• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.97-105
• /
• 2015

Technology Security, especially in knowledge-intensive society, is becoming the most important organizational activity for the long-term success of a firm. However, there is not sufficient empirical research of activities of technology securities and business performance. This is one of the reason why Korean firms are reluctant to invest their resources to the technology security. We have tried to empirically analyze the relationship between a market and technological characteristics, which is one of the important business environmental characteristics and the activities of technology securities of Korean business firm by taking three hypotheses related to this research and investigating 209 Korean firms. According to the statistical research, results of the analyses suggest that the market and technological characteristics have positive impact on the activities of technology securities. Also the activities of technology securities have positive impact on the performance of technology security. More specifically, the results suggest that the relationship between the competitiveness of market and technological excellency and the activities of technology securities is supported statistically. But, the reverse relationship between the easiness of market entrance and the activities of technology securities is supported statistically. Also, there is no moderating effect of firm size between the relationship between a market and technological characteristics and the activities of technology securities. Finally, the relationship between the activities of technology securities and the risk of technology leakage is supported statistically.

• The Journal of Society for e-Business Studies
• /
• v.21 no.2
• /
• pp.121-133
• /
• 2016

All industries has expanded their research investment for development and secure of new technology, following application of ICT technology and rapid growth of industrial technology. Therefore efforts to protect the new technology have strengthened. Several governments have conducted a variety of industrial security activities with interest because these efforts are considered not only business problem level but also national level. In this paper, we research the industrial security related organization that performs the activities for industrial assets protection and technology drain prevention. Furthermore we discuss problems with the industrial security performance of government and emphasize the necessity of industrial security department in government.

• KNOM Review
• /
• v.22 no.2
• /
• pp.39-47
• /
• 2019

There are several big data-driven advanced research activities such as meteorological climate information, high energy physics, astronomy research, satellite information data, and genomic research data on KREONET. Since the performance degradation occurs in the environment with the existing network security equipment, methods for preventing the performance degradation on the high-performance research-only network and for high-speed research collaboration are being studied. In addition, the recent issue of quantum computers has been a threat to security using the existing encryption system. In this paper, we construct quantum cryptography-based communication network through environment construction and high-performance transmission test that build physical security through quantum cryptography-based communication network in end-to-end high-speed research network. The purpose of this study is to analyze the effect on network performance when performing physical encryption and to use it as basic data for constructing high-performance research collaboration network.

• IE interfaces
• /
• v.16 no.4
• /
• pp.421-431
• /
• 2003

Due to the increasing complexity of the information systems environment, modern information systems are facing more difficult and various security risks than ever, there by calling for a higher level of security safeguard. In this paper, an information technology security risk management model, which modified by adopting the concept of business processes, is applied to client/server distributed systems. The results demonstrate a high level of risk-detecting performance of the model, by detecting various kinds of security risks. In addition, a practical and efficient security control safeguard to cope with the identified security risks are suggested. Namely, using the proposed model, the risks on the assets in both of the I/O stage(on client side) and the request/processing stage(on server side), which can cause serious problems on business processes, are identified and the levels of the risks are analyzed. The analysis results show that maintenance of management and access control to application systems are critical in the I/O stage, while managerial security activities including training are critical in the request/processing stage.

• Journal of Information Science Theory and Practice
• /
• v.10 no.spc
• /
• pp.143-153
• /
• 2022

With the development of networks and the increase in the number of network devices, the number of cyber attacks targeting them is also increasing. Since these cyber-attacks aim to steal important information and destroy systems, it is necessary to minimize social and economic damage through early detection and rapid response. Many studies using machine learning (ML) and artificial intelligence (AI) have been conducted, among which payload learning is one of the most intuitive and effective methods to detect malicious behavior. In this study, we propose a preprocessing method to maximize the performance of the model when learning the payload in term units. The proposed method constructs a high-quality learning data set by eliminating unnecessary noise (stopwords) and preserving important features in consideration of the machine language and natural language characteristics of the packet payload. Our method consists of three steps: Preserving significant special characters, Generating a stopword list, and Class label refinement. By processing packets of various and complex structures based on these three processes, it is possible to make high-quality training data that can be helpful to build high-performance ML/AI models for security monitoring. We prove the effectiveness of the proposed method by comparing the performance of the AI model to which the proposed method is applied and not. Forthermore, by evaluating the performance of the AI model applied proposed method in the real-world Security Operating Center (SOC) environment with live network traffic, we demonstrate the applicability of the our method to the real environment.

