• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1887-1898
• /
• 2018

In this paper, a method to classify insider threat activity is introduced. The internal threats help detecting anomalous activity in the procedure performed by the user in an organization. When an anomalous value deviating from the overall behavior is displayed, we consider it as an inside threat for classification as an inside intimidator. To solve the situation, Markov Chain Model is employed. The Markov Chain Model shows the next state value through an arbitrary variable affected by the previous event. Similarly, the current activity can also be predicted based on the previous activity for the insider threat activity. A method was studied where the change items for such state are defined by a transition probability, and classified as detection of anomaly of the inside threat through values for a probability variable. We use the properties of the Markov chains to list the behavior of the user over time and to classify which state they belong to. Sequential data sets were generated according to the influence of n occurrences of Markov attribute and classified by machine learning algorithm. In the experiment, only 15% of the Cert: insider threat dataset was applied, and the result was 97% accuracy except for NaiveBayes. As a result of our research, it was confirmed that the Markov Chain Model can classify insider threats and can be fully utilized for user behavior classification.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.77-86
• /
• 2015

The organization shall minimize business risks associated with customer information leaks. Enhance information security activities through voluntary pre-check and must find a way to detect the personal information leakage caused by carelessness and neglect accident. Recently, many companies have introduced an information leakage prevention solution. However, there is a possibility of internal data leakage by the internal user who has permission to access the data. By this thread it is necessary to have the environment to analyze the habit and activity of the internal user. In this study, we use the SFI analytical technique that applies RFM model to evaluate the insider activity levels were carried out case studies is applied to the actual business.

• Convergence Security Journal
• /
• v.15 no.6_2
• /
• pp.3-10
• /
• 2015

Recent massive data breaches or major security incidents show that threats posed by insiders have greatly increased over time. Especially, authorized insiders can cause more serious problems than external hackers can. Therefore there is a growing need to introduce a system that can monitor the insider threats in real time and prevent data breaches or security incidents in early-stage. In this paper, we propose a EITMS(Enterprise Insider-Threats Management System). EITMS detects the abnormal behaviors of authorized insiders based on the normal patterns made from their roles, duties and private activities. And, in order to prevent breaches and incidents in early-stage, a scoring system that can visualize the insider threats is also included.

• The Korean Journal of Financial Studies
• /
• v.2 no.2
• /
• pp.315-344
• /
• 1995

The relationship of information flow and market price formation are central to the basic tenets of financial economics. Whereas information is usually treated as being either public or private(monopolistic), most empirical studies focus on the price effects of public announcements. More recent research has centered more on the role of private information, such as insider trading, in efficient pricing and whether such trading increases investor welfare. Typically, 'insider trading' refers to an officer that trades in his/her company's shares. Insider trading, however, also refers to anyone who generates private, albeit costly, information concerning a stock's fundamental value. Normally, such insider activity is more difficult to ascertain. One way in which negative information is revealed is through short-selling activity, especially the monthly short-interest positions reported by the national stock exchanges. Diamond and Verrecchia(1987) provide a theoretical paradigm that predicts a negative price adjustment upon announcement of n company's monthly short interest, if the short interest displays an unusual increase and is correlated with negative information that is not yet public. Empirical studies of the short-run, negative price effect predicted by Diamond and Verrecchia find mixed results. One explanation is that the time period studied is too short for the market to absorb the informational content of these announcements. One reason is that these announcements are an ambiguous signal that requires more individuals and time to collect and act on the same information before full revelation occurs or before the implicit information becomes publicly known. This 'long delayed reaction' also serves as a motivation for related research on the wealth effect of mergers, share repurchases, and initial equity offerings in which long-run performance differs from the initial, short-run reaction to such announcements or offerings.

