• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.275-278
• /
• 2013

Log is a file system, a system that uses all remaining data. Want situation now being issued in the IT, media Nate on information disclosure, the press agency server hack by numbness crime occurred. Hacking crisis that's going through this log analysis software professionally for professional analysis is needed. The present study, about APT attacks happening intelligently Log In case of more than traceback in advance to prevent the technology to analyze the pattern for log analysis techniques.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.10a
• /
• pp.185-188
• /
• 2018

네트워크 환경 및 인터넷 활용폭이 다양해지면서 고도화되고 진보적인 보안위협이 발생되고 있으며 발생량도 점차 증가하고 있다. 이에 따라, 네트워크 침입탐지 시스템, 악성행위 탐지 시스템, 웹 방화벽, 안티바이러스 등도 점차 진보된 악성행위를 탐지하는 데 있어 불충분해짐에 따라 기업과 기관 및 보안담당자들은 직관적인 정보를 제공하는 End-Point 로그 수집 및 모니터링으로 변화를 시도하고 있다. 이에 따라, 본 논문에서는 Anti-Virus 및 침입 탐지 시스템(IDS), APT, 윈도우 감사로그를 상호 비교하여 보안분석 시스템보다 윈도우 감사로그가 보안위협 및 침해사고를 모니터링하는 면에서 더욱 직관적이고 빠른 대응이 가능하다는 것을 증명한다.

• Journal of Information Technology Applications and Management
• /
• v.22 no.2
• /
• pp.171-199
• /
• 2015

This study proposes the practical information security measures that help IT personnel of banks comply the information security policy. The research model of the study is composed of independent variables (clarity and comprehensiveness of policy, penalty, dedicated security organization, audit, training and education program, and top management support), a dependent variable (information security policy compliance intention), and moderating variables (age and gender). Analyses results show that the information security measures except 'clarity of policy' and 'training and education program' are proven to affect the 'information security policy compliance intention.' In case of moderating variables, age moderated the relationship between top management support and compliance intention, but gender does not show any moderating effect at all. This study analyzes information security measures based solely on the perception of the respondents. Future study may introduce more objective measurement methods such as systematically analyzing the contents of the information security measures instead of asking the respondents' perception. In addition, this study analyzes intention of employees rather than the actual behavior. Future research may analyze the relationship between intention and actual behavior and the factors affecting the relationship.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11b
• /
• pp.592-594
• /
• 2005

국가회계 전산화는 자료의 가시성(visibility)을 약화시키고 내부통제의 위험을 증가시키는 등 감사환경을 변화시키고 있다. 정부재정규모의 증가로 거래건수가 증가하고, 결산기간 단축, 자금 전자이체, 정부구매 카드 도입 등 정보화에 따라 회계처리방법이 변화되고 있어 이에 대응할 수 있는 전산감사기법 개발이 필요하다. 전산감사기법은 감사자의 감사능력을 향상시켜 생산성과 감사품질을 향상시키고, 내부통제 확인, 회계부정에 대한 예방기능을 가지고 있다. 본 논문에서는 외부감사인(감사원)이 회계감사에 활용할 수 있도록 국가재정정보시스템 등 정부회계 관련 정보시스템으로부터 수집할 수 있는 자료를 대상으로 회계 감사 시나리오작성 및 검증, 데이터수집, 전산분석기법의 적용을 통한 감사모듈 개발방법을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.11b
• /
• pp.1011-1014
• /
• 2002

최근 대규모 네트워크 데이터에 대한 패턴을 분석하기 위한 연구에 대하여 관심을 가지고 침입탐지 시스템을 개선하기 위해 노력하고 있다. 특히, 이러한 광범위한 네트워크 데이터 중에서 침입을 목적으로 하는 데이터에 대한 탐지 능력을 개선하기 위해 먼저, 광범위한 침입항목들에 대한 탐지 적용기술을 학습하고, 그 다음에 데이터 마이닝 기법을 이용하여 침입패턴 인식능력 및 새로운 패턴을 빠르게 인지하는 적용기술을 제안하고자 한다. 침입 패턴인식을 위해 각 네트워크에 돌아다니는 관련된 패킷 정보와 호스트 세션에 기록되어진 자료를 필터링하고, 각종 로그 화일을 추출하는 프로그램들을 활용하여 침입과 일반적인 행동들을 분류하여 규칙들을 생성하였으며, 생성된 새로운 규칙과 학습된 자료를 바탕으로 침입탐지 모델을 제안하였다. 마이닝 기법으로는 학습된 항목들에 대한 연관 규칙을 찾기 위한 연역적 알고리즘을 이용하여 규칙을 생성한 사례를 보고한다. 또한, 추출 분석된 자료는 리눅스 기반의 환경 하에서 다양하게 모아진 네트워크 로그파일들을 분석하여 제안한 방법에 따라 적용한 산출물이다.

