• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.12
• /
• pp.873-879
• /
• 2020

The importance of data as a core resource of the 4th industrial revolution is emerging, and companies illegally collect and use personal data. In the financial sector, active research is conducted to safely manage personal data and provide better services using blockchain, big data, and AI technology. In this paper, we propose a system that can safely manage personal data by using blockchain technology, which can be used without changing the existing system. The composition of this system consists of a blockchain, blockchain linkages, a service provider, and a user (i.e., an app). Blockchain can be used regardless of its type and form, and services are provided by classifying blockchains and services in the blockchain linkages. Service providers can access personal data only after requesting and receiving delegated permission from users. Existent MyData services store all data in a user's mobile phone, so information may get leaked due to jailbreaks or rooting. But in the proposed system, personal data are stored in blockchain so information leakage can be prevented. In the future, we will study ways to provide customized services using personal data stored in blockchain.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.49 no.7
• /
• pp.71-79
• /
• 2012

As advances in computer technology, dissemination of smartphones and tablet PCs has increased and digital media has become easily accessible. The performance of computer hardware is improved and the form of hardware is changed, but basically the change in mechanism was not occurred. Typically, the data used in the program is resident in memory during the operation because of the operating system efficiency. So, these data in memory is accessible through the memory dumps or real-time memory analysis. The user's personal information or confidential data may be leaked by exploiting data; thus, the countermeasures should be provided. In this paper, we proposed the method that minimizes user's data leakage through finding the physical memory address of the process using virtual memory address, and initializing memory data of the process.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.3
• /
• pp.195-200
• /
• 2012

Smart Phone devices offer convenience for users, but present a new set of security issues due to loss or malicious code. In this paper, a mobile cloud system environment is used with existing smart phones in an attempt to solve the problems in a banking environment. In order to prevent financial damages due to loss or personal information leakage by malicious code, a mobile cloud computing service that provides control and protection of personal information in environment that ensures individual authentication is used. Existing ID / Password with certificate, with the way smart phone dual password authentication scheme using the gyro sensors proposed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.541-547
• /
• 2019

As leakage cases of personal information increase, the concern of personal information protection is also increasing. As a result, most applications encrypt and store sensitive information such as personal information. Especially, in case of instant messengers, it is more difficult to find database where is not encrypted and stored. However, this kind of database encryption acts as anti-forensic from the point of view of digital forensic investigation. In this paper, we analyze database encryption process of MalangMalang Talkcafe application which is one of instant messenger. Based on our analysis, we propose a decryption method and explain the meaningful information collected in the database.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.206-208
• /
• 2022

As the big data industry has recently developed significantly, interest in privacy violations caused by personal information leakage has increased. There have been attempts to automate this through named entity recognition in natural language processing. In this paper, named entity recognition data is constructed semi-automatically by identifying sentences with de-identification information from de-identification information in Korean Wikipedia. This can reduce the cost of learning about information that is not subject to de-identification compared to using general named entity recognition data. In addition, it has the advantage of minimizing additional systems based on rules and statistics to classify de-identification information in the output. The named entity recognition data proposed in this paper is classified into twelve categories. There are included de-identification information, such as medical records and family relationships. In the experiment using the generated dataset, KoELECTRA showed performance of 0.87796 and RoBERTa of 0.88.

• The Journal of Society for e-Business Studies
• /
• v.20 no.2
• /
• pp.27-36
• /
• 2015

Current leakage of industrial technologies with revealing state secret against nation is gradually increasing and scope of the spill is diversified from technology-oriented leakage to new economic security sector like information and communication, electrical and electronic, defense industry, illegal export of strategic material, economic order disturbance by foreign country, infringement of intellectual property, etc. So the spill damage can affect not only leaked company but also national interests and entire domestic industry. According to statistics from National Industrial Security Center of National Intelligence Service, a major cause of technology leakage is not only by external things about hacking and malignant code, but internal leakage of former and current employees account for about 80%. And technology leakage due to temptation of money and personal interests followed by technology leakage of subcontractor is steadily increased. Most studies in the field of security have tended to focus on measuring security capability of company in order to prevent leakage core assets or developing measurement Indicators for management rather than security activities of the company members that is most important. Therefore, this study analyzes the effect of most underlying security education in security activities on security capabilities of enterprise. As a result, it indicates that security education have a positive(+) correlation with security capabilities.

• Proceedings of the KIEE Conference
• /
• 2006.07c
• /
• pp.1465-1466
• /
• 2006

The monitoring and diagnosing technique for lightning arresters is important to assure the reliability of power supply in GIS-substation. In this paper, we described the implementation of an expert system for GIS arrester facilities. The proposed system consists of a data acquisition module (DAM), a wireless communication module, and a personal computer. The DAM detects system voltages, total leakage currents and its harmonic components, and includes an algorithm to calculate the resistive leakage current by the principle that the magnitudes of resistive leakage current are equal at the same level of the system voltage applied to the arrestor. Also, we designed a surge event detection circuit which can acquire the date, the polarity, and the amplitude of surge events. All the acquired data are transmitted after correction by many algorithms to the remote station through the ZigBee protocol. The expert system is based on the Jave Expert System Shell (JESS) and make more reliable decision by using an exclusive inference process.

• Journal of Distribution Science
• /
• v.16 no.5
• /
• pp.61-70
• /
• 2018

Purpose - These days, an individual user, private entity, hears everyday news of hacking and personal information leakage in the era of a most-connected society. This study investigates cyber attack, cyber insurance and distribution channels for insurance goods in South Korea by analyzing various cases of cyber attacks in domestic and overseas case. Research design, data and methodology - This study adopted various study cases instead of the one large case for deep quality analysis, and focused on various cases of domestic and overseas cyber attacks with insurance. Result - As a result of analyzing the cases that were hacked, types of massive losses and damages arising out of internet blackout due to cyber risks are paralyzation of public and private website and portal, electronic administrative system, public infrastructure, and consequently a normal operation of nation is impossible. These losses and damages however can be coverable under cyber insurance. Conclusions - This paper suggests insurance carriers, as suppliers, should provide multiple channels to sell to the customer and should expand the strategy of advertisement and promotion in order for them to change their mind and compare the price and value of the information of individual users and private entity in view of cost savings.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.295-301
• /
• 2018

Smartphone can save many data because it provide various function such as call, message, calendar, document, camera, and so on. They include a number of important things like personal information. Thus it is necessary to backup the data to deal with smartphone change and a threat like ransomware. In this paper, we analyze the backup method using PC among several backup methods and check the possibility of leakage of personal information such as contacts from backup file. It is expected to be used to check the problems of the PC backup method or to strengthen the more secure backup technology.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.823-834
• /
• 2020

In the past, when the personal information leakage incident of the three card companies, the computer program development was followed by the same strict electronic financial supervision regulations as the operating environment. However, when developing a computerized program, the application data is being verified with the integrity of the test data being compromised because the identification of the scope of conversion of the test data associated with the application is unclear. Therefore, in this paper, we proved by presenting a process and algorithm for selecting a range of sufficient test data conversion targets associated with a specific application.