• Journal of the Korea Society of Computer and Information
• /
• v.20 no.9
• /
• pp.137-145
• /
• 2015

The Criminal Law of South Korea has needed to cope with new kinds of crimes such as the fraud by use of computer efficiently in a legislative way because the society has witnessed the rapid progress of the industrialization and informatization after established in 1953. As a result, the Criminal Law revised on December 29, 1995, created the regulations of the crimes related to fraud by use of computer, work disturbance, and secret piracy by using information processing units. The regulation stipulated in Clause 347, Article 2 of Criminal Law is the most typical one against the new crimes. However, the new regulation of fraud by use of computer, established and revised to supplement the lacking parts of the current rules of the punishment of fraud, limits its object to "any benefits to property." not to "property" itself, and so cannot achieve the purpose of the revision of the law. This paper aims to suggest a new legislative measure about the object of the regulation of fraud by use of computer to solve this kind of problem efficiently.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.163-171
• /
• 2022

Online services are widely spread, and their use increases day by day. As COVID-19 spread and people spent much time online, fraud scams have risen unexpectedly. Manipulation techniques have become more effective at swindling those lacking basic technological knowledge. Unfortunately, a user needs a quorum. The interest in preventing scammers from obtaining effective quality service has become the most significant obstacle, increasing the variety of daily Internet platforms. This paper is concerned with analyzing purchase data and extracting provided results. In addition, after examining relevant documents presenting research discussing them, the recommendation was made that future work avoids them; this would save a lot of effort, money, and time. This research highlights many problems a person may face in dealing with online institutions and possible solutions to the epidemic through theft operations on the Internet.

• Journal of Korea Multimedia Society
• /
• v.24 no.6
• /
• pp.760-767
• /
• 2021

The identity verification is one of the most important technologies in online services. Many services in society are provided online, and the service is provided after confirming the user's identity. Users can do a lot of things online, but they also have side effects. Online digital information is easily manipulated and it is difficult to verify its authenticity, causing social confusion. Accordingly, there has been a movement for individuals to directly manage their identity information using DID. In this paper, we propose a system that can authenticate identity by directly adding own personal information and issuing an identifier using DID technology based on a private blockchain. Then, to verify the proposed system, the scenario is executed and verified.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.312-318
• /
• 2021

Lack of knowledge and digital skills is a threat to the information security of the state and society, so the formation and development of organizational culture of information security is extremely important to manage this threat. The purpose of the article is to assess the state of information security of the state and society. The research methodology is based on a quantitative statistical analysis of the information security culture according to the EU-27 2019. The theoretical basis of the study is the theory of defense motivation (PMT), which involves predicting the individual negative consequences of certain events and the desire to minimize them, which determines the motive for protection. The results show the passive behavior of EU citizens in ensuring information security, which is confirmed by the low level of participation in trainings for the development of digital skills and mastery of basic or above basic overall digital skills 56% of the EU population with a deviation of 16%. High risks to information security in the context of damage to information assets, including software and databases, have been identified. Passive behavior of the population also involves the use of standard identification procedures when using the Internet (login, password, SMS). At the same time, 69% of EU citizens are aware of methods of tracking Internet activity and access control capabilities (denial of permission to use personal data, access to geographical location, profile or content on social networking sites or shared online storage, site security checks). Phishing and illegal acquisition of personal data are the biggest threats to EU citizens. It have been identified problems related to information security: restrictions on the purchase of products, Internet banking, provision of personal information, communication, etc. The practical value of this research is the possibility of applying the results in the development of programs of education, training and public awareness of security issues.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.125-131
• /
• 2021

Detecting fraudulent insurance claims is difficult due to small and unbalanced data. Some research has been carried out to better cope with various types of fraudulent claims. Nowadays, technology for detecting fraudulent insurance claims has been increasingly utilized in insurance and technology fields, thanks to the use of artificial intelligence (AI) methods in addition to traditional statistical detection and rule-based methods. This study obtained meaningful results for a fraudulent insurance claim detection model based on machine learning (ML) and deep learning (DL) technologies, using fraudulent insurance claim data from previous research. In our search for a method to enhance the detection of fraudulent insurance claims, we investigated the reinforcement learning (RL) method. We examined how we could apply the RL method to the detection of fraudulent insurance claims. There are limited previous cases of applying the RL method. Thus, we first had to define the RL essential elements based on previous research on detecting anomalies. We applied the deep Q-network (DQN) and double deep Q-network (DDQN) in the learning fraudulent insurance claim detection model. By doing so, we confirmed that our model demonstrated better performance than previous machine learning models.