• Journal of Information Processing Systems
• /
• v.16 no.2
• /
• pp.301-317
• /
• 2020

An enterprise patch-management system (PMS) typically supplies a single point of failure (SPOF) of centralization structure. However, a Blockchain system offers features of decentralization, transaction integrity, user certification, and a smart chaincode. This study proposes a Hyperledger Fabric Blockchain-based distributed patch-management system and verifies its technological feasibility through prototyping, so that all participating users can be protected from various threats. In particular, by adopting a private chain for patch file set management, it is designed as a Blockchain system that can enhance security, log management, latest status supervision and monitoring functions. In addition, it uses a Hyperledger Fabric that owns a practical Byzantine fault tolerant consensus algorithm, and implements the functions of upload patch file set, download patch file set, and audit patch file history, which are major features of PMS, as a smart contract (chaincode), and verified this operation. The distributed ledger structure of Blockchain-based PMS can be a solution for distributor and client authentication and forgery problems, SPOF problem, and distribution record reliability problem. It not only presents an alternative to dealing with central management server loads and failures, but it also provides a higher level of security and availability.

• KIPS Transactions on Software and Data Engineering
• /
• v.9 no.11
• /
• pp.329-331
• /
• 2020

Edutech is a compound word of education and technology, and is an educational paradigm in the era of the 4th industrial revolution. This refers to next-generation education using information and communication technology (ICT) such as big data, artificial intelligence (AI), robots, and virtual reality (VR) of the 4th industrial revolution. e-Learning is being used as an online lecture for education in ICT, but edutech is attracting attention along with e-learning as the feeding of non-face-to-face education has rapidly increased due to COVID-19. Therefore, this paper summarizes the reviewed papers on the blockchain-based badge service platform, simulation-based collaborative e-Learning system, video English dictionary, and blockchain-based access control audit system.

• The Journal of Asian Finance, Economics and Business
• /
• v.7 no.10
• /
• pp.315-322
• /
• 2020

This study investigates the application of management information systems to the quality of local government financial reports, especially the principle of transparency and the law of accountability, which have been measures of financial statement performance evaluation. The study was conducted in Enrekang Regency, Indonesia, which, based on the results of the examination, the Supreme Audit Board reported the status of Disclaimer, Fair with Exceptions, and Fair without Exceptions for three years each. This study used a sample of 35 respondents, finance department employees who worked on local government financial reports. Descriptive quantitative data were collected using a questionnaire instrument, then with the assistance of the Program Solution and Product Statistics (SPSS) Program, data were processed to test hypotheses. The results showed that the use of management information systems based on information and communication technology (ICT) had a significant influence on the quality of local government financial reports. The findings of this study indicate that the application of ICT-based management information systems affects the accountability and transparency of local government financial reports. This finding is reinforced by the use of the principles of government agility in the form of government apparatuses that apply responsive dexterity, flexibility agility, and competency agility.

• Journal of Information Technology Services
• /
• v.15 no.3
• /
• pp.33-50
• /
• 2016

In a dynamic IT environment, employees often utilize external IT resources to work more efficiently and flexibly. However, the use of external IT resources beyond its control may cause difficulties in the company. This is known as "Shadow IT." In spite of efficiency gains or cost savings, Shadow IT presents problems for companies such as the outflow of enterprise data. To address these problems, appropriate measures are required to maintain a balance between flexibility and control. Therefore, in this study, we developed a new information security management system called AIIMS (Advanced IT service & Information security Management System) and the Shadow IT Evaluation Model. The proposed model reflects a Shadow IT's attributes such as innovativeness, effectiveness, and ripple effect. AIIMS consists of five fields: current analysis; Shadow IT management plans; management process; education and training; and internal audit. There are additional management items and sub-items within these five fields. Using AIIMS, we expect to not only mitigate the potential risks of Shadow IT but also create successful business outcomes. Now is the time to draw to the Light in the Shadow IT.

• Research in Mathematical Education
• /
• v.14 no.2
• /
• pp.173-194
• /
• 2010

This study examines the differences and similarities of mathematics teachers' subject matter knowledge among England, the Chinese mainland and Hong Kong. Data were collected from a ten-item test in the SKIMA subject matter audit instrument [Rowland, T.; Martyn, S.; Barber, P. & Heal, C. (2000). Primary teacher trainees' mathematics subject knowledge and classroom performance. In: T. Rowland & C. Morgan (eds.), Research in Mathematics Education, Volume 2 (pp.3-18). ME 2000e.03066] from over 500 participants. Results showed that participants from England performed consistently better, with those from Hong Kong being next and then followed by those from the Chinese mainland. The qualitative data revealed that participants from Hong Kong and the Chinese mainland were fluent in applying routines to solve problems, but had some difficulties in offering explanations or justifications.