• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.12
• /
• pp.4889-4908
• /
• 2020

With the advances in Information Technology (IT), users can download or stream copyrighted works, such as videos, music, and webtoons, at their convenience. Thus, the frequency of use of copyrighted works has increased. Consequently, the number of unauthorized copies and sharing of copyrighted works has also increased. Monitoring is being conducted on sites suspected of conducting copyright infringement activities to reduce copyright holders' damage due to unauthorized sharing of copyrighted works. However, suspected copyright infringement sites respond by changing their domains or blocking access requests. Although research has been conducted for improving the effectiveness of suspected copyright infringement site detection by defining suspected copyright infringement sites' response techniques as a lifecycle step, there is a paucity of studies on automation techniques for lifecycle detection. This has reduced the accuracy of lifecycle step detection on suspected copyright infringement sites, which change domains and lifecycle steps in a short period of time. Thus, in this paper, an automated detection technique for suspected copyright infringement sites is proposed for efficient detection and response to suspected copyright infringement sites. Using our proposed technique, the response to each lifecycle step can be effectively conducted by automatically detecting the lifecycle step.

• Journal of the Korea Convergence Society
• /
• v.9 no.7
• /
• pp.55-62
• /
• 2018

Recently, as the threat of cyber crime increases, the importance of security control to cope with cyber attacks on the information systems in the first place such as real-time detection is increasing. In the name of security control center, cyber terror response center and infringement response center, institutional control personnel are making efforts to prevent cyber attacks. Especially, we are detecting infringement accident by using network security equipment or utilizing control system, but it's not enough to prevent infringement accident by just controlling based on device-driven simple patterns. Therefore, the security control system is continuously being upgraded, and the development and research on the detection method are being actively carried out by the prevention activity against the threat of infringement. In this paper, we have defined the method of detecting infringement of major component module in order to improve the problem of existing infringement detection method. Through the performance tests for each module, we propose measures for effective security control and study effective infringement threat detection method by upgrading the control system using Security Information Event Management (SIEM).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.487-498
• /
• 2023

Security incidents using vulnerabilities in cloud services occur, but it is difficult to collect and analyze traces of incidents in cloud environments with complex and diverse service models. As a result, the importance of cloud forensics research has emerged, and infringement response scenarios must be designed from the perspective of cloud service users (CSUs) and cloud service providers (CSPs) based on representative security threat cases in the public cloud service model. This simulated hacking-based proactive cloud infringement response framework can be used to respond to the cloud service critical resource attack process from the viewpoint of vulnerability detection before cyberattacks occur on the cloud, and can also be expected for data acquisition. Therefore, in this paper, we propose a framework for preventive cloud infringement based on simulated hacking by analyzing and utilizing Cloudfox, a cloud penetration test tool.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.4
• /
• pp.127-136
• /
• 2007

With the construction of vast networks, Internet based services such as online games and Internet banking are steadily increasing. As dysfunctions of the trend, various threats from worms/viruses to hacking are proliferating and new types and variations of worms/viruses are emerging. In response to the problems, telecommunication carriers and the government we establishing systems to cope with infringement accidents and resultant damages. However, in case of nationwide emergencies like the 1.25 Accident, infringement may spread rapidly while analyzing what kind of infringement it is and that may result in enormous losses. Thus, the paper purposed to analyze the states of infringement accidents occurring at each network and coping methods and checklist, based on the results. and to propose strategies for controlling services in case of large scale infringement accidents.

• Journal of Convergence for Information Technology
• /
• v.12 no.5
• /
• pp.1-14
• /
• 2022

This study tried to suggest crisis management compliance to prevent personal information infringement accidents that may occur in the process because the data including personal information is being processed in the artificial intelligence (AI) service process. To this end, first, the AI service provision process is divided into 3 processes such as service planning/data design and collection process, data pre-processing and purification process, and algorithm development and utilization process. And 3 processes are subdivided into 9 stages following to personal information processing stages to infringe personal information. All processes were investigated with literature and experts' Delphi. Second, the investigated personal information infringement factors were selected through FGI, Delphi, etc. for experts. Third, a survey was conducted with experts on the severity and possibility of each personal information infringement factor, and the validity and adequacy of the 94 responses were verified. Fourth, to present appropriate risk management compliance for personal information infringement factors in AI services, a method for calculating the risk level of personal information infringement is prepared by utilizing the asset value of personal information, personal information infringement factors, and the possibility of infringement accidents. Through this, the countermeasures for personal information infringement incidents were suggested according to the scored risk level.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.1
• /
• pp.101-121
• /
• 2020

