• 정보보호학회논문지
• /
• 제25권3호
• /
• pp.615-625
• /
• 2015

본 논문은 금융 사용자의 거래 행태를 반영한 이상거래 탐지 규칙 개선방안을 제시하고, 실제 적용된 사례를 분석하여 효과성을 검증하였다. 이상거래를 정상거래로 판단한 미탐분석은 전자금융사고 사례를 분석하여 사고유형과 거래행위를 파악하였고, 반대로 정상거래를 이상거래로 판단한 오탐 분석은 특정 기간 추가 인증 또는 차단 후 아웃바운드 안내 전화 실시 내역 전수 조사를 통해 수행하였다. 또한, 이상거래와 정상거래 행태 간 분류 기준을 정교화하기 위해 추가적인 탐지 규칙을 도출하였다. 특히, 아웃바운드 안내 전화 과정 중 탐지 규칙 정교화를 위한 추가 질의를 실시하여 금융 사용자의 거래 행태에 대한 다양한 통찰을 획득하였고, 이를 기반으로 기존 탐지규칙을 개선하였다. 그 결과 정상거래를 이상거래로 오탐하여 추가 인증 또는 차단하는 비율과 이상거래를 정상거래로 분류하여 실제 사고가 발생한 비율이 동시에 감소하였다. 본 논문에서 제안한 거래 행태에 기반한 이상거래 탐지 규칙 개선 방법은 이상거래 탐지의 효과성을 향상시키고 지속적인 탐지규칙 개선 방법론을 제공할 것으로 기대한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제9권1호
• /
• pp.260-279
• /
• 2015

In this paper, we investigate physical layer security for multiple decode-and-forward (DF) relaying underlay cognitive radio networks (CRNs) with fixed transmit power at the secondary network against passive eavesdropping attacks. We propose a simple relay selection scheme to improve wireless transmission security based on the instantaneous channel information of all legitimate users and the statistical information about the eavesdropper channels. The closed-form expressions of the probability of non-zero secrecy capacity and the secrecy outage probability (SOP) are derived over independent and non-identically distributed Rayleigh fading environments. Furthermore, we conduct the asymptotic analysis to evaluate the secrecy diversity order performance and prove that full diversity is achieved by using the proposed relay selection. Finally, numerical results are presented to verify the theoretical analysis and depict that primary interference constrain has a significant impact on the secure performance and a proper transmit power for the second transmitters is preferred to be energy-efficient and improve the secure performance.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권3호
• /
• pp.1289-1310
• /
• 2016

Dynamic ID-based authentication solves the ID-theft problem by changing the ID in each session instead of using a fixed ID while performing authenticated key exchanges between communicating parties. User anonymity is expected to be maintained and the exchanged key kept secret even if one of the long-term keys is compromised in the future. However, in the conventional dynamic ID-based authentication scheme, if the server's long-term key is compromised, user anonymity can be broken or the identities of the users can be traced. In addition, these schemes are vulnerable to replay attacks, in which any adversary who captures the authentication message can retransmit it, and eventually cause the legitimate user to be denied service. This paper proposes a novel dynamic ID-based authentication scheme that preserves forward anonymity as well as forward secrecy and obviates replay attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제5권9호
• /
• pp.1668-1683
• /
• 2011

The importance of secure communication between only legitimate group members in ad hoc networks has been growing in recent years. Due to the ad hoc nature the scalability on dynamic membership change is a major concern. However, the previous models require at least O(log n) communication cost for key update per each membership change, which imposes a heavy burden on the devices. In this paper we present a scalable model that supports communication-efficient membership change in ad hoc networks by exclusionary keys and RSA functions. The multicast cost for key update is extremely low, that is O(1) , and one-to-one communications occur mostly in neighboring devices.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권4호
• /
• pp.1904-1921
• /
• 2019

In this paper, we investigate the problem of secure communications in multiple-input-multiple-output interference networks from the perspective of physical layer security. Specifically, the legitimate transmitter-receiver pairs are divided into different categories of active and inactive. To enhance the security performances of active pairs, inactive pairs serve as cooperative jammers and broadcast artificial noises to interfere with the eavesdropper. Besides, active pairs improve their own security by using joint transceivers. The encoding of active pairs and inactive pairs are designed by maximizing the difference of mean-squared errors between active pairs and the eavesdropper. In detail, the transmit precoder matrices of active pairs and inactive pairs are solved according to game theory and linear programming respectively. Experimental results show that the proposed algorithm has fast convergence speed, and the security performances in different scenarios are effectively improved.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권12호
• /
• pp.6123-6138
• /
• 2018

