• Korean Security Journal
• /
• no.2
• /
• pp.99-123
• /
• 1999

Internet related crimes are a crime which is inter-related with high specialization ${\cdot}$ technicality ${\cdot}$ leakage of information ${\cdot}$ intellectual-offence and deviant behavior. Without the accurate countermeasure, we can't achieve the desired end. So we should find out multilateral and general measure. Always crimes go in advance of the measure, so the counter measures against, computer crime can not be final. Nevertheless, we can't be careless in making the measure, but we should always consider a counter measure. 1995. 12. 29. our country revised criminal law and consolidated direct provisions, especially on the computer-hacking. But, inspite of the revision, especially on the computer-hacking. But, inspite of the revision, we have many problems'. So, first of all, through the positive and empirical study, we should revise criminal law and computer crime related provisions systematically. As the aspects and techniques of internet related crimes are always changing with the development of computer technology, there will be many problems with principle of legality, when we apply the existing abstract provisions to the new crime. We can not be lazy in studying the emerging internet related crimes and taking concrete shape of the provision. And it will be a big help to that desirable to import the foreign provision without consideration of our reality. Without the positive and empirical study on internet related crimes, sometimes important crime will be out of reach of the punishment. Due to these day's development of computer and technology of communication, the personal computers are widely supplied and especially PC communication and exchange of the informations became the most important function. With the advent of internet, new aspects of crimes are appearing. Up to now, the fraud by using the computer or the interference in the execution of duty by the illegal operation of computer was the leading aspects of computer crime, but nowadays with the advent of internet, database crime or network crime like the computer hacking became the important aspects of internet related crimes. These new aspects of internet related crimes are defusing into domains of traditional crimes. Nevertheless to follow and punish the acts on the internet is not technically easy, and as it is emerging international shape, to settle it by international law is not that easy. Harmful acts in the information-oriented society are very diverse in kinds and aspects, and it is difficult to enumerate. The point is that among the new acts in the information-oriented society we should decide which acts are to be punished and which acts are not to be punished. It is needless to say that the criminal law should be the last resort. But owing to the characters of the characteristics of the information-oriented society, when the traditional standards can be applied, the question of what is the basis and how it can be applied in a concrete way is not settled. And if it cannot be applied, how can we make new standard is also an unsettled question.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.5
• /
• pp.25-32
• /
• 2019

The purpose of this study is to investigate how to make a proper investment in ICO in the market. Previously, companies used to borrow money from banks or to obtain investments from venture capital (VC) and angel investors, but now ICOs are used as a new type of funding and financing model. The ICO sells the tokens or coins created on the blockchain openly online to raise the necessary funds, and provides the market value by paying the tokens or coins as much as the investment amount. According to this study, the limitations of the ICO market are (1) difficulties in evaluating the company, (2) uncertainties in investments, (3) lack of legal safeguards, and (4) measures to secure corporate stability after recruitment. At present, there is no way to cope with this systematically since the ICO is not protected in the legal framework. Nevertheless, we investigated the ways to make proper investment in the existing ICO market. In investing in ICO, investors should (1) consider investment methods and profitability, and (2) verify and judge investment fraud through various channels (ex. Homepage, composition team profile, etc.) and make investments based on this. This study will contribute to the formation of a healthy ICO market by understanding the newly emerged ICO market and studying the considerations when investing in it, thereby contributing to the right investor training and reducing the mass production of consumer damages caused by fraud. The limitation of this study is that the domestic ICO has not yet been examined in the legal framework, so further research is needed when policy changes occur in the future.

