• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.107-122
• /
• 2015

Many defensive mechanisms have been evolved as new attack methods are developed. However, APT attacks using e-mail are still hard to detect and prevent. Recently, many organizations in the government sector or private sector have been hacked by malicious e-mail based APT attacks. In this paper, first, we built hacking e-mail database based on the real e-mail data which were used in attacks on the Korean government organizations in recent years. Then, we extracted features from the hacking e-mails for profiling them. We design a case vector that can describe the specific characteristics of hacking e-mails well. Finally, based on case based reasoning, we made an algorithm for retrieving the most similar case from the hacking e-mail database when a new hacking e-mail is found. As a result, hacking e-mails have common characteristics in several features such as geo-location information, and these features can be used for classifying benign e-mails and malicious e-mails. Furthermore, this proposed case based reasoning algorithm can be useful for making a decision to analyze suspicious e-mails.

• Convergence Security Journal
• /
• v.12 no.2
• /
• pp.43-51
• /
• 2012

CCTV would be the effective way in the prevention of abuse, as well as recorded image information evidence of the crime as a significant legal effect. But recorded image information As evidence by utilizing the Complaint/complaint handling, and administrative business processes that are currently operating offline procedural complexity and unnecessary time appear costly, privacy remains an issue to be solved, etc. Runoff. In this paper, incidence rate of offline business processing phase to solve the problems proposed to build unified portal for CCTV image information and the existing studies on the effectiveness of electronic civil service system, previous studies by analyzing e-government in accordance with laws and privacy laws, CCTV image information portal deployment model is applied to data integration occurs are trying to solve the problem effectively.

• International Journal of Computer Science & Network Security
• /
• v.22 no.3
• /
• pp.364-374
• /
• 2022

Health information systems (HIS) are facing security challenges on data privacy and confidentiality. These challenges are based on centralized system architecture creating a target for malicious attacks. Blockchain technology has emerged as a trending technology with the potential to improve data security. Despite the effectiveness of this technology, still HIS are suffering from a lack of data privacy and confidentiality. This paper presents a blockchain-based data storage security architecture integrated with an e-Health care system to improve its security. The study employed a qualitative research method where data were collected using interviews and document analysis. Execute-order-validate Fabric's storage security architecture was implemented through private data collection, which is the combination of the actual private data stored in a private state, and a hash of that private data to guarantee data privacy. The key findings of this research show that data privacy and confidentiality are attained through a private data policy. Network peers are decentralized with blockchain only for hash storage to avoid storage challenges. Cost-effectiveness is achieved through data storage within a database of a Hyperledger Fabric. The overall performance of Fabric is higher than Ethereum. Ethereum's low performance is due to its execute-validate architecture which has high computation power with transaction inconsistencies. E-Health care system administrators should be trained and engaged with blockchain architectural designs for health data storage security. Health policymakers should be aware of blockchain technology and make use of the findings. The scientific contribution of this study is based on; cost-effectiveness of secured data storage, the use of hashes of network data stored in each node, and low energy consumption of Fabric leading to high performance.

• The Journal of Society for e-Business Studies
• /
• v.19 no.4
• /
• pp.195-204
• /
• 2014

Recent, Secure the small and medium-sized enterprises from advanced and intelligence cyber threat, 24 hours of prevention, detection and analysis is essential. Small and Medium Business monitoring center is operated by government financial support to protect and prevent these threats. Currently it provides security to about 900 small and medium-sized enterprises. This paper studies abnormal and attack packets from small and medium-sized businesses[enterprises] which is monitored by Small and Medium Business monitoring center and provides improvement of security control for small and medium-sized enterprises.

• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.13 no.4
• /
• pp.29-42
• /
• 2005

The passenger security screening is a mandatory procedure for boarding the aircraft according to ICAO standard as well as national law of each country. The enhanced threat of terrorism have had the security procedure strengthened since 9/11 events. However the effectiveness of passenger screening is not satisfactory and the service level for passenger is getting worse because of tightened security measurements. This research studied the responsibility issue for the enhancement of the effectiveness and service quality in passenger security screening. The study concluded that a desirable responsibility assignment for passenger screening is to the airport authority at normal time and to the government authority at the time of high threat.

