• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.537-547
• /
• 2023

As Internet of Things (IoT) technology evolves, IoT devices are being utilized in a variety of fields. However, it has become a new surface of cyber attacks and is affecting industries that did not previously consider cyber breaches. After a intrusion occurs, post-processing and damage spread prevention are important, but it is difficult to respond due to the lackof standards and guidelines. Therefore, in order to respond to such incidents, this paper establishes an incident data collection procedure and presents the data that can be collected to improve the intrusion data acquisition method for general IoT devices. In addition, we proved the efficiency and feasibility of the data collection procedure through experiments.

• Convergence Security Journal
• /
• v.4 no.2
• /
• pp.1-7
• /
• 2004

The growth of incidents on the Internet has reflected growth of the internet itself and growth of the computing Power. while in Previous years, external attacks tended to originate from those interested trend in exploring the Internet for its own sake and testing their skills, there is an increasing trend towards intrusions motivated by financial, Political, and military objectives. so, attacks on the nation's computer infrastructures are becoming an increasingly serious problem. Even though the problem is ubiquitious, government agencies are particularly appealing targets and they tend to be more willing to reveal such events than commercial organizations. The threat of damage made necessity of security's recognition, as a result, many researches have been carried out into security of system actively. Intrusion Detection technology is detection of intrusion using audit data differently from using traditional simple filtering and informs manager of it. It has security manager of system deal with the intrusion more quickly. but, cause current environment of Internet manager can't doing response Intrusion alert immediately That's why IPS needed. IPS can response automatically the intrusion alert. so, manager is more comfortable and can response quickly.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.21-26
• /
• 2004

The growth of incidents on the Internet has reflected growth of the internet itself and growth of the computing power. while in previous years, external attacks tended to originate from those interested trend in exploring the Internet for its own sake and testing their skills, there is an increasing trend towards intrusions motivated by financial, political, and military objectives. so, attacks on the nation's computer infrastructures are becoming an increasingly serious problem. Even though the problem is ubiquitious, government agencies are particularly appealing targets and they tend to be more willing to reveal such events than commercial organizations. The threat of damage made necessity of security's recognition, as a result, many researches have been carried out into security of system actively. Intrusion Detection technology is detection of intrusion using audit data differently from using traditional simple filtering and informs manager of it. It has security manager of system deal with the intrusion more quickly. but, cause current environment of Internet manager can't doing response Intrusion alert immediately. That's why IPS needed. IPS can response automatically the intrusion alert. so, manager is more comfortable and can response quickly.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.8B
• /
• pp.939-946
• /
• 2011

The Internet banking service provides convenience than the traditional offline services. However, it still causes a number of security problems including hacking. In order to strengthen security, the financial institutions have provided such authentication methods as the official authentication certificate, the security token, the security card and OTP. However, the incidents related to hacking have continuously occurred. Especially, various weak points have been suggested for the authentication methods in regard to such types of hacking as the memory hacking or the MITM attack. So I needed was a new authentication method. In this study, the two-channel authentication method which provide two-way authentication on the user's PC and mobile device when executing the electronic financial transactions in the Internet banking environment is suggested. Also, by analyzing it in comparison with other existing methods, it is possible to check that the prospects of safety and credibility are strengthened.

• The Journal of the Korea Contents Association
• /
• v.19 no.7
• /
• pp.13-21
• /
• 2019

Because security of Internet of Things(IoT) products and others is poor, there are many hacking incidents To prevent security threats, it is important for companies to first make products with high security levels and choose products that are safe for users. In response, the Korea Internet & Security Agency is testing the security of IoT products and linked mobile apps to impose ratings. Security certification service is a service that tests IoT products and linked mobile apps to ensure certain levels of security and issues certificates when they meet the criteria. It can induce autonomous security enhancement of IoT products, contribute to strengthening security capabilities of IoT companies in Korea and vitalizing their overseas advancement, and have the expected effect of resolving public anxiety over IoT products. In this study, the criteria for IoT security certification are presented, but the importance priority is sought to be derived for assessment items that need to be strengthened. This will help to provide guidelines that can contribute to strengthening the security capabilities of domestic Internet companies and boosting their overseas advancement.

