• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.245-248
• /
• 2011

Voice over Internet protocol(VoIP) is call's contents using the existing internet. Thus, in common with the Internet service has the same vulnerability. In addition, unlike traditional PSTN remotely without physical access to hack through the eavesdropping is possible. Cyber terrorism by anti-state groups take place when the agency's computer network and telephone system at the same time work is likely to get upset. In this paper is penetration testing for security threats(Call interception, eavesdropping, misuse of services) set out in the NIS in the VoIP. In addition, scenario writing and penetration testing, hacking through the Voice over Internet protocol at the examination center will study discovered vulnerabilities. Vulnerability discovered in Voice over Internet protocol presents an attack and defense plan.

• Journal of Korean Clinical Nursing Research
• /
• v.24 no.2
• /
• pp.178-187
• /
• 2018

Purpose: The purpose of this study was to explore the relationships among workplace bullying, organizational commitment, and turnover intention of nurses. Methods: A cross-sectional study was conducted. Data were collected using a structured questionnaire from nurses at five public hospitals (N=190). Results: The experience of bullying was 31.29 points (range 16-64) on average: Work-related bullying was the highest, followed by verbal/non verbal bullying and external threats. The consequences of bullying were 30.54 points (range 13-52) on average: The physical/psychological withdrawal was the highest, followed by increasing distrust and the poor quality of patient care. The experiences of bullying had positive correlations with the consequences of bullying (r=.55, p<.001) and the turnover intention (r=.27, p<.001), and had a negative correlation with organizational commitment (r=-.28, p<.001). The consequences of bullying had a positive correlation with the turnover intention (r=.52, p<.001), and had a negative correlation with organizational commitment (r=-.49, p<.001). Organizational commitment showed a negative correlation with the turnover intention (r=.63, p<.001). Conclusion: The findings of this study suggests the needs of a regular monitoring system and organizational management for workplace bullying, which helps nurses to commit to their organization and to be retained in a workplace.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.25-31
• /
• 2021

The purpose of this study was to keep the Security Control Center, which operates under a shift system, uninterrupted during the COVID-19 virus epidemic. Security facilities responding to cybersecurity threats are essential security facilities that must be operated 24 hours a day, 365 days a day in real time, and are critical to security operations and management. If security facilities such as infectious disease epidemic, system failure, and physical impact are closed or affected, they cannot respond to real-time cyberattacks and can be fatal to security issues. Recently, there have been cases in which security system facilities cannot be operated, such as the closure of facilities due to the COVID-19 virus epidemic and the availability of security systems due to the rainy season, and other cases need to be prepared. In this paper, we propose a plan to configure a security system facility as a multiplexing facility and operate it as an alternative in the event of a closed situation.

• KIPS Transactions on Computer and Communication Systems
• /
• v.8 no.6
• /
• pp.139-150
• /
• 2019

IoT(Internet of Things) security is becoming increasingly important because IoT potentially has a variety of security threats, including limited hardware specifications and physical attacks. This paper is a study on the certification technology suitable for the lightened IoT environment, and we propose a system in which many gateways share authentication information and issue authentication tokens for mutual authentication using blockchain. The IoT node can be issued an authentication token from one gateway to continuously perform authentication with a gateway in the block-chain network using an existing issued token without performing re-authentication from another gateway participating in the block-chain network. Since we do not perform re-authentication for other devices in a blockchain network with only one authentication, we proposed multi phase authentication consisting of device authentication and message authentication in order to enhance the authentication function. By sharing the authentication information on the blockchain network, it is possible to guarantee the integrity and reliability of the authentication token.

• The Korean Journal of Air & Space Law and Policy
• /
• v.33 no.2
• /
• pp.199-224
• /
• 2018

Aviation's safety record continues to improve yearly, especially with respect to passenger and crew injuries and deaths. However, although the number of accidents has decreased over the decades, there are still many events, such as landings short of the runway and runway excursions, both of which pose threats to passenger and crew safety. Surviving any kind of aviation accident depends on the physiological threat and stress of the impact(s), the extent to which the physical structure surrounding the passengers and crew remains intact, and the ability of the passengers and crew to be able to escape the wreckage. The one action that both passengers and crew can carry out to help decrease the likelihood of crash-related injury or death is to assume an emergency brace position. Doing so has been demonstrated over several decades to improve survivability. While cabin crew are taught (and then might have to teach passengers in an emergency about the emergency brace position), passengers in many parts of the world never learn about the brace position unless they are involved in an emergency in which there is time to prepare for the landing. This lack of provision of information is related to the fact that most airlines do not provide information in the preflight safety briefing and some do not even provide the information in the passenger safety cards. Many countries do not require their airlines to do so, a fact, which in turn, is related to the lack of mention of the brace position in ICAO's Annex 6. Until standards and recommended practices are changed at the highest world level, passengers will continue to be deprived of this vital, life-saving information that they can use, potentially to help save their own lives.

