• Information Systems Review
• /
• v.20 no.1
• /
• pp.17-39
• /
• 2018

SNS enables people to easily connect and communicate with each other. People share information, including personal information, through SNS. Users are concerned about their privacies, but they unconsciously or consciously disclose their personal information on SNS to interact with others. The privacy of a self-disclosed person can be intruded by others. A person can write, fabricate, or distribute a story using the disclosed information of another even without obtaining consent from the information owner. Many studies focused on privacy intrusion, especially from the perspective of a victim. However, only a few studies examined privacy intrusion from the perspective of an intruder on SNS. This study focuses on the intention of privacy intrusion from the perspective of an intruder on SNS and the factors that affect intention. Privacy intrusion intentions are categorized into two types. The first type is intrusion of privacy by writing one's personal information without obtaining consent from the information owner;, whereas the other type pertains to intrusion of privacy by distributing one's personal information without obtaining consent from the information owner. A research model is developed based on motivation theory to identify how these factors affect these two types of privacy intrusion intentions on SNS. From the perspective of motivation theory, we draw one extrinsic motivational factor (response cost) and four intrinsic motivational factors, namely, perceived enjoyment, experience of being intruded on privacy, experience of invading someone's privacy, and punishment behavior. After analyzing 202survey data, we conclude that different factors affect these two types of privacy intrusion intention. However, no relationship was found between the two types of privacy intrusion intentions. One of the most interesting findings is that the experience of privacy intrusion is the most significant factor related to the two types of privacy intrusion intentions. The findings contribute to the literature on privacy by suggesting two types of privacy intrusion intentions on SNS and identifying their antecedents from the perspective of an intruder. Practitioners can also use the findings to develop SNS applications that can improve protection of user privacies and legitimize proper regulations relevant to online privacy.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.1
• /
• pp.67-78
• /
• 2020

Typical security solutions such as intrusion detection system are not suitable for detecting advanced persistent attack(APT), because they cannot draw the big picture from trivial events of security solutions. Researches on techniques for detecting multiple stage attacks by analyzing the correlations between security events or alerts are being actively conducted in academic field. However, these studies still use events from existing security system, and there is insufficient research on the structure of the entire security system suitable for advanced persistent attacks. In this paper, we propose an attack path and intention recognition system suitable for multiple stage attacks like advanced persistent attack detection. The proposed system defines the trace format and overall structure of the system that detects APT attacks based on the correlation and behavior analysis, and is designed with a structure of detection system using deep learning and big data technology, etc.

• Information Systems Review
• /
• v.24 no.4
• /
• pp.55-76
• /
• 2022

People have adopted Social Networking Sites (SNSs) as a part of their daily lives. When a person uses SNSs, (s)he intentionally or unintentionally discloses her/his personal information. Although using SNSs can provide benefits to a person such as maintaining relationships with people who does not see often, it also opens a dark side. Someone can use one's disclosed information without the acknowledgement of the information owner. It is called a privacy intrusion on SNSs, which has become a social problem and needs attention. This study examined factors affecting privacy intrusion intention on SNSs. This study classifies privacy intrusions into passive intrusion (collector) and active intrusion (distributor). The results reveal that low ethical consciousness positively affects enjoyment in both of collecting and distributing someone's personal information on SNSs. A person who has the low ethical consciousness also tends to raise her/his curiosity of collecting someone's private information on SNSs. Apart from low ethical consciousness, this study discloses how enjoyment, curiosity, experience of being a victim of privacy intrusion, experience of intruding others' privacies, and self-efficacy of collecting or distributing others' private information are related to passive or/and active privacy intrusion on SNSs with survey data.

• The Journal of Information Systems
• /
• v.26 no.1
• /
• pp.53-73
• /
• 2017

Frequent outbreak of intrusion of private information is occurring recently not only at portal sites but also in electronic information service of public agencies. Due to these intrusions, it is observed that the citizens tend to avoid providing their private information even to the service for public agencies. Therefore, the object of this research can be explained as demonstrating the influence of the intention of provision for private information to foster the selectronic information ervice of the public agencies. In order to achieve this, this research intends to demonstrate how the experience of the intrusion of the private information affects the concern about the privacy and how the information factor from the public electronic information service has influence on the reliability toward the public. The results showed that the experience of intrusion of privacy, awareness of the danger of privacy, and the sense protection of the information from the manager at public agencies have direct influence on the concern of privacy. Meanwhile, it has been verified that the awareness of information protection of a manager, the systemicity of information protection, and the surveillance and punishment of information protection have influence on the reliability of public agencies.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.16 no.6
• /
• pp.1101-1112
• /
• 2021

