• International Journal of Internet, Broadcasting and Communication
• /
• 제15권1호
• /
• pp.23-32
• /
• 2023

Since NFTs can be used like certificates due to the nature of blockchain, their use in various digital asset trading markets is expanding. This is because NFTs are expected to be actively used as a core technology of the metaverse virtual economy as non-transferable NFTs are developed. However, concerns about NFT security threats are also growing. Therefore, the purpose of this study is to investigate and analyze NFT-related infringement cases and to clearly understand the current security status and risks. As a research method, we determined NFT security areas based on previous studies and analyzed infringement cases and threat types for each area. The analysis results were systematically mapped in the form of domain, case, and threat, and the meaning of the comprehensive results was presented. As a result of the research, we want to help researchers clearly understand the current state of NFT security and seek the right research direction.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2020년도 춘계학술발표대회
• /
• pp.231-234
• /
• 2020

In the past few years, the industrial internet of things (IIoT) has received great attention in various industrial sectors which have potentially increased a high level of integrity, availability, and scalability. The increasing of IIoT is expected to create new smart industrial enterprises and build the next generation smart system. However existing IIoT systems rely on centralized servers that are vulnerable to a single point of failure and malicious attack, which exposes the data to security risks and storage. To address the above issues, blockchain is widely considered as a promising solution, which can build a secure and efficient environment for data storing, processing and sharing in IIoT. In this paper, we propose a decentralized, peer-to-peer platform for secure data storing in industrial IoT base on the ethereum blockchain. We exploit ethereum to ensure data security and reliability when smart devices store the data.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권4호
• /
• pp.1941-1960
• /
• 2019

Unmanned aerial vehicles (UAVs), acting as mobile base stations (BSs), can be deployed in the typical fifth-generation mobile communications (5G) scenarios for the purpose of substantially enhancing the radio coverage. Meanwhile, UAV aided underlay device-to-device (D2D) communication mode can be activated for further improving the capacity of the 5G networks. However, this UAV aided D2D communication system is more vulnerable to eavesdropping attacks, resulting in security risks. In this paper, the D2D receivers work in full-duplex (FD) mode, which improves the security of the network by enabling these legitimate users to receive their useful information and transmit jamming signal to the eavesdropper simultaneously (with the same frequency band). The security communication under the UAV coverage is evaluated, showing that the system's (security) capacity can be substantially improved by taking advantage of the flexible radio coverage of UAVs. Furthermore, the closed-form expressions for the coverage probabilities are derived, showing that the cellular users (CUs)' secure coverage probability in downlink transmission is mainly impacted by the following three factors: its communication area, the relative position with UAV, and its eavesdroppers. In addition, it is observed that the D2D users or DUs' secure coverage probability is relevant to state of the UAV. The system's secure capacity can be substantially improved by adaptively changing the UAV's position as well as coverage.

• 한국컴퓨터정보학회논문지
• /
• 제24권8호
• /
• pp.67-76
• /
• 2019

Along with the diversification of digital content services using wired/wireless networks, the market for the construction of base systems is growing rapidly. Cloud computing services are recognized for a reasonable cost of service and superior system operations. Cloud computing is convenient as far as system construction and maintenance are concerned; however, owing to the security risks associated with the system construction of actual cloud computing service, the ICT(Information and Communications Technologies) market is lacking regardless of its many advantages. In this paper, we conducted an experiment on a cloud computing security enhancement model to strengthen the security aspect of cloud computing and provide convenient services to the users. The objective of this study is to provide secure services for system operation and management while providing convenient services to the users. For secure and convenient cloud computing, a single sign-on (SSO) technique and a system access control technique are proposed. For user authentication using SSO, a security level is established for each user to facilitate the access to the system, thereby designing the system in such a manner that the rights to access resources of the accessed system are not abused. Furthermore, using a user authentication ticket, various systems can be accessed without a reauthorization process. Applying the security technique to protect the entire process of requesting, issuing, and using a ticket against external security threats, the proposed technique facilitates secure cloud computing service.