• International Journal of Computer Science & Network Security
• /
• v.22 no.12
• /
• pp.37-50
• /
• 2022

Modern supply chains include multiple activities from collecting raw materials to transferring final products. These activities involve many parties who share a huge amount of valuable data, which makes managing supply chain systems a challenging task. Current supply chain management (SCM) systems adopt digital technologies such as the Internet of Things (IoT) and blockchain for optimization purposes. Although these technologies can significantly enhance SCM systems, they have their own limitations that directly affect SCM systems. Security, performance, and scalability are essential components of SCM systems. Yet, confidentiality and scalability are one of blockchain's main limitations. Moreover, IoT devices are lightweight and have limited power and storage. These limitations should be considered when developing blockchain-based IoT-SCM systems. In this paper, the requirements of efficient supply chain systems are analyzed and the role of both IoT and blockchain technologies in providing each requirement are discussed. The limitations of blockchain and the challenges of IoT integration are investigated. The limitations of current literature in the same field are identified, and a secure and scalable blockchain-based IoT-SCM system is proposed. The proposed solution employs a Hyperledger fabric blockchain platform and tackles confidentiality by implementing private data collection to achieve confidentiality without decreasing performance. Moreover, the proposed framework integrates IoT data to stream live data without consuming its limited resources and implements a dualstorge model to support supply chain scalability. The proposed framework is evaluated in terms of security, throughput, and latency. The results demonstrate that the proposed framework maintains confidentiality, integrity, and availability of on-chain and off-chain supply chain data. It achieved better performance through 31.2% and 18% increases in read operation throughput and write operation throughput, respectively. Furthermore, it decreased the write operation latency by 83.3%.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.33 no.4
• /
• pp.145-152
• /
• 2010

Under limited resources such as budgets and experts, it is necessary to make decisions for promotion strategy of standardization work items in Information and Communication Technologies (ICTs). This paper focuses on a method of setting standardization promotion strategies for each item of personal information security standardization. As a decision making tool, the Importance Performance Anaysis (IPA) is applied and analyzed to the decision processes. The results are showed and illustrated for useful inputs to practical policy making in the field of standardization activities.

• Journal of Digital Convergence
• /
• v.19 no.9
• /
• pp.463-468
• /
• 2021

Although the IoT is showing explosive growth due to the development of technology and the spread of IoT devices and activation of services, serious security risks and financial damage are occurring due to the activities of various botnets. Therefore, it is important to accurately and quickly detect the activities of these botnets. As security in the IoT environment has characteristics that require operation with minimum processing performance and memory, in this paper, the minimum characteristics for detection are selected, and KNN (K-Nearest Neighbor), Naïve Bayes, Decision Tree, Random A comparative study was conducted on the performance of machine learning algorithms such as Forest to detect botnet activity. Experimental results using the Bot-IoT dataset showed that KNN can detect DDoS, DoS, and Reconnaissance attacks most effectively and efficiently among the applied machine learning algorithms.

• Journal of the Korea Society for Simulation
• /
• v.32 no.4
• /
• pp.59-67
• /
• 2023

Private blockchains can apply enhanced security policies that allow only authorized users to participate in the blockchain network. In addition, when used in a career management system where the validity of an individual's career is important, it has the suitable characteristics in terms of information integrity. However, due to the excessive performance requirements of blockchain technology, identifying performance characteristics through simulation can be helpful in stable operation of the system. This paper presents research results that utilized performance evaluation results while constructing a career management system based on the Ethereum blockchain. The service not only serves as a portfolio that records personal career development activities, certification acquisition, and award results, but also provides a community function for career planning to strengthen employment competitiveness. In addition, we present how a compensation policy can be executed to encourage users to participate in career development through community activities. In particular, an appropriate compensation policy was derived by reviewing changes in performance characteristics in accordance with the transaction volume on Geth nodes.

• Journal of Information Technology and Architecture
• /
• v.11 no.2
• /
• pp.143-155
• /
• 2014

In recent years, domestic electronics, banking, electricity, services, manufacturing, pharmaceutical, corporate type and malicious hackers is corporate security through the accident occurred and the resulting loss of corporate information and the damage each year is steadily increasing. Many companies have responded to domestic business activities and to protect critical information related to laptops, smart phones, tablets, and introduced a variety of Endpoint security solutions within. However, being introduced to senselessly Endpoint security solution across the over-budget, with the same features and performance, such as conflicts and problems arise, resulting in additional maintenance costs, in an effort to resolve the conflict in the operational security of the IT department's new difficulty in becoming. Here is the introduction and operation of these Endpoint security solutions in order to solve the problem on employees's PC into the center of the information security governance based on Endpoint security solution to provide the process for determining the solutions presented.