• Title/Summary/Keyword: Sandbox

Search Result 67, Processing Time 0.027 seconds

Analysis of Regulatory Sandbox Usage by IT Companies (IT기업의 규제샌드박스 활용 분석)

  • Seokju Song;Daihwan Min;Hanjin Lee
    • Journal of Information Technology Services
    • /
    • v.22 no.5
    • /
    • pp.109-124
    • /
    • 2023
  • This study aims to apply the concept of regulatory stringency to the regulatory sandbox with a fresh perspective. The regulatory sandbox is a system that gives opportunities under certain conditions to new technologies or businesses that have not been launched due to inadequacy or insufficiency in legal systems. Previous research on regulatory sandboxes has mainly focused on discussions about their impact on specific technologies or business domains. This study attention to the results according to the evaluations. Among them, whether special cases for demonstration can evolve into official permission has garnered significant attention. For this study, among the cases that passed the regulatory sandbox evaluation from February, 2019, to December, 2022, 162 cases in the field of ICT convergence were selected. The evaluation results were classified into three groups 'positive interpretation (Fast Track)', 'temporary permission', and 'special case for demonstration.' Each case was assigned to one of the three groups. Through the comparative analysis, the common characteristics and differences were summarized. Then, this study explored improvement measures to pass a less restrictive regulatory sandbox. The analysis of the cases revealed that the differences in each evaluation result were attributed to variations in the technological characteristics and user protection features. Considering these differences, as well as the higher weight and importance of the preparation stage for sandbox application, this study suggested a three-step approach to prepare for temporary permission and positive interpretation rather than special case for demonstration. In addition, this thesis discussed the policy limitations of the regulatory sandbox mechanism in South Korea and the limitations of the current study. Hopefully, the results of this study would be beneficial to individuals and companies, particularly venture companies and startups seeking to develop new technologies or businesses and utilize regulatory sandboxes.

Automatic Creation of Forensic Indicators with Cuckoo Sandbox and Its Application (Cuckoo Sandbox를 이용한 포렌식 침해지표 자동생성 및 활용 방안)

  • Kang, Boong Gu;Yoon, Jong Seong;Lee, Min Wook;Lee, Sang Jin
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.5 no.11
    • /
    • pp.419-426
    • /
    • 2016
  • As the threat of cyber incident grows continuously, the need of IOC(Indicators of Compromise) is increasing to identify the cause of incidents and share it for quick response to similar incidents. But only few companies use it domestically and the research about the application of IOC is deficient compared to foreign countries. Therefore in this paper, a quick and standardized way to create IOC automatically based on the analysis result of malwares from Cuckoo Sandbox and its application is suggested.

The effect of 'Optimal Solution' factor in utility of online sandbox game (옵티멀솔루션 요소가 온라인 샌드박스 게임효용성에 미치는 영향)

  • Tak, Yeon-Suk
    • Journal of Korea Game Society
    • /
    • v.17 no.3
    • /
    • pp.107-116
    • /
    • 2017
  • Sandbox game users can double their satisfaction by re-creating a variety of play patterns. This creative process is due to the expansion of play through 'customizing' and 'action autonomy'. The purpose of this study is to investigate the structural limitations of freedom of online game. In a standalone game, the scalability due to the degree of freedom gives the user a strong motivation for world persistence. On the other hand, in online sandbox games such as MMORPG, it is confirmed that the goal-oriented tendency to gain advantage is the inherent limit of the freedom and expandability of the sandbox game. In this study, it is suggested that the cause and limit of growth of online-based sandbox game can be offset by the optimal solution factor.

