• Information Systems Review
• /
• v.20 no.1
• /
• pp.99-114
• /
• 2018

Technical measures for computer security are essential, but they are not a sufficient condition for security. Therefore, a personal approach to user's security behavior should be developed. Personality, which is a human aspect, is a behavioral characteristic that characterizes each individual and facilitates prediction of how an individual will behave in certain situations. Protection motivation theory has been used extensively in the security research on human behavior. The present study discusses how protection motivation was formed from personality traits. Thus, organizations can refer the result of this study for their HRD and HRM concerns.

• Information Systems Review
• /
• v.19 no.3
• /
• pp.69-89
• /
• 2017

In the information age, the rapid development of information technology provides people with an enriching experience yet also causes them harm because of information security (IS) issues. The IS of smartphones faces great challenges. Although many studies on IS awareness have been conducted, most of them have focused on PCs and do not consider the security issues of smartphones. In this study, we focus on those factors that affect IS awareness for both PCs and smartphones. We also analyze the differences in the impacts of certain factors on PCs and smartphones based on the proposed research model. The results are summarized as follows. First, the understanding of security technique, understanding of IS threat, and IS education have significant impacts on IS awareness for PCs and smartphones, while IS intention has a significant impact on IS awareness for PCs but not for smartphones. Moreover, IS policy has no significant impact on IS awareness. Second, PCs and smartphones show no significant differences in IS awareness, IS threat, and IS intention, but show significant differences in understanding of security technique, IS education, and IS policy.

• Convergence Security Journal
• /
• v.12 no.3
• /
• pp.53-58
• /
• 2012

Network Access Control System that is one of the efforts to protect the information of internal applies to effectively control of insider and automatic network management and security. However, it has some problems : spoofing the authorized PC or mobile devices, connect to the internal network using a system that authorized users are away. In addition, information leakage due to malicious code in the same system. So in this paper, Network 2-Factor Access Control System based on RFID security control system is proposed for safety communication environment that performing a two-factor authentication using authorized user and devices to connect to the internal network.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.8
• /
• pp.1720-1726
• /
• 2011

The DDoS attacks which are increasing recently must have many zombie PCs before attacking targeted systems by attacker. A zombie PC is infected by attacker's malignant code and may be operated by the his/her special malicious purposes. But most users generally don't know that their PCs are infected and used as zombies by illegal activities covertly. In this paper, we propose a new scheme that decreases vulnerable PCs and isolates them from Internet before being zombie PCs. The proposed scheme point the reputations of connected PCs and decide whether their Internet connections are keeping continuously or not. Also We show the figures how to infect susceptable PCs to zombie PCs, and analyze the decrease effects of DDoS attacks adapted by the proposed scheme with various experiments.

• Convergence Security Journal
• /
• v.11 no.3
• /
• pp.55-66
• /
• 2011

This research focus on the value of smart phones for university students in Korea, considering on the correlations between the main causes influencing intrinsic value(price attributes, function attributes), network value(learning effects attributes, externalities attributes) user satisfaction, and intentions of repurchase of the smart phones market in Korea. Through the statistical analyses on the 8 hypotheses from a research model, we found that intrinsic value and network value gave an attentive influence on user satisfaction and repurchase intention. Call charge and Liquid crystal display and Design of smart phone have an influenced user satisfaction and repurchase intention.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.9 no.6
• /
• pp.599-603
• /
• 2016

Recently the wireless LAN system is substituting wired LAN system notably as the number of mobile users increases greatly along the advancement of technology. But the wireless LAN has a critical weakness in the security such as data leakage. Thus a safe security system is imperative to avoid threatening from hackers with offering the best convenience to inner users. In this research, we have developed a RADIUS wireless LAN security system for industrial applications, which performs the EAP authentication with the compatibility for any maker of wireless LAN. The system has interfaces based on WEB, providing DB access function for user management so that users can perform authentication of 802.1x in their computers.

• Journal of Software Assessment and Valuation
• /
• v.16 no.1
• /
• pp.65-79
• /
• 2020

As Programmable Logic Controllers (PLCs), popular components in industrial control systems (ICS), are incorporated with the technologies such as micro-controllers, real-time operating systems, and communication capabilities. As the latest PLCs have been connected to the Internet, they are becoming a main target of cyber threats. This paper proposes two sanitizers that improve the security of uC/OS-II based firmware for a PLC. That is, we devise BU sanitizer for detecting out-of-bounds accesses to buffers and UaF sanitizer for fixing use-after-free bugs in the firmware. They can sanitize the binary firmware image generated in a desktop PC before downloading it to the PLC. The BU sanitizer can also detect the violation of control flow integrity using both call graph and symbols of functions in the firmware image. We have implemented the proposed two sanitizers as a prototype system on a PLC running uC/OS-II and demonstrated the effectiveness of them by performing experiments as well as comparing them with the existing sanitizers. These findings can be used to detect and mitigate unintended vulnerabilities during the firmware development phase.