• Journal of the Korea Society of Computer and Information
• /
• v.13 no.4
• /
• pp.255-262
• /
• 2008

It is settled in the economic arena that electronic commerce which used the Internet is new recently by explosive increase of the rapid development and Internet use of the information and communication technology. The problem that is legitimate at a point called the business of the form that the electronic transactions to set together if I drift are new of the times is the situation caused a lot. However, the use custom of construction and electronic transactions of the maintenance that is the legislation thief who can do rules of electronic transactions is the fact that it was not able to be still established It may not be just applied to the Internet electronic transactions that an exchange promise between our characters does against unspecified number of the general public person in the property even if I say that the conclusion of the purchase agreement is concluded in Internet electronic transactions by EDI method. That can have the approval of contract in the main legal problem of such an Internet electronic transactions contract. We civil law sorts it by a contract between the talks characters and a contract between the remote area people and all the adopted children are equal and must decide the formation of contract time in a principle of Empfangstheorie because it may be said that the rule of the civil law that it be heated and decides to be able to be available is irrational.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.60
• /
• pp.141-175
• /
• 2013

The purpose of this study aims to the implications by the introduction of TSU/BPO system as a instrument of trade settlement. Jointly with financial messaging provider SWIFT, the ICC Banking Commission has developed the URBPO to take into account the legitimate expectations of all relevant sectors. Once the goods have been shipped, the seller's bank uploads the shipping and logistics data to the TSU to be checked against the baseline. URBPO is the first ever set of standards in supply chain finance that governs BPO transactions worldwide. BPO enables banks to reduce the risks associated with international trade to the benefit of both buyers and sellers. A BPO is an irrevocable undertaking given by an Obliger Bank to a Recipient Bank to pay a specified amount under the condition of a successful electronic matching of data or acceptance of mismatches. The BPO should be viewed as an exercise in collaboration between trading partners and their banks. Drawings upon global standards and incorporating the benefits offered by letters of credit, the new instrument has the potential to benefit all parties in a trade transaction-and bring trade settlement into the 21st century.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.2
• /
• pp.604-625
• /
• 2018

Nowadays, SMS spam has been overflowing in many countries. In fact, the standards of filtering SMS spam are different from country to country. However, the current technologies and researches about SMS spam filtering all focus on dividing SMS message into two classes: legitimate and illegitimate. It does not conform to the actual situation and need. Furthermore, they are facing several difficulties, such as: (1) High quality and large-scale SMS spam corpus is very scarce, fine categorized SMS spam corpus is even none at all. This seriously handicaps the researchers' studies. (2) The limited length of SMS messages lead to lack of enough features. These factors seriously degrade the performance of the traditional classifiers (such as SVM, K-NN, and Bayes). In this paper, we present a new fine categorized SMS spam corpus which is unique and the largest one as far as we know. In addition, we propose a classifier, which is based on the probability topic model. The classifier can alleviate feature sparse problem in the task of SMS spam filtering. Moreover, we compare the approach with three typical classifiers on the new SMS spam corpus. The experimental results show that the proposed approach is more effective for the task of SMS spam filtering.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.11
• /
• pp.5594-5615
• /
• 2019

Malicious social robots, which are disseminators of malicious information on social networks, seriously affect information security and network environments. The detection of malicious social robots is a hot topic and a significant concern for researchers. A method based on classification has been widely used for social robot detection. However, this method of classification is limited by an unbalanced data set in which legitimate, negative samples outnumber malicious robots (positive samples), which leads to unsatisfactory detection results. This paper proposes the use of generative adversarial networks (GANs) to extend the unbalanced data sets before training classifiers to improve the detection of social robots. Five popular oversampling algorithms were compared in the experiments, and the effects of imbalance degree and the expansion ratio of the original data on oversampling were studied. The experimental results showed that the proposed method achieved better detection performance compared with other algorithms in terms of the F1 measure. The GAN method also performed well when the imbalance degree was smaller than 15%.

• IEIE Transactions on Smart Processing and Computing
• /
• v.5 no.2
• /
• pp.94-99
• /
• 2016

Application layer attacks have for years posed an ever-serious threat to network security, since they always come after a technically legitimate connection has been established. In recent years, cyber criminals have turned to fully exploiting the web as a medium of communication to launch a variety of forbidden or illicit activities by spreading malicious automated software (auto-ware) such as adware, spyware, or bots. When this malicious auto-ware infects a network, it will act like a robot, mimic normal behavior of web access, and bypass the network firewall or intrusion detection system. Besides that, in a private and large network, with huge Hypertext Transfer Protocol (HTTP) traffic generated each day, communication behavior identification and classification of auto-ware is a challenge. In this paper, based on a previous study, analysis of auto-ware communication behavior, and with the addition of new features, a method for classification of HTTP auto-ware communication is proposed. For that, a Not Only Structured Query Language (NoSQL) database is applied to handle large volumes of unstructured HTTP requests captured every day. The method is tested with real HTTP traffic data collected through a proxy server of a private network, providing good results in the classification and detection of suspicious auto-ware web access.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.8
• /
• pp.3550-3566
• /
• 2020