• SUVANNABHUMI
• /
• v.8 no.1
• /
• pp.17-53
• /
• 2016

Debates continue to multiply on the definition and rationale of Southeast Asia as a region and on the utility of the multidisciplinary field of area studies. However, we have now entered a post-colonialist, post-Orientalist, post-structuralist stage of reflection and re-orientation in the era of globalization, and a strong tendency on the part of insiders to pose these issues in terms of an insider-outsider dichotomy. On the one hand, the study of Southeast Asia for researchers from outside the region has become fragmented. This is for very obvious reasons: the strengthening and re-energizing of academic disciplines, the increasing popularity of other non-regional multidisciplinary studies, and the entry of globalization studies into our field of vision. On the other hand, how has the local Southeast Asian academy addressed these major issues of change in conceptualizing the region from an insider perspective? In filling in and giving substance to an outsider, primarily Euro-American-Australian-centric definition and vision of Southeast Asia, some local academics have recently been inclined to construct Southeast Asia in terms of the Association of Southeast Asian Nations (ASEAN): a nation-state-based, institutional definition of what a region comprises. Others continue to operate at a localized level exploring small-scale communities and territories, while a modest number focus on sub-regional issues (the Malay-Indonesian world or the Mekong sub-region are examples). However, further reflections suggest that the Euro-American-Australian hegemony is a thing of the past and the ground has shifted to a much greater emphasis on academic activity within the region. Southeast Asia-based academics are also finding it much more important to network within the region and to capture, understand, and analyze what Chinese, Japanese, and Korean scholars are saying about Southeast Asia, its present circumstances and trajectories, and their increasingly close involvement with the region within a greater Asia-Pacific rim. The paper argues that the insider-outsider dichotomy requires considerable qualification. It is a neat way of dramatizing the aftermath of colonialism and Orientalism and of reasserting local priorities, agendas, and interests. But there might be a way forward in resolving at least some of these apparently opposed positions with recourse to the concepts of culture and identity in order to address Southeast Asian diversities, movements, encounters, hybridization, and hierarchies.

• The Korean Journal of Financial Studies
• /
• v.3 no.1
• /
• pp.233-265
• /
• 1996

We examine the impact of public and private information on price movements using the thirty DJIA stocks and twenty-one NASDAQ stocks. We find that the standard deviation of daily returns on information days (dividend announcement, earnings announcement, insider purchase, or insider sale) is much higher than on no-information days. Both public information matters at the NYSE, probably due to masked identification of insiders. Earnings announcement has the greatest impact for both DJIA and NASDAQ stocks, and there is some evidence of positive impact of insider asle on return volatility of NASDAQ stocks. There has been considerable debate, e.g., French and Roll (1986), over whether market volatility is due to public information or private information-the latter gathered through costly search and only revealed through trading. Public information is composed of (1) marketwide public information such as regularly scheduled federal economic announcements (e.g., employment, GNP, leading indicators) and (2) company-specific public information such as dividend and earnings announcements. Policy makers and corporate insiders have a better access to marketwide private information (e.g., a new monetary policy decision made in the Federal Reserve Board meeting) and company-specific private information, respectively, compated to the general public. Ederington and Lee (1993) show that marketwide public information accounts for most of the observed volatility patterns in interest rate and foreign exchange futures markets. Company-specific public information is explored by Patell and Wolfson (1984) and Jennings and Starks (1985). They show that dividend and earnings announcements induce higher than normal volatility in equity prices. Kyle (1985), Admati and Pfleiderer (1988), Barclay, Litzenberger and Warner (1990), Foster and Viswanathan (1990), Back (1992), and Barclay and Warner (1993) show that the private information help by informed traders and revealed through trading influences market volatility. Cornell and Sirri (1992)' and Meulbroek (1992) investigate the actual insider trading activities in a tender offer case and the prosecuted illegal trading cased, respectively. This paper examines the aggregate and individual impact of marketwide information, company-specific public information, and company-specific private information on equity prices. Specifically, we use the thirty common stocks in the Dow Jones Industrial Average (DJIA) and twenty one National Association of Securities Dealers Automated Quotations (NASDAQ) common stocks to examine how their prices react to information. Marketwide information (public and private) is estimated by the movement in the Standard and Poors (S & P) 500 Index price for the DJIA stocks and the movement in the NASDAQ Composite Index price for the NASDAQ stocks. Divedend and earnings announcements are used as a subset of company-specific public information. The trading activity of corporate insiders (major corporate officers, members of the board of directors, and owners of at least 10 percent of any equity class) with an access to private information can be cannot legally trade on private information. Therefore, most insider transactions are not necessarily based on private information. Nevertheless, we hypothesize that market participants observe how insiders trade in order to infer any information that they cannot possess because insiders tend to buy (sell) when they have good (bad) information about their company. For example, Damodaran and Liu (1993) show that insiders of real estate investment trusts buy (sell) after they receive favorable (unfavorable) appraisal news before the information in these appraisals is released to the public. Price discovery in a competitive multiple-dealership market (NASDAQ) would be different from that in a monopolistic specialist system (NYSE). Consequently, we hypothesize that NASDAQ stocks are affected more by private information (or more precisely, insider trading) than the DJIA stocks. In the next section, we describe our choices of the fifty-one stocks and the public and private information set. We also discuss institutional differences between the NYSE and the NASDAQ market. In Section II, we examine the implications of public and private information for the volatility of daily returns of each stock. In Section III, we turn to the question of the relative importance of individual elements of our information set. Further analysis of the five DJIA stocks and the four NASDAQ stocks that are most sensitive to earnings announcements is given in Section IV, and our results are summarized in Section V.

