• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.11
• /
• pp.4662-4679
• /
• 2015

Currently, the leakage of internal information has emerged as one of the most significant security concerns in enterprise computing environments. Especially, damage due to internal information leakage by insiders is more serious than that by outsiders because insiders have considerable knowledge of the system's identification and password (ID&P/W), the security system, and the main location of sensitive data. Therefore, many security companies are developing internal data leakage prevention techniques such as data leakage protection (DLP), digital right management (DRM), and system access control, etc. However, these techniques cannot effectively block the leakage of internal information by insiders who have a legitimate access authorization. The security system does not easily detect cases which a legitimate insider changes, deletes, and leaks data stored on the server. Therefore, we focused on the insider as the detection target to address this security weakness. In other words, we switched the detection target from objects (internal information) to subjects (insiders). We concentrated on biometrics signals change when an insider conducts abnormal behavior. When insiders attempt to leak internal information, they appear to display abnormal emotional conditions due to tension, agitation, and anxiety, etc. These conditions can be detected by the changes of biometrics signals such as pulse, temperature, and skin conductivity, etc. We carried out experiments in two ways in order to verify the effectiveness of the emotional recognition technology based on biometrics signals. We analyzed the possibility of internal information leakage detection using an emotional recognition technology based on biometrics signals through experiments.

• Journal of the Korea Safety Management & Science
• /
• v.17 no.2
• /
• pp.129-137
• /
• 2015

This study is in regard to the gas detection system and gas detection method utilizing smart phone. This study includes; 1) the sensor module attached to the smart phone to detect and measure flammable gas or toxic gas; and 2) gas detection APP which is installed inside the smart phone and recognizes the user information and location information automatically by reading RFID tag indicating the user or the location to detect gas through the contact area where RFID and blue tooth reader is installed inside of the above mentioned smart phone, and then measures the combustible gas or toxic gas by operating above mentioned sensor module and obtains the data thus measured, and above mentioned smart phone is characterized by its transmission of the above mentioned user information, location information and measured data which are obtained by above mentioned gas detecting APP to operation server via communication network. With this, reliability for the location detecting gas by the user, the result of the measurement, etc. can be secured. Furthermore, this provides the effect of preventing artificial manipulation at the time of input which is associated with the identification of the user to be measured by utilizing removable sensor module and application or the mistake resulted from wrong input by the user. In addition, by transmitting the measured data from the sensor module carrying out gas detection to operation server, this provides the effect of making it possible to process the data thus collected to a specialized data for combustible gas or toxic gas.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.11
• /
• pp.1544-1553
• /
• 2018

Recently internal information leakage in industries is severely increasing in spite of industry security policy. Thus, it is essential to prepare an information leakage prevention measure by industries. Most of the leaks result from the insiders, not from external attacks. In this paper, a real-time internal information leakage prevention system via both storage and network is implemented in order to protect confidential file leakage. In addition, a Hadoop-based user behavior analysis and statistics system is designed and implemented for storing and analyzing information log data in industries. The proposed system stores a large volume of data in HDFS and improves data processing capability using RHive, consequently helps the administrator recognize and prepare the confidential file leak trials. The implemented audit system would be contributed to reducing the damage caused by leakage of confidential files inside of the industries via both portable data media and networks.

• Journal of the Korea Convergence Society
• /
• v.13 no.3
• /
• pp.33-41
• /
• 2022

In this article, we proposed to predict natural gas (NG) leakage levels through feature selection based on a factor analysis (FA) of the integrating the Korean Meteorological Agency data and natural gas leakage data for considering complex factors. The paper has been divided into three modules. First, we filled missing data based on the linear interpolation method on the integrated data set, and selected essential features using FA with OrdinalEncoder (OE)-based normalization. The dataset is labeled by K-means clustering. The final module uses four algorithms, K-nearest neighbors (KNN), decision tree (DT), random forest (RF), Naive Bayes (NB), to predict gas leakage levels. The proposed method is evaluated by the accuracy, area under the ROC curve (AUC), and mean standard error (MSE). The test results indicate that the OrdinalEncoder-Factor analysis (OE-F)-based classification method has improved successfully. Moreover, OE-F-based KNN (OE-F-KNN) showed the best performance by giving 95.20% accuracy, an AUC of 96.13%, and an MSE of 0.031.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.449-456
• /
• 2018

Many organizations divide the network to manage the network in order to prevent the leakage of internal data between separate organizations / departments by sending and receiving unnecessary traffic. The most fundamental network separation method is based on physically separate equipment. However, there is a case where a network is divided and operated logically by utilizing a virtual LAN (VLAN) network access control function that can be constructed at a lower cost. In this study, we first examined the possibility of bypassing the logical network separation through VLAN ID scanning and double encapsulation VLAN hopping attack. Then, we showed and implemented a data leak scenario by utilizing the acquired VLAN ID. Furthermore, we proposed a simple and effective technique to detect and prevent the double encapsulation VLAN hopping attack, which is also implemented for validation. We hope that this study improves security of organizations that use the VLAN-based logical network separation by preventing internal data leakage or external cyber attack exploiting double encapsulation VLAN vulnerability.