• International Journal of Internet, Broadcasting and Communication
• /
• 제15권1호
• /
• pp.13-22
• /
• 2023

In the age of Web 3.0, the metaverse is emerging as a new innovative element to replace the Internet. Leading major ICT companies, it is striving to become a metaverse platform or infrastructure-oriented company. Along with the expansion of the VR and AR market, governments of each country are investing large budgets in this field. However, security concerns about metaverse are also growing. In addition to potential damage to infrastructure, platform and services, personal information leakage and privacy damage are expected to increase further. In this study, we investigated and closely analyzed cases of infringement on the infrastructure, platform, and service of Metaverse. We have clearly identified the current state of metaverse security and the characteristics of the risks of greatest concern. The research procedure is composed of a method of determining the metaverse security area for case analysis first and deriving the type of threat by area through the type of infringement. In particular, the results were mapped into Domain, Case, and Threat, and the implications of the results were analyzed. Through these results, researchers want to contribute to finding the right direction of research by clearly understanding the latest metaverse security status.

• International Journal of Computer Science & Network Security
• /
• 제22권7호
• /
• pp.131-146
• /
• 2022

The Internet is becoming a basic need for many individuals globally in this digital age. The youths became more active online than before, with the majority relying on different platforms to communicate and interact with peers. Saudi Arabia is one of the nations where internet usage is high, with an increasing number of active internet users. The youth in Saudi Arabia are engaged in various online platforms. However, they lack adequate knowledge about cybersecurity and the dangers of internet usage, which exposes them to the risk of falling victims to cybercriminals. The most common dangers of internet usage include viruses, malware, phishing, and hacking, compromising users' sensitive information. Increased awareness of these potential threats helps protect Internet users and secure their data. The understanding of the dangers of Internet usage among youths varies across countries. In this regard, our study explores the risks of internet usage among youth in Saudi Arabia compared to the United States, South Africa, and New Zealand.

• 경영정보학연구
• /
• 제17권1호
• /
• pp.117-140
• /
• 2015

클라우드 서비스는 10대 IT 전략기술 트렌드로 주목받고 있지만 국내 중소기업의 경우 대부분 비용 제약의 문제로 보안 위험이 높은 퍼블릭 클라우드를 사용하고 대기업에 비해 클라우드 서비스에 대한 이해도가 낮으며 도입률 또한 저조한 편이다. 한편 IT 프로젝트에서의 불확실성을 헷징하기 위한 방편으로 실물옵션 전략이 주목을 받고 있는데 본 연구에서는 클라우드 서비스의 기술적, 안전성, 관계적, 경제적 위험요소 간의 인과관계를 밝히고 경제적 위험이 실물옵션 채택의도에 어떠한 영향을 주는지에 관한 연구를 실시하였다. 본 연구는 전문업체에 의뢰하여 클라우드 서비스를 사용하고 있는 수도권 내 중소기업을 대상으로 설문조사를 실시하였다. 총 287부를 120개의 기업별로 평균을 내어 조직수준에서 분석을 하였으며 통계적 분석에는 Smart PLS Version 2.0.M3과 SPSS Statistics18을 활용하였다. 연구결과에 의하면 클라우드 서비스의 기술적 위험은 안전성 위험에 유의한 정(+)의 영향을 미쳤고 클라우드 서비스의 관계적 위험은 경제적 위험에 유의한 정(+)의 영향을 미쳤다. 그리고 클라우드 서비스의 안전성 위험은 경제적 위험에 유의한 정(+)의 영향을 미쳤고 경제적 위험은 연기옵션과 포기옵션 채택의도에 유의한 정(+)의 영향을 미쳤다. 본 연구는 클라우드 서비스를 사용함으로써 겪을 수 있는 여러 위험 요인을 세분화하고 위험 요인과 실물옵션간의 관계를 명확히 밝힘으로써 클라우드 서비스 계약 시에 실물옵션을 적용할 수 있는 이론적인 바탕이 될 수 있게 하였다. 실무적으로는 클라우드 서비스를 사용함에 있어 발생할 수 있는 여러 위험들을 효과적으로 관리하고 통제하기 위하여 클라우드 서비스 계약 시 이들 위험들을 관리할 수 있는 실물옵션을 계약사항에 제시함으로써 사용자와 공급자 모두에게 도움이 될 수 있는 전략을 세울 수 있다는 데에 의의가 있다.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2016년도 춘계학술대회
• /
• pp.759-761
• /
• 2016