• The Journal of Society for e-Business Studies
• /
• v.1 no.1
• /
• pp.5-26
• /
• 1996

This paper aims to present a prospective trend to establish a proper CALS conception and an efficient CALS environment in Korea.. It is crucial at this point for Korea to develop a comprehensive CALS conception which considers our present economic and social situation, national security, and our national emotion. Korean CALS has been developed and led mainly by the government and private industry. It is now necessary to improve CALS conception in Korea by making CALS standard more interchangeable among international as well as domestic business fields through EDI and the automation of the industries along with the government. In this regard, this paper proposes three potential methods to accomplish this goal and discuss each of them in detail. First, we suggest to establish a proper CALS introduction policy on the government level. We propose an introduction policy with three phases such as introduction, spreading and target which will cover through the year 1996 to 2007. Second. we suggest to establish a proper CALS standardization policy by improving the acquisition of digital data and process, and modernizing infrastructure. Third, we suggest that the government should amend and enforce the necessary laws and acts for more efficient CALS implementation in Korea. Government should arrange for these acts to be applied not optionally but obligatorily to Korean enterprises so that they survive the harsh and competitive world market in the upcoming 21th century.

• 한국디지털정책학회:학술대회논문집
• /
• 2004.11a
• /
• pp.375-387
• /
• 2004

The paper presents an Integrated E-Community System (IECS) for management, decision and service, designed for the e-government project of Haishu District of Ningbo, Zhejiang, China. The project need is to promote the integration of management information and service information of communities, providing a unified platform on which different departments of the district government can share and exchange community information, government officers can analyze information and make decisions, and the outside users can access and request services. To meet the project need, the IECS consists of five parts: 1) The Central DataBase (CDB) that stores all information related with management, decision and service of communities: 2) Information Extracting Subsystem (IES) that provides functions of extracting data from data sources, transforming and loading them into the CDB for system administrators; 3) Information Management Subsystem (IMS) that provides functions of querying and sharing of information for government users, and functions of information maintenance, rights and log management for system administrators: 4) Intelligent Analysis Subsystem (IAS) that provides functions of extracting analysis related data from the CDB and loading them into the DW, and functions of multi-dimensional analysis and decision-making based on the DW and OLAP for government users; 5) Information Service Website (ISW) that provides functions of promulgating and collecting of information for government users and system administrators, and functions of browsing, querying and requesting of service information for outside users. The IECS supports management, decision and service of a government based on a unified data platform--the CDB, and ensures data security by providing different workplaces and rights for different users. In the real application, the system works well.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10a
• /
• pp.92-93
• /
• 2007

RFID(Radio Frequency Identification : 무선주파수식별) 기술은 유비쿼터스 구조 기술의 중요한 한 부분을 이루고 있다. 태그를 이용한 모든 제품들이 이러한 서비스의 대상이 되고 있지만 불행이도 다방면에 이용되는 이면에는 사용자의 사생활과 사용자 밀 판매자간의 인증문제를 이용한 서비스 공격 대상이 되고 있다. 현재 이러한 RFID 시스템의 보안 메커니즘들은 매우 중요하며 본 논문에서는 여러가지 메커니즘들 중 보안 프로토콜을 이용한 사생활과 인증문제 해결을 위해 정형검증을 통해 분석하고 새로운 프로토콜을 제안 및 구현가능성을 언급하고자 한다.

• International Journal of Computer Science & Network Security
• /
• v.23 no.11
• /
• pp.117-127
• /
• 2023

In many training institutions, the major advancement of Information Technology is having a profound impact on the way in which instructors teach and students learn, as well as how the two interact. The training process is continuing with the goal of enhancing the calibre of instruction and engagement. Top colleges and institutions have more recently developed a variety of Massive Open Online Courses (MOOC) systems centred on the development of new educational offering ways. These have not only captured the interest of students and scholars in the field of higher education, but also that of staff members in the private and public sectors. This study uses a Unified Theory of Acceptance and Use of Technology (UTAUT) model to assess the top MOOC providers and pinpoint the key elements influencing learner acceptance of MOOCs in Saudi Arabian training. A total of 382 government trainees in Saudi Arabia participated in an online survey, the results of which underwent analysis using structural equation modelling. This study identifies the key elements influencing Saudi government employee trainees' intentions to use MOOCs, with the findings indicating that the suggested model can account for 86.2% of user behaviour and 88.5% of user intentions.

• The Journal of Society for e-Business Studies
• /
• v.23 no.3
• /
• pp.65-84
• /
• 2018

The government is continuously expanding its national R&D investment to actively respond to the advent of the $4^{th}$ industrial revolution era and to develop the national economy. The R&D structure is likely to be liberalized as the paradigm shifts from the pursuit type R&D to the leading type R&D, and R&D capacity enhancement that focuses on researchers' creativity is emphasized. Such changes in R&D environment will increase the risk of security accidents such as leakage of research information. In addition, security policy for protection of research result should be the Researcher-Centric Security and security policy should be changed. This study explored transforming the research security system into the Researcher-Centric Security system so that researchers can voluntarily implement necessary security measures in the course of conducting research.