• Journal of Internet Computing and Services
• /
• v.19 no.5
• /
• pp.55-66
• /
• 2018

Since existing server-based authentications use vulnerable password-based authentication, illegal leak of personal data occurs frequently. Since this can cause illegal ID compromise, alternative authentications have been studied. Recently token-based authentications like OAuth 2.0 or JWT have been used in web sites, however, they have a weakness that if a hacker steals JWT token in the middle, they can obtain plain authentication data from the token, So we suggest a new authentication method using the verification token of authentic code to encrypt authentication data with effective time. The verification is to compare an authentication code from decryption of the verification-token with its own code. Its crypto-method is based on do XOR with ECDH session key, which is so fast and efficient without overhead of key agreement. Our method is outstanding in preventing the personal data leakage.

• Journal of the Society of Naval Architects of Korea
• /
• v.59 no.5
• /
• pp.280-287
• /
• 2022

An open rack vaporizer is a facility that vaporizes liquefied natural gas using sea water. When a vaporization efficiency of the open rack vaporizer decreases, liquefied natural gas can leak, which can cause great damage to the facility. Operators have to monitor the operation state of the facility in real-time to prevent the accident. However, operators have visited the site and have checked the state by looking at the value of sensors installed in the open rack vaporizer through indicators. For the safe operation of the open rack vaporizer, a monitoring system is needed to monitor the operation state of the open rack vaporizer in real-time without the need for operators to visit the site. In this paper, we developed a long term evolution based monitoring system to monitor the operation state of the open rack vaporizer. The developed system can monitor the real-time operation state of the open rack vaporizer at a control center far from the facility. For the system development, data transmission infrastructure using long term evolution was built. Afterwards a software was developed to monitor the operation state of the open rack vaporizer in real-time using the transmitted data. Finally, performance evaluation was conducted to confirm that the developed system operated successfully without data transmission delay or data missing.

• The Journal of the Convergence on Culture Technology
• /
• v.10 no.1
• /
• pp.551-557
• /
• 2024

Hydrogen is a renewable energy source with various characteristics such as clean, carbon-free and high-energy, and is internationally recognized as a "future energy". With the rapid development of the hydrogen energy industry, more hydrogen infrastructure is needed to meet the demand for hydrogen. However, hydrogen infrastructure accidents have been occurring frequently, hindering the development of the hydrogen industry. HyRAM+, developed by Sandia National Laboratories, is a software toolkit that integrates data and methods related to hydrogen safety assessments for various storage applications, including hydrogen refueling stations. HyRAM+'s physics mode simulates hydrogen leak results depending on the hydrogen refueling station components, graphing gas plume dispersion, jet frame temperature and trajectory, and radiative heat flux. In this paper, hydrogen leakage data was extracted from a hydrogen refueling station in Samcheok, Gangwon-do, using HyRAM+ software. A hydrogen leakage simulator was developed using data extracted from HyRAM+. It was implemented as a dashboard that shows the data generated by the simulator using a database and Grafana.

• Convergence Security Journal
• /
• v.12 no.1
• /
• pp.71-77
• /
• 2012

Along with the development of Internet services such as Social Network Service (SNS) and blog Service, the privacy is very important in these services. But personal data is not safety from exposure to internet service. If personal data is leak out, the privacy is disclosed to hacker or illegal person and the personal information can be used in a cyber crime as phishing attacks. Therefore, the model and method that protects to disclose privacy is requested in SNS and blog services. The model must evaluate degree of exposure to protect privacy and the method protects personal information from Internet services. This paper proposes a model to evaluate risk for privacy with property of personal data and exposure level of internet service such as bulletin board. Also, we show a method using degree of risk to evaluate with a proposed model at bulletin board.

• Journal of the Korea Institute of Building Construction
• /
• v.15 no.5
• /
• pp.491-500
• /
• 2015

This study investigated defect status by work type, based on the report data of defect inspection results, acquired by consumers' request to safety inspection agencies, before the expiration of legal defect repair warranty period. In fact, the data was not acquired by centering on suppliers, namely, construction companies in relation with the defects becoming causes to increase construction cost of apartments. This study aims to provide objective and basic data for quality improvement at construction stage and for solution to defect disputes. The study results are presented below: (1) The number of defect cases occurring from architectural work among total work types were 1,986, defect occurrence rate was 62.5%, and defect repair cost was KRW $25,851/m^2$, which stood at 78.2% of the total work types. This means the defect occurrence rate and defect repair cost in architectural work are bigger than those of other work types. (2) Major defects in architectural work were revealed in the following order: cracks from frame work, inferior interior finishing work, inferior finishing work of plaster/masonry works, water leak/damage from waterproof work and withering/omission from landscape work. The total repair cost of the major selected defects was KRW $12,220/m^2$, and was analyzed to take up 37% of the total defect repair cost.