최근 정보보안 환경 변화에 따른 사이버 침해, 사업 기밀유출, 글로벌 보안위협 등의 정보자산에 대한 지속적인 공격으로 위협이 되고 있다. 이는 기존 정보보호시스템에서 대응이 어려운 APT 공격, 우회접근공격 및 암호화 패킷에 대한 공격 등에 대한 탐지와 조치가 가능한 접근에 대해 지속적인 모니터링의 수행이 요구되고 있다. 본 논문에서는 지능형지속위협 공격경로차단을 위한 예방통제(Prevention Control)로 중요한 자산 식별하고 위험을 미리 제거하기 위하여 취약성 분석, 위험분석을 통한 정보통제 정책을 수립하고 서버접근통제, 암호화통신 감시를 통해 탐지통제(Detection Control)를 수립하고 패킷 태깅, 보안플랫폼, 시스템백업과 복구를 통해 교정통제(Corrective Control)를 하여 지능화된 침해대응(Intelligent Violation of Response) 할 수 있도록 정보보호시스템 운영관리 방법을 제안한다.

• 정보보호학회논문지
• /
• 제26권2호
• /
• pp.551-558
• /
• 2016

최근 ICT 융합산업의 확산은 새로운 비즈니스 창출 등 많은 장점을 불러왔지만, 보안위험이 융복합적으로 발생하는 등 새로운 위협을 발생하고 있다. 한편, 이에 대한 대책 중 하나로 인력 중심의 보안관리가 제시되면서 현재 산업별 보안인력의 수요는 지속적으로 증가하고 있다. 하지만 보안인력 양성을 위한 교육 및 훈련에 대한 품질에 대해서는 연구가 미흡하다. 본 논문에서는 민간시장 정보보호 교육과정 현황을 조사하고, 정보보호 직무분류 등을 활용한 4개 전문분야 15개 표준 교육과정을 도출하였다. 또한 효율적인 민간분야 정보보호 교육인증을 위한 평가지표를 제시하고, 지표별 가중치에 따른 점수를 산정하였다.

• 복식문화연구
• /
• 제26권4호
• /
• pp.547-562
• /
• 2018

As social media penetrates more deeply into people's everyday lives, social commerce (a type of commerce that combines SNS features and possibility for commercial transactions) has enjoyed unprecedented growth. Shopping on Facebook is a representative example of social commerce platform that allows consumers to interact with other users, exchange information and purchase products without leaving a Facebook page. Social commerce presents great opportunities for marketers in terms of leveraging social aspects of shopping experience. It also offers a large potential for Korean companies to reach various target markets, as well as establish their presence abroad. Yet, acceptance of social commerce as a legitimate shopping channel has been slow, and consumers are still hesitant to shop via Facebook. This study draws on uses and gratification theory and the concept of perceived risk to examine how different motives for SNS use and the associated types of perceived risks can affect the purchase intention on the platform. Empirical data from 288 young users of Facebook were analyzed. Findings identified two main motives for SNS use: information-related motive and communication-related motive. Information-related motive significantly affected the intention to shop on Facebook, whereas communication-related motive did not have any significant influence. Risks associated with shopping via Facebook included delivery risk, security risk, social risk and economic risk. Overall, consumers perceived a higher level of security and social risk associated with shopping on Facebook. However, only social risk had a significant negative influence on the purchase intention. Awareness and previous experience of buying via social commerce platform positively affected consumers' purchase intention.