JsSandbox: A Framework for Analyzing the Behavior of Malicious JavaScript Code using Internal Function Hooking

  • Kim, Hyoung-Chun;Choi, Young-Han;Lee, Dong-Hoon
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.6 no.2
    • /
    • pp.766-783
    • /
    • 2012
  • Recently, many malicious users have attacked web browsers using JavaScript code that can execute dynamic actions within the browsers. By forcing the browser to execute malicious JavaScript code, the attackers can steal personal information stored in the system, allow malware program downloads in the client's system, and so on. In order to reduce damage, malicious web pages must be located prior to general users accessing the infected pages. In this paper, a novel framework (JsSandbox) that can monitor and analyze the behavior of malicious JavaScript code using internal function hooking (IFH) is proposed. IFH is defined as the hooking of all functions in the modules using the debug information and extracting the parameter values. The use of IFH enables the monitoring of functions that API hooking cannot. JsSandbox was implemented based on a debugger engine, and some features were applied to detect and analyze malicious JavaScript code: detection of obfuscation, deobfuscation of the obfuscated string, detection of URLs related to redirection, and detection of exploit codes. Then, the proposed framework was analyzed for specific features, and the results demonstrate that JsSandbox can be applied to the analysis of the behavior of malicious web pages.

Feasibility of Streaming Potential Signal on Estimation of Solute Transport Characteristics

  • Kabir, Mohammad Lutful;Ji, Sung- Hoon;Lee, Jin-Yong;Koh, Yong- Kwon
    • Journal of Soil and Groundwater Environment
    • /
    • v.20 no.2
    • /
    • pp.41-46
    • /
    • 2015
  • The drag of the excess charge in an electrical double layer at the solid fluid interface due to water flow induces the streaming current, i.e., the streaming potential (SP). Here we introduce a sandbox experiment to study this hydroelectric coupling in case of a tracer test. An acrylic tank was filled up with homogeneous sand as a sand aquifer, and the upstream and downstream reservoirs were connected to the sand aquifer to control the hydraulic gradient. Under a steady-state water flow condition, a tracer test was performed in the sandbox with the help of peristaltic pump, and tracer samples were collected from the same interval of five screened wells in the sandbox. During the tracer test, SP signals resulting from the distribution of 20 nonpolarizable electrodes were measured at the top of the tank by a multichannel meter. The results showed that there were changes in the observed SP after injection of tracer, which indicated that the SP was likely to be related to the solute transport.

Detecting Malicious Codes with MAPbox using Dynamic Class Hierarchies (동적 클래스 계층구조를 이용한 MAPbox상에서의 악성코드 탐지 기법)

  • Kim Cholmin;Lee Seong-uck;Hong Manpyo
    • Journal of KIISE:Information Networking
    • /
    • v.31 no.6
    • /
    • pp.556-565
    • /
    • 2004
  • A Sandbox has been widely used to prevent damages caused by running of unknown malicious codes. It prevents damages by containing running environment of a program. There is a trade-off in using sandbox, between configurability and ease-of-use. MAPbox, an instance system of sandbox, had employed sandbox classification technique to satisfy both configurability and ease-of-use [1]. However, the configurability of MAPbox can be improved further. In this paper, we introduce a technique to attach dynamic class facility to MAPbox and implement MAPbox-advanced one. Newly generated class in our system has an access control with proper privileges. We show an example for improvements which denote our system have increased the configurability of MAPbox. It was determined as abnormal by MAPbox although is not. Our system could determine it as normal. We also show our techniques to overcome obstacles to implement the system.

A Study on the Method for detecting Stealth Native API calls in User-mode (유저 모드 기반의 은닉된 네이티브 API 호출 탐지 기법 연구)

  • Choe, Sim Hyeon
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2018.10a
    • /
    • pp.264-267
    • /
    • 2018
  • 본 연구에서는 API 호출을 은닉할 수 있는 새로운 유형의 유저모드 기반 루트킷으로 Cuckoo Sandbox를 회피하는 기법과 이를 탐지하기 위한 연구를 한다. Cuckoo Sandbox의 행위 분석을 회피하기 위해 잠재적으로 출현 가능한 은닉된 코드 이미지 기반의 신종 루트킷 원리를 연구하고 탐지하기 위한 방안을 함께 연구한다. 네이티브 API 호출 코드 영역을 프로세스 공간에 직접 적재하여 네이티브 API를 호출하는 기법은 Cuckoo Sandbox에서 여전히 잠재적으로 행위 분석 회피가 가능하다. 본 연구에서는 은닉된 외부주소 호출 코드 영역의 탐지를 위해 프로세스의 가상메모리 공간에서 실행 가능한 페이지 영역을 탐색 후 코사인 유사도 분석으로 이미지 탐지 실험을 하였으며, 코드 영역이 맵핑된 정렬 단위의 4가지 실험 조건에서 평균 83.5% 유사도 탐지 결과를 확인하였다.