• Fashion & Textile Research Journal
• /
• v.21 no.5
• /
• pp.618-626
• /
• 2019

This study conducted basic studies to develop electromagnetic wave shielding maternity wear. We investigated electromagnetic wave shielding fabrics and products as well as surveyed actual wearing states for pregnant women aged 35 to 44 and women who gave birth within the past one year. Available electromagnetic wave blocking products for pregnant women were blankets, aprons, maternity belts, and underwear. These only cover the abdomen and it was hard to find out electromagnetic waves shielding maternity wear, which can enhance functionality and complement the body shapes of pregnant women. The aged mother responded pregnancy delay was mostly attributable to late marriage, career, financial difficulty and health problems. Major health threats to babies were high stress levels during pregnancy, followed by electromagnetic waves from electronic devices. They prioritized physical activity, design, functionality and safety when wearing maternity wear. When purchasing maternity wear, they emphasized design, price, materials and size. The most preferred clothing was one-piece dress; consequently, only 11.1% of them were satisfied with the quality of maternity wear with complaints mostly about design and price. A total of 63% of respondents tried to protect themselves from electromagnetic waves. Most aged mothers showed a positive intention on purchasing electromagnetic waves blocking maternity wear for babies with concerns dealing with safety of materials, prices, ease of laundry, and body complementing design.

• Journal of Information Processing Systems
• /
• v.15 no.4
• /
• pp.865-889
• /
• 2019

The need for cyber resilience is increasingly important in our technology-dependent society where computing devices and data have been, and will continue to be, the target of cyber-attackers, particularly advanced persistent threat (APT) and nation-state/sponsored actors. APT and nation-state/sponsored actors tend to be more sophisticated, having access to significantly more resources and time to facilitate their attacks, which in most cases are not financially driven (unlike typical cyber-criminals). For example, such threat actors often utilize a broad range of attack vectors, cyber and/or physical, and constantly evolve their attack tactics. Thus, having up-to-date and detailed information of APT's tactics, techniques, and procedures (TTPs) facilitates the design of effective defense strategies as the focus of this paper. Specifically, we posit the importance of taxonomies in categorizing cyber-attacks. Note, however, that existing information about APT attack campaigns is fragmented across practitioner, government (including intelligence/classified), and academic publications, and existing taxonomies generally have a narrow scope (e.g., to a limited number of APT campaigns). Therefore, in this paper, we leverage the Cyber Kill Chain (CKC) model to "decompose" any complex attack and identify the relevant characteristics of such attacks. We then comprehensively analyze more than 40 APT campaigns disclosed before 2018 to build our taxonomy. Such taxonomy can facilitate incident response and cyber threat hunting by aiding in understanding of the potential attacks to organizations as well as which attacks may surface. In addition, the taxonomy can allow national security and intelligence agencies and businesses to share their analysis of ongoing, sensitive APT campaigns without the need to disclose detailed information about the campaigns. It can also notify future security policies and mitigation strategy formulation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.47-60
• /
• 2011

With the increase in the use of mobile banking service, mobile banking has become an attractive target to attackers. Even though many security measures are applied to the current mobile banking service, some threats such as physical theft or penetration to a mobile device from remote side are still remained as unsolved. With aiming to fill this void, we propose a novel approach to prevent e-financial incidents by analyzing mobile device user's input patterns. This approach helps us to distinguish between original user's usage and attacker's usage through analyzing personal input patterns such as input time-interval, finger pressure level on the touch screen. Our proposed method shows high accuracy, and is effective to prevent the e-finance incidents proactively.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1141-1149
• /
• 2020

Most of the industrial control network is an independent closed network, which is operated for a long time after installation, and thus the OS is not updated, so security threats increase and security vulnerabilities exist. The zero-day attack defense must be applied with the latest patch, but in a large-scale industrial network, it requires a higher level of real-time and non-disruptive operation due to the direct handling of physical devices, so a step-by-step approach is required to apply it to a live system. In order to solve this problem, utility-specific patch impact assessment is required for reliable patch application. In this paper, we propose a method to test and safely install the patch using the regression analysis technique and show the proven results. As a patch impact evaluation methodology, the maximum allowance for determining the safety of a patch was derived by classifying test types based on system-specific functions, performance, and behavior before and after applying the patch. Finally, we report the results of case studies applied directly to industrial control networks, the OS patch has been updated while ensuring 99.99% availability.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.10
• /
• pp.3313-3332
• /
• 2022

This study is an investigation into the factors affecting patient dissatisfaction among Saudi hospitals. The selected factors considered for analysis are security of information sharing, operational practices, disruptive technologies, and the ease of use of EHR patient information management systems. From the literature review section, it was clear that hardly any other studies have embraced these concepts in one as was intended by this study. The theories that the study heavily draws from are the service dominant logic and the feature integration theory. The study surveyed 350 respondents from three large major hospitals in three different metropolitan cities in the Kingdom of Saudi Arabia. This sample came from members of the three hospitals that were willing to participate in the study. The number 350 represents those that successfully completed the online questionnaire or the limited physical questionnaires in time. The study employed the structural equation modelling technique to analyze the associations. Findings suggested that security of information sharing had a significant direct effect on patient satisfaction. Operational practice positively mediated the effect of security of information sharing on patient dissatisfaction. However, ease of use failed to significant impact this association. The study concluded that to improve patient satisfaction, Saudi hospitals must work on their systems to reinforce them against the active threats on the privacy of patients' data by leveraging disruptive technology. They should also improve their operational practices by embracing quality management techniques relevant to the healthcare sector.