Named data networking (NDN) is a new network architecture designed for next generation Internet. Router-side content caching is one of the key features in NDN, which can reduce redundant transmission, accelerate content distribution and alleviate congestion. However, several security problems are introduced as well. One important security risk is cache privacy leakage. By measuring the content retrieve time, adversary can infer its neighbor users' hobby for privacy content. Focusing on this problem, we propose a cache privacy protection mechanism (named as CPPM-DAM) to identify legitimate user and adversary using Bloom filter. An optimization for storage cost is further provided to make this mechanism more practical. The simulation results of ndnSIM show that CPPM-DAM can effectively protect cache privacy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제16권10호
• /
• pp.3256-3274
• /
• 2022

With the rapid development of information and communications technology, the construction of efficient, reliable, and safe Internet of Things (IoT) is an inevitable trend in order to meet high-quality demands for the forthcoming 6G communications. In this paper, we study a secure intelligent reflecting surface (IRS)-assisted IoT system where malicious eavesdropper trying to sniff out the desired information from the transmission links between the IRS and legitimate IoT devices. We discuss the system overall performance and propose a hybrid resource allocation scheme for maximizing the secrecy capacity and secrecy energy efficiency. In order to achieve the trade-off between transmission reliability, communication security, and energy efficiency, we develop a quantum-inspired marine predator algorithm (QMPA) for realizing rational configuration of system resources and prevent from eavesdropping. Simulation results demonstrate the superiority of the QMPA over other strategies. It is also indicated that proper IRS deployment and power allocation are beneficial for the enhancement of system overall capacity.

• 무역학회지
• /
• 제47권5호
• /
• pp.115-128
• /
• 2022

This paper reviewed "unconscionability" as an exception to the independence principle of bank guarantees. Apart from fraud which has been recognized in most international jurisdictions, Uuconscionability would also be recognized as the exception to the legal principle, the so-called "fraud rule" or "an abuse of rights." Unconscionability exception is applied in the same manner as fraud and other exceptions to the principle of independence. The exception should allow guarantor to dishonor the drawings that abuse the independence principle. However, outright or manifest facts of the unconscionability must be established in order to apply the exception. Lots of arguments or conflicts may be caused in applying the unconscionability exception. Therefore, this study aims to prevent institutional abuses or to reduce the disputes from setting up the legitimate scope and standard for application of the exception by reviewing these procedural issues and problems under bank guarantee transactions. This paper also suggested practical implications and countermeasures for the institutional application.

• 한국프랜차이즈경영연구
• /
• 제2권1호
• /
• pp.119-133
• /
• 2011

본 연구는 이론적 실무적 상황을 감안할 때 가맹계약에 대한 기본개념을 정립하고 가맹계약과 관련된 실무적 사항에 대한 논의의 범위를 확정하고 프랜차이즈 거래의 실태와 공정거래위원회의 법 적용 사례를 통해 불공정거래행위의 위법성기준을 분석하여 프랜차이즈 유관기관, 프랜차이즈 거래자, 관련소비자 등 모두에게 프랜차이즈 거래의 법적안정 효과에 기여함을 목적으로 한다. 결과적으로 가맹사업에서는 불공정성을 판단하는데 있어서 가맹사업법상 예외 규정을 적용하더라도 필요충분조건을 모두 포함하지 않으면 위법성을 조각할 수 없고, 위법성을 회피하는 절차를 거쳤다 하더라도 내용적으로 타당하지 않으면 위법성 조각될 수 없다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제18권7호
• /
• pp.1986-2009
• /
• 2024

The integration of blockchain technology with the rapid growth of Internet of Things (IoT) devices has enabled secure and decentralised data exchange. However, security vulnerabilities and performance limitations remain significant challenges in IoT blockchain networks. This work proposes a novel approach that combines transaction representation and machine learning techniques to address these challenges. Various clustering techniques, including k-means, DBSCAN, Gaussian Mixture Models (GMM), and Hierarchical clustering, were employed to effectively group unlabelled transaction data based on their intrinsic characteristics. Anomaly transaction prediction models based on classifiers were then developed using the labelled data. Performance metrics such as accuracy, precision, recall, and F1-measure were used to identify the minority class representing specious transactions or security threats. The classifiers were also evaluated on their performance using balanced and unbalanced data. Compared to unbalanced data, balanced data resulted in an overall average improvement of approximately 15.85% in accuracy, 88.76% in precision, 60% in recall, and 74.36% in F1-score. This demonstrates the effectiveness of each classifier as a robust classifier with consistently better predictive performance across various evaluation metrics. Moreover, the k-means and GMM clustering techniques outperformed other techniques in identifying security threats, underscoring the importance of appropriate feature selection and clustering methods. The findings have practical implications for reinforcing security and efficiency in real-world IoT blockchain networks, paving the way for future investigations and advancements.