• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.2
• /
• pp.65-72
• /
• 2015

According to recent statistics published by the National Industrial Security Center, former and current employees are responsible for 80.4% of companies' technology leakages, and employees of cooperative firms are responsible for another 9.6%. This means that 90% of technology leakages are intentionally or mistakenly caused by insiders. In a recent incident, a credit card company leaked private information, and the person responsible was an employee of a cooperative firm. These types of incidents have an adverse effect not only on a company's assets but also on its reputation. Therefore, most institutions implement various security solutions to prevent information from being leaked. However, security solutions are difficult to analyze and distinguish from one another because their logs are independently operated and managed. A large number of logs are created from various security solutions. This thesis investigates how to prevent internal data leakage by setting up individual scenarios for each security solution, analyzing each scenario's logs, and applying a monitoring system to each scenario.

• Knowledge Management Research
• /
• v.20 no.4
• /
• pp.75-97
• /
• 2019

In the rapidly changing business environment, knowledge has been recognized as a core asset for sustaining an organization's competitive advantage. In addition, knowledge sharing is one of the key elements of knowledge management, emphasizing external knowledge sharing beyond initial internal knowledge sharing. However, while knowledge management research emphasizes knowledge sharing, which is a positive aspect, research on preventing knowledge leakage that can have negative consequences is relatively lacking. Companies have tried to minimize the negative effects of knowledge management but many knowledge leakage accidents are still occurring. Therefore, this study aims to examine the effects of external factors based on deterrence theory and internal factors based on self-determination theory on knowledge leakage intention focusing on tacit knowledge. The results of the empirical analysis of 100 data sets collected through a scenario-based survey show that certainty of sanctions, social disapproval, and competence are found to have a significant effect on reducing tacit knowledge leakage intention. Furthermore, informal sanctions have a greater impact on tacit knowledge leakage intention than formal sanctions and external factors have a greater effect on tacit knowledge leakage intention than internal factors.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.449-456
• /
• 2018

Many organizations divide the network to manage the network in order to prevent the leakage of internal data between separate organizations / departments by sending and receiving unnecessary traffic. The most fundamental network separation method is based on physically separate equipment. However, there is a case where a network is divided and operated logically by utilizing a virtual LAN (VLAN) network access control function that can be constructed at a lower cost. In this study, we first examined the possibility of bypassing the logical network separation through VLAN ID scanning and double encapsulation VLAN hopping attack. Then, we showed and implemented a data leak scenario by utilizing the acquired VLAN ID. Furthermore, we proposed a simple and effective technique to detect and prevent the double encapsulation VLAN hopping attack, which is also implemented for validation. We hope that this study improves security of organizations that use the VLAN-based logical network separation by preventing internal data leakage or external cyber attack exploiting double encapsulation VLAN vulnerability.