Legal Research on FinTech Regulatory Sandbox Fostering Financial Innovations in Korea (핀테크 활성화를 위한 규제 샌드박스의 도입 방안 연구)

  • Ko, Young-Mi
    • Journal of Legislation Research
    • /
    • no.53
    • /
    • pp.213-267
    • /
    • 2017
  • Regulatory barrier is considered most challenging out of all FinTech barriers, which many technology innovators have always experienced. Even though technological solutions promise customers accessibility to more cost-effective and secured financial services, it is quite challenging to create regulatory environment that enables innovation FinTech industry. Especially, a common challenge FinTech innovators and business face is regulatory uncertainty and confusion rather than any particular regulation. Since many FinTech models are continuously introducing new innovative ways in providing financial services, significant confusion could be raised in applying principles of existing law and regulations. In addition, it is uncertain whether or not applying complex regulatory compliance model intended for large financial institutions to small start-ups is appropriate since most existing regulations and rules are established and introduced without considering innovative tools such as mobile instruments, e-trade, and internet. Therefore, new mechanism to access to regulatory information in a more cost-effective, quick and immediate way should be created. Regulators, technological innovators, and financial customers should cooperate each other to find out appropriate solutions for those issues. Many regulators are introducing regulatory sandbox which provides service providers with opportunities to test their innovations, during the test, providing regulators with enough time to understand risks of innovations. However, regulatory sandbox is not a panacea for all challenges to FinTech innovations. Therefore, regulators should make comprehensive and multidimensional efforts including regulatory sandbox in supporting FinTech ecosystem.

Effect of Game based Learning Utilized Sandbox Game on Creative Problem-solving Ability and Learning Flow (샌드박스형 게임을 활용한 게임기반학습이 창의적 문제해결력과 학습몰입도에 미치는 영향)

  • Jeon, Inseong;Kim, Jeongrang
    • Journal of The Korean Association of Information Education
    • /
    • v.20 no.3
    • /
    • pp.313-322
    • /
    • 2016
  • The effect on creative problem solving ability and learning flow is analyzed by applying game-based learning using sandbox game, Minecraft Edu for elementary school students. It appeared to be effective when applied to sand box utilizing game-based learning than traditional lecture teaching method on creative problem solving ability and learning flow. It is found to be a significant difference observed in all sub-elements on Creative problem solving ability and it is found to be a significant difference in all sub-elements on learning flow except sense of control and transformation of time.

Web 3.0 Business Model Canvas of Metaverse Gaming Platform, The Sandbox

  • Song, Minzheong
    • International journal of advanced smart convergence
    • /
    • v.13 no.2
    • /
    • pp.119-129
    • /
    • 2024
  • We look at Web 3.0 business model canvas (BMC) of metaverse gaming platform, The Sandbox (TS). As results, the decentralized, blockchain-based platform, TS benefits its creators and players by providing true ownership, tradability of decentralized assets, and interoperability. First, in terms of the governance and ownership, The SAND functions a governance token allowing holders to participate in decision and SAND owners can vote themselves or delegate voting rights to other players of their choice. Second, in terms of decentralized assets and activities, TS offers three products as assets like Vox Edit as a 3D tool for voxel ASSETS, Marketplace as NFT market, and Game Maker as a visual scripting toolbox. The ASSETS made in Vox Edit, sold on the Marketplace, can be also utilized with Game Maker. Third, in terms of the network technology, in-game items are no longer be confined to a narrow ecosystem. The ASSETS on the InterPlanetary File System (IPFS) are not changed without the owner's permission. LAND and SAND are supported on Polygon, so that users interact with their tokens in a single place. Last, in terms of the token economics, users can acquire in-game assets, upload these assets to the marketplace, use for paying transaction fees, and use these as governance token for supporting the foundation.