• Convergence Security Journal
• /
• v.18 no.2
• /
• pp.33-40
• /
• 2018

ICT technology has been applied to various educational fields, but applying to educational test field is limited. Computer-based test (CBT) can overcome temporal and spatial constraints of conventional paper-based test, but is vulnerable to fraud by test parties. In this paper, we propose real-time monitoring and process management methods to enhance the security of CBT. In the proposed methods, the test screens of students are periodically captured and transferred to the professor screen to enable real-time monitoring, and the possible processes used for cheating can be blocked before testing. In order to monitor the screen of many students in real time, effective compression of the captured original image is important. We applied three-step compression methods: initial image compression, resolution reduction, and re-compression. Through this, the original image of about 6MB was converted into the storage image of about 3.8KB. We use the process extraction and management functions of Windows API to block the processes that may be used for cheating. The CBT system of this paper with the new security enhancement methods shows the superiority through comparison of the security related functions with the existing CBT systems.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.11 no.6
• /
• pp.718-723
• /
• 2018

In a positive Internet of Medical Things (IoMT) environment, by combining the latest computer network technology with IoT technology, remote health care such as health care and monitoring is improved through the provision of quality medical information services. In this paper, we identified and compared the platforms applied with blockchain and presented the results of developing the product distribution de-centralized DApp. In the process, we developed a distribution platform that can use blockchain technology to identify product fraud, manage data, manage customers' information, prevent forgery, track transaction history, and facilitate product transactions.

• Journal of Advanced Navigation Technology
• /
• v.18 no.6
• /
• pp.569-575
• /
• 2014

Since 2009 the number of users of smart phones and tablet PC is growing exponentially. In particular Apple's iOS and Google's Android OS are the heart of this remarkable growth, most of smart phone and tablet PC are designed to operate based on these two OS. Such increasing use of smart devices has led to changes in the social environment that allows, without the constraints of time and place. However, such development does not supply only ease to do something, even compared to past, financial fraud and information leakage are easier than before by variety of new types of attack for example phishing, pharming, smishing and qshing. So according to this paper, analyzes for smishing attack, propose a countermeasure system of the technical way and proved its higher performance compare to the existing method.

• Journal of Information Processing Systems
• /
• v.8 no.3
• /
• pp.495-520
• /
• 2012

A secure Electronic Payment System (EPS) is essential for the booming online shopping market. A successful EPS supports the transfer of electronic money and sensitive information with security, accuracy, and integrity between the seller and buyer over the Internet. SET, CyberCash, Paypal, and iKP are the most popular Credit Card-Based EPSs (CCBEPSs). Some CCBEPSs only use SSL to provide a secure communication channel. Hence, they only prevent "Man in the Middle" fraud but do not protect the sensitive cardholder information such as the credit card number from being passed onto the merchant, who may be unscrupulous. Other CCBEPSs use complex mechanisms such as cryptography, certificate authorities, etc. to fulfill the security schemes. However, factors such as ease of use for the cardholder and the implementation costs for each party are frequently overlooked. In this paper, we propose a Web service based new payment system, based on ANSI X9.59-2006 with extra features added on top of this standard. X9.59 is an Account Based Digital Signature (ABDS) and consumer-oriented payment system. It utilizes the existing financial network and financial messages to complete the payment process. However, there are a number of limitations in this standard. This research provides a solution to solve the limitations of X9.59 by adding a merchant authentication feature during the payment cycle without any addenda records to be added in the existing financial messages. We have conducted performance testing on the proposed system via a comparison with SET and X9.59 using simulation to analyze their levels of performance and security.

• The Journal of the Convergence on Culture Technology
• /
• v.6 no.1
• /
• pp.455-461
• /
• 2020

Electronic payment system using Internet banking is a very important application for users of e-commerce environment. With rapidly growing use of fintech applications, the risk and damage caused by malicious hacking or identity theft are getting significant. To prevent the damage, fraud detection system (FDS) calculates the risk of the electronic payment transactions using user profiles including types of goods, device status, user location, and so on. In this paper, we propose a new risk calculation method using relative location of users such as SSID of wireless LAN AP and MAC address. Those relative location information are more difficult to imitate or copy compared with conventional physical location information like nation, GPS coordinates, or IP address. The new method using relative location and cumulative user characteristics will enable stronger risk calculation function to FDS and thus give enhanced security to electronic payment systems.