occurrence relationships. Then, GCNXSS inputs the graph into the GCN model for graph embedding and gets the classification results. Experimental results show that GCNXSS achieved successful results with accuracy, precision, recall, F1-score, FNR, FPR, and predicted time scores of 99.97%, 99.75%, 99.97%, 99.86%, 0.03%, 0.03%, and 0.0461ms. Compared with existing methods, GCNXSS has a lower FNR and FPR with stronger generalization ability.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2019.01a
• /
• pp.211-212
• /
• 2019

서로 다른 지역에서 서로 다른 과정의 실습 중심의 정보보호 단기 교육을 진행하기 위하여 SaaS 기반 가상훈련 시스템을 사용하였다. 본 논문에서는 SaaS 기반 가상훈련 시스템을 이용한 정보보호 실습 교육의 장단점을 정리한다. 강사 및 수강생들은 교육 과정 중 데스크톱 가상화를 사용하여 실습 환경을 구축하는 시간을 절약할 수 있었다. 또한, 원격 실습 지원, 진행 상황 확인도 가능하였다. 관리자는 강사 및 장소와 무관하게 균등한 실습 교육을 제공할 수 있다는 점이 가장 큰 장점이었다. 향후에는 서버 가상화와 데스크톱 가상화가 결합된 하이브리드 형태의 실습 환경 개발을 고려할 필요가 있다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.211-224
• /
• 2015

Financial companies have invested a lot in their disaster recovery system and exercised training more than once a year to comply related laws and regulations. But massive PCs(Personal Computers) became disrupted simultaneously and it took a lot of time to recover massive PCs concurrently when March 20 cyber attack occurred. So, it was impossible to meet the tartgeted business continuity level. It was because the importance of PC recovery was neglected compared to other disaster recovery areas. This study suggests the measure to recover massive branch terminal PCs of financial companies simultaneously in cost-effective way utilizing the existing technology and tests recovery time. It means that in the event of disaster financial companies could recover branch terminal PCs in 3 hours which is recommended recovery time by regulatory body. Other financial companies operating similar type and volume of branches would refer to the recovery structure and method proposed by this study.

• Korean Security Journal
• /
• no.25
• /
• pp.185-208
• /
• 2010

This study is to suggest the current security education programs and improvement of industrial security curriculums in Korea. We live in a world of insecurity; the world is changing at an ever accelerating pace. Life, society, economics, international relations, and security risk are becoming more and more complex. The nature of work, travel, recreation, and communication is radically changing. We live in a world where, seemingly with each passing year, the past is less and less's guide to the future. Security is involved in on one way or another in virtually every decision we make and every activity we undertake. The global environment has never been more volatile, and societal expectations for industrial security and increasing if anything. The complexities of globalization, public expectation, regulatory requirements, transnational issues, jurisdictional risks, crime, terrorism, advances in information technology, cyber attacks, and pandemics have created a security risk environment that has never been more challenging. We had to educate industrial security professional to cope with new security risk. But, how relevant is a college education to the security professional? A college degree will not guarantee a job or advancement opportunities. But, with a college and professional training, a person has improved chances for obtaining a favored position. Commonly, Security education and experience are top considerations to find a job so far, also training is important. Today, Security is good source to gain competitive advantage in global business. The future of security education is prospect when one considers the growth evident in the field. Modern people are very security-conscious today, so now we had to set up close relevant industrial security programs to cope with new security risk being offered in colleges or several security professional educational courses.

• Journal of Convergence for Information Technology
• /
• v.10 no.5
• /
• pp.16-22
• /
• 2020

In this paper, the technology and capabilities required for the job of developing security software recommended by the Cybersecurity Human Resources Development Framework of the National Initiative for Cybersecurity Education (NICE) were studied. In this paper, we describe what security skills are needed for the task of developing security software and what security capabilities should be held. The focus of this paper is to analyze the consistency between security technologies (core and specialized technologies) required for security software development tasks and the curriculum of information protection-related departments located in Seoul, Korea. The reason for this analysis is to see how the curriculum at five universities in Seoul is suitable for performing security software development tasks. In conclusion, if the five relevant departments studied are to intensively train developers of development tasks for security software, they are commonly required to train security testing and software debugging, how secure software is developed, risk management, privacy and information assurance.

• The Journal of Society for e-Business Studies
• /
• v.20 no.3
• /
• pp.113-125
• /
• 2015

Information Security Incidents that have recently happen rapidly spread and the scale of that incidents' damage is large. In addition, as it proceeds to the era of converged industry in the future environment and the virtual cyber world expands to the physical world, new types of security threats have occurred. Now, it is time to supply security professionals who have a multi-dimensional security capabilities that can manage the strategies of technological security and physical security from the management point of view, rather than the ones who primarily focus on the traditional technologic-centered strategies to solve new types of security threats. In conclusion, in this paper we try to produce the curriculum of information security featured in the occupational classification system and analyze the subjects that are additionally required for those who move to other occupations to cultivate security professionals who suited to the converged-industrial environment. It is expected that multi-dimensional security professionals who suited to the converged-industrial environment will be cultivated by harmoniously integrating information security subjects from technological and business/managerial perspectives, and education training courses will be developed that effectively provide core knowledges per occupational classification when people moves to other occupations in the areas of information security.