• Journal of Digital Convergence
• /
• v.19 no.10
• /
• pp.287-293
• /
• 2021

Recently, public certificates issued by nationally-recognized certification bodies have been abolished, and internet companies have issued their own common certificates as certification authority. The Electronic Signature Act was amended in a way to assign responsibility to Internet companies. As the use of a joint certificate issued by Internet companies as a certification authority is allowed, it is expected that the fraud damage caused by the theft of public key certificates will increase. We propose an authentication model that can be used in a security gateway that combines PKI with a blockchain with integrity and security. and to evaluate its practicality, we evaluated the security of the authentication model using Sugeno's hierarchical fuzzy integral, an evaluation method that excludes human subjectivity and importance degree using Delphi method by expert group. The blockchain-based joint certificate is expected to be used as a base technology for services that prevent reckless issuance and misuse of public certificates, and secure security and convenience.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.312-318
• /
• 2021

Lack of knowledge and digital skills is a threat to the information security of the state and society, so the formation and development of organizational culture of information security is extremely important to manage this threat. The purpose of the article is to assess the state of information security of the state and society. The research methodology is based on a quantitative statistical analysis of the information security culture according to the EU-27 2019. The theoretical basis of the study is the theory of defense motivation (PMT), which involves predicting the individual negative consequences of certain events and the desire to minimize them, which determines the motive for protection. The results show the passive behavior of EU citizens in ensuring information security, which is confirmed by the low level of participation in trainings for the development of digital skills and mastery of basic or above basic overall digital skills 56% of the EU population with a deviation of 16%. High risks to information security in the context of damage to information assets, including software and databases, have been identified. Passive behavior of the population also involves the use of standard identification procedures when using the Internet (login, password, SMS). At the same time, 69% of EU citizens are aware of methods of tracking Internet activity and access control capabilities (denial of permission to use personal data, access to geographical location, profile or content on social networking sites or shared online storage, site security checks). Phishing and illegal acquisition of personal data are the biggest threats to EU citizens. It have been identified problems related to information security: restrictions on the purchase of products, Internet banking, provision of personal information, communication, etc. The practical value of this research is the possibility of applying the results in the development of programs of education, training and public awareness of security issues.

• Journal of Information Technology Services
• /
• v.16 no.2
• /
• pp.97-110
• /
• 2017

Due to development of IT, various Internet services via the non-face-to-face are increasing rapidly. In the past, the resident registration numbers (RRN) was used a mean of personal identification, but the use of RRN is prohibited by the relevant laws, and the personal identification services using alternative means are activated. According to the prohibition policy of RRN, i-PIN service appeared as an alternative means to identify a person. However, the user's knowledge-based i-PIN service continues to cause fraudulent issuance, account hijacking, and fraud attempts due to hacking accidents. Due to these problems, the usage rate of i-PIN service which performs a nationwide free personal identification service, is rapidly decreasing. Therefore, this paper proposes a technical safety enhancement method for security enhancement in the i-PIN-based personal identification service. In order to strengthen the security of i-PIN, this paper analyzes the encryption key exposure, key exchange and i-PIN authentication model problems of i-PIN and suggests countermeasures. Through the proposed paper, the i-PIN can be expected to be used more effectively as a substitution of RRN by suggesting measures to enhance the safety of personal identification information. Secured personal identification services will enable safer online non-face-to-face transactions. By securing the technical, institutional, and administrative safety of the i-PIN service, the usage rate will gradually increase.

• Food Science of Animal Resources
• /
• v.37 no.4
• /
• pp.599-605
• /
• 2017

Korean native honey (KNH) is much more expensive than European honey (EH) in Korea, because KNH is a favored honey which is produced less than EH. Food fraud of KNH has drawn attention of the government office concerned, which is in need of a method to differentiate between KNH and EH which are produced by the Asiatic honeybee, Apis cerana and the European honeybee, Apis mellifera, respectively. A method to discriminate KNH and EH was established by using duplex polymerase chain reaction (PCR) in this study. Immunochromatographic assay (IC) was examined to analyze the duplex PCR product. The DNA sequences of primers for the duplex PCR were determined by comparing cytochrome C oxidase genes of the two honey bee species. Chelex resin method was more efficient in extracting genomic DNA from honey than the other two procedures of commercial kits. The duplex PCR amplifying DNA of 133 bp were more sensitive than that amplifying DNA of 206 bp in detecting EH in the honey mixture of KNH and EH. Agarose gel electrophoresis and IC detected the DNA of 133 bp at the ratios of down to 1% and 5% EH in the honey mixture, respectively and also revealed that several KNH products distributed by internet shopping sites were actually EH. In conclusion, the duplex PCR with subsequent IC could also discriminate between KNH and EH and save time and labor.