• Journal of Internet of Things and Convergence
• /
• v.7 no.1
• /
• pp.9-19
• /
• 2021

The data mining design incorporated with big data based cloud computing system is investigated for the nuclear terrorism prevention where the conventional physical protection system (PPS) is modified. The networking of terror related bodies is modeled by simulation study for nuclear forensic incidents. It is needed for the government to detect the terrorism and any attempts to attack to innocent people without illegal tapping. Although the mathematical algorithm of the study can't give the exact result of the terror incident, the potential possibility could be obtained by the simulations. The result shows the shape oscillation by time. In addition, the integration of the frequency of each value can show the degree of the transitions of the results. The value increases to -2.61741 in 63.125th hour. So, the terror possibility is highest in later time.

• Journal of Internet of Things and Convergence
• /
• v.8 no.5
• /
• pp.1-9
• /
• 2022

As various services are linked to IoT(Internet of Things) and portable communication terminals, cyber attacks that exploit security vulnerabilities of the devices are rapidly increasing. In particular, cyber attacks targeting heterogeneous devices in large-scale network environments through advanced persistent threat (APT) attacks are on the rise. Therefore, in order to improve the effectiveness of the response system in the event of a breach, it is necessary to apply a data enrichment mechanism for the collected artifact data to improve threat analysis and detection performance. Therefore, in this study, by analyzing the data supplementation common elements performed in the existing incident management framework for the artifacts collected for the analysis of intrusion accidents, characteristic elements applicable to the actual system were derived, and based on this, an improved accident analysis framework The prototype structure was presented and the suitability of the derived data supplementary extension elements was verified. Through this, it is expected to improve the detection performance when analyzing cyber incidents targeting artifacts collected from heterogeneous devices.

• International Journal of Contents
• /
• v.8 no.3
• /
• pp.71-78
• /
• 2012

The emergence of the Internet has provided a new outlet for consumers who experience service failure from products and services, augmenting the traditional options of entry, voice and action. Consumers' negative word of mouth through online (word-of-mouse or eWOM) far exceeds traditional word of mouth (WOM) in respect of its potential effectiveness, speed and spread. This paper tries to figure out the service failure themes in the health care industry by analyzing online word-of-mouse using the critical incidents technique (CIT). Complaint themes in the area of healthcare are identified and analyzed. The results identify that major complaint theme differed according to the site type. Also, the findings indicate that delivery and customer services are critical issues when consumer makes negative WOM.

• Journal of Digital Convergence
• /
• v.11 no.1
• /
• pp.107-119
• /
• 2013

The purpose of this study is to find an answer why internet users are unconcern about their privacy information. We found that perceived privacy risk and website usability have a significant effect on privacy unconcern. That is, individuals who have experiences privacy incidents are more likely to be unconcern about their privacy information. Accordingly, organizations who supply services on the web have to pay more attention to these individuals to increase a privacy concern. Implications and Conclusions are discussed.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.865-868
• /
• 2012

스마트폰의 대중화와 보편화가 이루어지면서 스마트폰 개발 환경도 많은 발전을 이루었다. 스마트폰 운영체제들은 각각 고유의 특성을 가지고 다양한 기능들을 제공한다. 안드로이드에서는 서로 다른 어플리케이션끼리 데이터를 공유하기 위해 ContentProvider를 사용한다. 그러나 공격자가 역공학 기술을 이용할 경우 다른 어플리케이션이 데이터베이스에 접근하여 불법적 정보유출을 할 수 있다는 취약점을 가지고 있다. 본 논문에서는 ContentProvider를 통한 정보유출의 취약점을 분석하였다.