As a widely used way to exfiltrate information, wireless covert channel (WCC) brings a serious threat to communication security, which enables the wireless communication process to bypass the authorized access control mechanism to disclose information. Unlike the covert channel on the network layer, wireless covert channels on the physical layer (WCC-P) is a new covert communication mode to implement and improve covert wireless communication. Existing WCC-P scheme modulates the secret message bits into the Gaussian noise, which is also called covert digital communication system based on the joint normal distribution (CJND). Finding the existence of this type of covert channel remains a challenging work due to its high undetectability. In this paper, we exploit the square autocorrelation coefficient (SAC) characteristic of the CJND signal to distinguish the covert communication from legitimate communication. We study the sharp increase of the SAC value when the offset is equal to the symbol length, which is caused by embedding secret information. Then, the SAC value of the measured sample is compared with the threshold value to determine whether the measured sample is CJND sample. When the signal-to-noise ratio reaches 20db, the detection accuracy can reach more than 90%.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.7
• /
• pp.2752-2768
• /
• 2020

Phishing websites can have devastating effects on governmental, financial, and social services, as well as on individual privacy. Currently, many phishing detection solutions are evaluated using small datasets and, thus, are prone to sampling issues, such as representing legitimate websites by only high-ranking websites, which could make their evaluation less relevant in practice. Phishing detection solutions which depend only on the URL are attractive, as they can be used in limited systems, such as with firewalls. In this paper, we present a URL-only phishing detection solution based on a convolutional neural network (CNN) model. The proposed CNN takes the URL as the input, rather than using predetermined features such as URL length. For training and evaluation, we have collected over two million URLs in a massive URL phishing detection (MUPD) dataset. We split MUPD into training, validation and testing datasets. The proposed CNN achieves approximately 96% accuracy on the testing dataset; this accuracy is achieved with URL schemes (such as HTTP and HTTPS) removed from the URL. Our proposed solution achieved better accuracy compared to an existing state-of-the-art URL-only model on a published dataset. Finally, the results of our experiment suggest keeping the CNN up-to-date for better results in practice.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.9
• /
• pp.1684-1697
• /
• 2011

We show that two protocols for RFID mutual authentication in pervasive computing environments, recently proposed by Kang et al, are vulnerable to several attacks. First, we show these protocols do not preserve the privacy of users' location. Once a tag is authenticated successfully, we show several scenarios where legitimate or illegitimate readers can trace the location of that tag without any further information about the tag's identifier or initial private key. Second, since the communication between readers and the database takes place over an insecure communication channel and in the plaintext form, we show scenarios where a compromised tag can gain access to confidential information that the tag is not supposed get access to. Finally, we show that these protocols are also vulnerable to the replay and denial-of-service attacks. While some of these attacks are due to simple flaws and can be easily fixed, others are more fundamental and are due to relaxing widely accepted assumptions in the literature. We examine this issue, apply countermeasures, and re-evaluate the protocols overhead after taking these countermeasures into account and compare them to other work in the literature.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.4
• /
• pp.1941-1960
• /
• 2019

Unmanned aerial vehicles (UAVs), acting as mobile base stations (BSs), can be deployed in the typical fifth-generation mobile communications (5G) scenarios for the purpose of substantially enhancing the radio coverage. Meanwhile, UAV aided underlay device-to-device (D2D) communication mode can be activated for further improving the capacity of the 5G networks. However, this UAV aided D2D communication system is more vulnerable to eavesdropping attacks, resulting in security risks. In this paper, the D2D receivers work in full-duplex (FD) mode, which improves the security of the network by enabling these legitimate users to receive their useful information and transmit jamming signal to the eavesdropper simultaneously (with the same frequency band). The security communication under the UAV coverage is evaluated, showing that the system's (security) capacity can be substantially improved by taking advantage of the flexible radio coverage of UAVs. Furthermore, the closed-form expressions for the coverage probabilities are derived, showing that the cellular users (CUs)' secure coverage probability in downlink transmission is mainly impacted by the following three factors: its communication area, the relative position with UAV, and its eavesdroppers. In addition, it is observed that the D2D users or DUs' secure coverage probability is relevant to state of the UAV. The system's secure capacity can be substantially improved by adaptively changing the UAV's position as well as coverage.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.1
• /
• pp.285-301
• /
• 2021

Recently, with the diversification of media services and the development of smart devices, users have more opportunities to use digital content, such as movies, dramas, and music; consequently, the size of the copyright market expands simultaneously. However, there are piracy sites that generate revenue by illegal use of copyrighted works. This has led to losses for copyright holders, and the scale of copyrighted works infringed due to the ever-increasing number of piracy sites has increased. To prevent this, government agencies respond to copyright infringement by monitoring piracy sites using online monitoring and countermeasure strategies for infringement. However, the detection and blocking process consumes a significant amount of time when compared to the rate of generating new piracy sites. Hence, online monitoring is less effective. Additionally, given that piracy sites are sophisticated and refined in the same way as legitimate sites, it is necessary to accurately distinguish and block a site that is involved in copyright infringement. Therefore, in this study, we analyze features of piracy sites and based on this analysis, we propose an intelligent detection technique for piracy sites that automatically classifies and detects whether a site is involved in infringement.