Organizations continue to increase investment in information security(IS) policies and technologies to prevent external intrusion and internal exposure to information assets. However, as the organization's regulations and behavioral requirements for strict IS policy increase, employees may induce negative behaviors through IS-related stress. The purpose of this study is to suggest the effects of challenge and hindrance stressors on IS compliance intentions and to confirm how authentic leadership moderates the positive and negative effects of stressors. We reflected employees of the organization who are applying IS policy to their work as a study target and applied a survey to obtain a sample for research hypothesis verification. As a result of analysis through structural equation modeling, challenge and hindrance stressors affected IS compliance intentions, and authentic leadership moderated the effects of stressors on compliance intention. Our research helps to establish insiders support strategies to achieve internal IS goals, because the results suggested stressor conditions and leaders' behavioral directions that influence employees IS compliance behavior.

• The Journal of Industrial Distribution & Business
• /
• v.9 no.7
• /
• pp.61-70
• /
• 2018

Purpose - The purpose of this research is reflected on the rapid development of online tourism industries. The study was to establish the strategy for Korean tourism enterprises to develop tourist commodities suitable for Chinese tourists and attract them to visit Korea by the empirical analysis of the relation between repurchase intention of tourists and its premise variables (e-service quality, perceived value and satisfaction). Research design, data, and methodology - This research carried out a questionnaire survey on Chinese tourists who visited Korea with experience of using the online travel agency web sites. A total 398 answers were recovered, 41 of them were excluded due to the dishonest answers and 357 of them were finally analyzed. The data was analyzed with IBM SPSS AMOS 22.0. Results - The research results show that in the online travel agency web site e-service quality, convenience, interactivity, information validity, credibility had a positive impacts on perceived value and satisfaction. The perceived value of online travel agency website users has positive impart on satisfaction and repurchase intention. Satisfaction of online travel agency web site users have positive impacts on repurchase intention. But safety has no impact on perceived value while positive impacts on satisfaction was affected. Conclusions - First, in the online travel agency web site e-service quality, safety has no impact on perceived value while it was shown to have positive impacts on satisfaction because the users of online travel agency web sites believe that the protection of personal information, the defense of cracker and the safeguard of payment security are the basic premises of website operation. Although safety does not have impacts on perceived value, users benefits will suffer damage when hacker intrusion and other accidents occur so that online travel agency web sites should not ignore the security concerns. Second, credibility is a major concern for online travel agency web site users. At this time, it is necessary for the web site to establish a system to display both the commodity information and the using experience published on the user's SNS, thus improving the credibility of the website information.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.6 s.44
• /
• pp.185-192
• /
• 2006

By mistaking normal packets for harmful traffic, it may not offer service according to the intention of attacker with harmful traffic, because it is not easy to classify network traffic for normal service and it for DUoS(Distributed DoS) attack like the Internet worm. And in the IPv6 environment these researches on harmful traffic are weak. In this dissertation, hosts in the IPv6 environment are attacked by NETWIB and their attack traffic is monitored, then the statistical information of the traffic is obtained from MIB(Management Information Base) objects used in the IPv6. By adapting the ESM(Exponential Smoothing Method) to this information, a normal traffic boundary, i.e., a threshold is determined. Input traffic over the threshold is thought of as attack traffic.

• Asia pacific journal of information systems
• /
• v.18 no.4
• /
• pp.1-26
• /
• 2008