• Journal of Distribution Science
• /
• v.18 no.8
• /
• pp.75-87
• /
• 2020

Purpose: This study uses the protection motivation theory and information processing theory to discuss the high number of fraud phenomenon in Indonesia which causes worries to the internet users. The second problem is the large amount of information transparency in e-commerce which actually hinders the users in making decisions so it causes a negative behavior pattern, namely discontinue usage intention. Design/methodology: Therefore, this research hopes to provide insight to the online or e-commerce business community, especially for Tokopedia, to develop its business from understanding the factors influencing consumer attitude when shopping online. The sample are students from Universitas Indonesia, Institut Teknologi Bandung, Institut Pertanian Bogor, Universitas Gadjah Mada and Institut Teknologi Surabaya, with total 900 respondents. Result: The results of this research indicate that ubiquitous connectivity (UC) variable significantly affects variables such as the privacy concern (PC), information transparency (IT) and information overload (IO). PC and IO variables also significantly affect Discontinue Usage Intention (DUI). Conclusion: This study gives a new perspective that despite the phenomenon, the millennial generation especially are not entirely concerned about the privacy concern, however, this study clearly shows that the privacy issue in the digital word continues to be something that needs to be cared for.

• Journal of information and communication convergence engineering
• /
• v.8 no.4
• /
• pp.427-432
• /
• 2010

The fast-emerging of cloud computing technology today has sufficiently benefited its wide range of users from individuals to large organizations. It carries an attractive characteristic by renting myriad virtual storages, computing resources and platform for users to manipulate their data or utilize the processing resources conveniently over Internet without the need to know the exact underlying infrastructure which is resided remotely at cloud servers. However due to the loss of direct control over the systems/applications, users are concerned about the risks of cloud services if it is truly secured. In the literature, there are cases where attackers masquerade as cloud users, illegally access to their accounts, by stealing the static login password or breaking the poor authentication gate. In this paper, we propose a two-factor authentication framework to enforce cloud services' authentication process, which are Public Key Infrastructure (PKI) authentication and mobile out-of-band (OOB) authentication. We discuss the framework's security analysis in later session and conclude that it is robust to phishing and replay attacks, prohibiting fraud users from accessing to the cloud services.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.12
• /
• pp.2171-2178
• /
• 2008

Recently, Network companies have introduced security solutions to protect the network from intrusions, attacks and viruses but the network has still weakness and vulnerability. It is time to bring more stable and reliable authentication system that would meet the Internet user's need. In this study, Current broadband networks don't have hierarchic and stable authentication solutions. And so, an integrated and hierarchic system is needed to provide a various kinds of application services. I'd like to present a new authentication system which is based on unified web authentication design. It will unit various authentication systems that have been deployed in various network environment and reinforce network security to provice a various kinds of application services in a stable and safe environment. that is a simple and more secure method for fighting a rise in card-not-present fraud.

• International Journal of Computer Science & Network Security
• /
• v.21 no.3
• /
• pp.127-133
• /
• 2021

Today, phishing attacks represent one of the biggest security threats targeting users of the digital world. They consist of an attempt to steal sensitive information, such as a user's identity or credit and debit card details, using various methods that include fake emails, fake websites, and fake social media messages. Protecting the user's security and privacy therefore becomes complex, especially when those users are children. Currently, children are participating in Internet activity more frequently than ever before. This activity includes, for example, online gaming, communication, and schoolwork. However, children tend to have a less well-developed knowledge of privacy and security concepts, compared to adults. Consequently, they often become victims of cybercrime. In this paper, the effects of security awareness on users who are children are investigated, looking at their ability to detect phishing attacks in social media. In this approach, two Experiments were conducted to evaluate the effects of security awareness on WhatsApp application users in their daily communication. The results of the Experiments revealed that phishing awareness training has a significant positive effect on the ability of children using WhatsApp to identify phishing messages and thereby avoid attacks.