Technology and culture are converging with various industries to create added value of contents. In addition, the country is creating a foundation environment for grafting new technologies onto the cultural content. However, copyright infringement by voice demand and supply is continuously occurring for cultural contents with copyright, and more and more recently, there have been increasing cases of creating and operating sites with servers overseas to bypass monitoring on infringement sites. To prevent this, various copyright protection studies are under way in many areas, but the current detection and prevention technologies are largely reactive and therefore have problems of effectiveness. Accordingly, this paper proposes a model of the lifecycle of copyright infringement site to lay the foundation for preemptive response to the distribution of illegal copies through analysis of the lifecycle of copyright infringement site.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.260-280
• /
• 2020

Cyber-attacks emerge in a more intelligent way, and various security technologies are applied to respond to such attacks. Still, more and more people agree that individual response to each intelligent infringement attack has a fundamental limit. Accordingly, the cyber threat intelligence analysis technology is drawing attention in analyzing the attacker group, interpreting the attack trend, and obtaining decision making information by collecting a large quantity of cyber-attack information and performing relation analysis. In this study, we proposed relation analysis factors and developed a system for establishing cyber threat intelligence, based on malicious code as a key means of cyber-attacks. As a result of collecting more than 36 million kinds of infringement information and conducting relation analysis, various implications that cannot be obtained by simple searches were derived. We expect actionable intelligence to be established in the true sense of the word if relation analysis logic is developed later.

• Journal of Information Management
• /
• v.37 no.4
• /
• pp.141-159
• /
• 2006

This paper presents the response strategy taken by the both parties who possess and infringe the patent rights in the case of patent litigation occurring in local companies. It is common that many entrepreneurs suffer from patent judgment litigation related to the intellectual property rights. Response strategy on the standpoints of patentees and trespassers are discussed in several cases such as infringement and abuse of patent rights, divulgence of trade secret and invention during employment in small & medium sized enterprises.

• Journal of Internet of Things and Convergence
• /
• v.9 no.3
• /
• pp.55-60
• /
• 2023

The IoT environment is very vulnerable to security threats, and if an intrusion occurs, it can cause great damage. In order to strengthen the security of the IoT environment, a curriculum that considers the characteristics of the IoT environment is needed. In this paper, we propose a curriculum model for cyber incident response in the Internet of Things environment. The proposed curriculum model was designed as a model for security threats in the IoT environment, types of intrusion incidents, and incident response procedures. The proposed curriculum model is expected to contribute to improving security awareness in the IoT environment and fostering cyber incident response experts in the IoT field. The proposed curriculum model strengthens the security of the IoT environment and is expected to be safe through security incident response in the IoT.

• Journal of Information Technology Services
• /
• v.19 no.4
• /
• pp.109-124
• /
• 2020

In 2012, Psy's music video 'Gangnam Style' spread through parodies, and gained explosive popularity. In 2016, there was a case so-called as 'baseball ground cheering song' in which a author(songwriters) claimed an infringement of the 'right of integrity' related to cheering songs used by professional baseball teams. In response, the court denied violating the right of integrity in 2019. These cases have different effects depending on whether or not the 'right of integrity' is claimed. This study attempted an economic analysis in addition to a legal analysis of the right of integrity. Korean copyright law regards even simple changes that go against the author's will as a infringement of the 'right of integrity' even if they do not harm honor or reputation. Such legislation is one of the most strongly protected forms in the world, so it cause many problems. Meanwhile, we analyzed the cost-benefit analysis of Psy's 'Gangnam Style' case and the 'baseball ground cheering song' case. As a result of the analysis, the right to integrity is inefficient in quantitative and qualitative aspects. Therefore, the right of integrity should be reconsidered with the focus on 'popular music'. In particular, considering the development of information communication technology and changes, a revision direction is needed to meet the purpose of the copyright act. Furthermore, in order to solve the legal issues under the Copyright Act, the requirement for infringement of the right of integrity should be relaxed. Then, we proposed the establishment of a proviso clause on the right of integrity.