Rapid progress of information technology and widespread use of the personal computers have brought various conveniences in our life. But this also provoked a series of problems such as hacking, malicious programs, illegal exposure of personal information etc. Information security threats are becoming more and more serious due to enhanced connectivity of information systems. Nevertheless, users are not much aware of the severity of the problems. Using appropriate password is supposed to bring out security effects such as preventing misuses and banning illegal users. The purpose of this research is to empirically analyze a research model which includes a series of factors influencing the effectiveness of passwords. The research model incorporates the concept of risk based on information systems risk analysis framework as the core element affecting the selection of passwords by users. The perceived risk is a main factor that influences user's attitude on password security, security awareness, and intention of security behavior. To validate the research model this study relied on questionnaire survey targeted on evening class MBA students. The data was analyzed by AMOS 7.0 which is one of popular tools based on covariance-based structural equation modeling. According to the results of this study, while threat is not related to the risk, information assets and vulnerability are related to the user's awareness of risk. The relationships between the risk, users security awareness, password selection and security effectiveness are all significant. Password exposure may lead to intrusion by hackers, data exposure and destruction. The insignificant relationship between security threat and perceived risk can be explained by user's indetermination of risk exposed due to weak passwords. In other words, information systems users do not consider password exposure as a severe security threat as well as indirect loss caused by inappropriate password. Another plausible explanation is that severity of threat perceived by users may be influenced by individual difference of risk propensity. This study confirms that security vulnerability is positively related to security risk which in turn increases risk of information loss. As the security risk increases so does user's security awareness. Security policies also have positive impact on security awareness. Higher security awareness leads to selection of safer passwords. If users are aware of responsibility of security problems and how to respond to password exposure and to solve security problems of computers, users choose better passwords. All these antecedents influence the effectiveness of passwords. Several implications can be derived from this study. First, this study empirically investigated the effect of user's security awareness on security effectiveness from a point of view based on good password selection practice. Second, information security risk analysis framework is used as a core element of the research model in this study. Risk analysis framework has been used very widely in practice, but very few studies incorporated the framework in the research model and empirically investigated. Third, the research model proposed in this study also focuses on impact of security awareness of information systems users on effectiveness of password from cognitive aspect of information systems users.

• Journal of Intelligence and Information Systems
• /
• v.21 no.1
• /
• pp.29-45
• /
• 2015

Response modeling is a well-known research issue for those who have tried to get more superior performance in the capability of predicting the customers' response for the marketing promotion. The response model for customers would reduce the marketing cost by identifying prospective customers from very large customer database and predicting the purchasing intention of the selected customers while the promotion which is derived from an undifferentiated marketing strategy results in unnecessary cost. In addition, the big data environment has accelerated developing the response model with data mining techniques such as CBR, neural networks and support vector machines. And CBR is one of the most major tools in business because it is known as simple and robust to apply to the response model. However, CBR is an attractive data mining technique for data mining applications in business even though it hasn't shown high performance compared to other machine learning techniques. Thus many studies have tried to improve CBR and utilized in business data mining with the enhanced algorithms or the support of other techniques such as genetic algorithm, decision tree and AHP (Analytic Process Hierarchy). Ahn and Kim(2008) utilized logit, neural networks, CBR to predict that which customers would purchase the items promoted by marketing department and tried to optimized the number of k for k-nearest neighbor with genetic algorithm for the purpose of improving the performance of the integrated model. Hong and Park(2009) noted that the integrated approach with CBR for logit, neural networks, and Support Vector Machine (SVM) showed more improved prediction ability for response of customers to marketing promotion than each data mining models such as logit, neural networks, and SVM. This paper presented an approach to predict customers' response of marketing promotion with Case Based Reasoning. The proposed model was developed by applying different weights to each feature. We deployed logit model with a database including the promotion and the purchasing data of bath soap. After that, the coefficients were used to give different weights of CBR. We analyzed the performance of proposed weighted CBR based model compared to neural networks and pure CBR based model empirically and found that the proposed weighted CBR based model showed more superior performance than pure CBR model. Imbalanced data is a common problem to build data mining model to classify a class with real data such as bankruptcy prediction, intrusion detection, fraud detection, churn management, and response modeling. Imbalanced data means that the number of instance in one class is remarkably small or large compared to the number of instance in other classes. The classification model such as response modeling has a lot of trouble to recognize the pattern from data through learning because the model tends to ignore a small number of classes while classifying a large number of classes correctly. To resolve the problem caused from imbalanced data distribution, sampling method is one of the most representative approach. The sampling method could be categorized to under sampling and over sampling. However, CBR is not sensitive to data distribution because it doesn't learn from data unlike machine learning algorithm. In this study, we investigated the robustness of our proposed model while changing the ratio of response customers and nonresponse customers to the promotion program because the response customers for the suggested promotion is always a small part of nonresponse customers in the real world. We simulated the proposed model 100 times to validate the robustness with different ratio of response customers to response customers under the imbalanced data distribution. Finally, we found that our proposed CBR based model showed superior performance than compared models under the imbalanced data sets. Our study is expected to improve the performance of response model for the promotion program with CBR under imbalanced data distribution in the real world.