• Journal of architectural history
• /
• v.11 no.1 s.29
• /
• pp.65-84
• /
• 2002

This study has main purpose to understand and interpret the house Nok-U-dang, an upper class built in Chosun dynasty, not by outsider researcher's view but insider dweller's view. To interpret correctly, dweller's everyday life in the space and form is examined on a microscale beyond the physical space and form of the house, main object of architectural history To understand the present form exactly, the study restore traditional life in past era, 1940s. Main method of restoration is the ethnographic interview, based on cultural anthropology. Like any other upper-class house, the house has been influenced under ruling Confucian ideology in Chosun dynasty: separation of man's and woman's quarters and hierachical arrangement by generation, and worshipping ceremony for ancestor. However, it is by practical management for agricultural production that every court and building of the Noku-Dang can be explained correctly; preparing seed for sowing, tool storing, preparing and serving meal for laborers, making manure, harvesting, threshing grain, storing grain and so on. Precedent studies interpreted the house by the Confucian principle too much and made conclusion of dignity and austerity of ritual: woman's quarter, is closed and serene space. However this study shows that the space is semi-opened and composite space by agricultural works. And the Sarangchae, master's quarter, is located properly at visual center to control every agricultural activity.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.893-906
• /
• 2023

Awareness that smartphones can be used as tools for criminal activity is prevalent in many organizations, but the functionally smartphone-like smartwatch's potential as a criminal tool is being overlooked. Considering this situation, this research verifies the possibility of information leakage through an insider's smartwatch in a situation where smartphones are controlled by security regulations and technologies, but smart watch are not. By analyzing information related application usage and Wi-Fi connection generated in the smartwatch during the verification process, forensic information and limitations are identified. Finally, this research proposes preventive methods to prepare for potential smartwatch-related crimes, and reconsiders awareness of the possibility of using smartwatches as criminal tools.

• Journal of architectural history
• /
• v.12 no.3
• /
• pp.131-148
• /
• 2003

This study has main purpose to understand the traditional house, not by outside researcher's but by inside dweller's view. The house in Geochang, is descendent house of Jeong-On who was faithful scholar at Chosen Dynasty. In order to understand, I restore firstly the house form and space at traditional era, 60 years ago, and every dwellers not only family members but also servants and guests, by interviewing old matriarch. One of the main rules of the house disposition is Ancester worshipping life. Worshipping floor of Anchae, main building, is located unusually in front of Shrine for Jeong-On, in order to connect all activities directly. Sarangchae, men's building, opened to the funeral mourners, is separated by a wall because women have to serve foods and wail at the backside. Space for everyday life is separated by man/woman, insider/outsider, master/subordinate. Agricultural production is also key factor of the space allocation: big storage buildings for rice crop needed to tenant farming. Both activities of ancestor worship ceremony and guest greeting need large kitchen annex area for food preparation and serving space of rear veranda floor. A number of guests visit the house: guest-greeting activity is taken place from the family pavilion, Neungheo-Jeong and Saranchae by the social position. This study show that architectural space and form of the house reflects exactly dwellers life.

• Convergence Security Journal
• /
• v.19 no.2
• /
• pp.3-9
• /
• 2019

Most of security countermeasures have been implemented to cope with continuous increase leakage of technology, but almost security countermeasures are focused on securing the boundary between inside and outside. This is effective for detecting and responding to attacks from the outside, but it is vulnerable to internal security incidents. In order to prevent internal leakage effectively, this study identifies activities corresponding to technology leakage activities and designes technology leakage activity detection items. As a design method, we analyzed the existing technology leakage detection methods based on the previous research and analyzed the technology leakage cases from the viewpoint of technology leakage activities. Through the statistical analysis, the items of detection of the technology leakage outcomes were verified to be appropriate, valid and reliable. Based on the results of this study, it is expected that it will be a basis for designing the technology leaking scenarios based on future research and leaking experiences.