• Convergence Security Journal
• /
• v.18 no.5_1
• /
• pp.45-51
• /
• 2018

As data utilization and importance becomes important, data-related accidents and damages are gradually increasing. Especially, insider threats are the most harmful threats. And these insider threats are difficult to detect by traditional security systems, so rule-based abnormal behavior detection method has been widely used. However, it has a lack of adapting flexibly to changes in new attacks and new environments. Therefore, in this paper, we propose an adaptive anomaly movement detection framework based on a statistical Markov model to detect insider threats in advance. This is designed to minimize false positive rate and false negative rate by adopting environment factors that directly influence the behavior, and learning data based on statistical Markov model. In the experimentation, the framework shows good performance with a high F2-score of 0.92 and suspicious behavior detection, which seen as a normal behavior usually. It is also extendable to detect various types of suspicious activities by applying multiple modeling algorithms based on statistical learning and environment factors.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.1063-1070
• /
• 2021

The development of IT technology emphasizes the importance of training IT professionals, and the need for education for elementary and secondary education as well as adult education for training technical talent is expanding. In particular, information curriculum will be added as an essential course from the 2015 revised curriculum, and IT technology will be understood in the curriculum for elementary and secondary schools and will be required to develop applicability to solve problems based on understanding. Currently, research is under way to integrate IT technologies to provide new services, and if the use of personal information is required in the process, thorough security for the leakage of personal information is pre-empted. It also prevents the identification of personal information in the process of transmitting data to the outside world. In this paper, we propose a training method for elementary school subjects to understand the non-identification process that occurs in the process of transferring data using pipe games so that they can understand the principles of non-identification and develop applications to solve real-life problems.

• Journal of Digital Convergence
• /
• v.19 no.9
• /
• pp.75-81
• /
• 2021

The purpose of this research is to derive and evaluate priorities for critical factors that must be determined before an enterprise adopts a cloud computing service. AHP analysis techniques were used to reflect decisions made by experts as research methods. AHP is a decision-making technique that expresses complex decision-making problems hierarchically and derives the best alternatives through pairwise comparison between the items of the hierarchy. Compared to the existing statistical decision making techniques, the decision making process is systematic and simple, making it easy to understand. In addition, the procedure is also reasonable by providing an indicator to determine the consistency of the decision maker in the analysis process. The analysis results of this research showed that security was the first priority, reliability was the second priority, and economic efficiency was the third priority. Among the factors in the first-priority security items, the access control rights and the safety factors of external threats are the most important factors. Research results can be used as a guideline in future practice, and it is necessary to evaluate, compare and analyze the satisfaction of companies that have adopted cloud computing services in the future.

• Journal of Internet Computing and Services
• /
• v.20 no.5
• /
• pp.121-132
• /
• 2019

As the 4th industrial age enters, the number of IoT devices is exploding. Accordingly, the importance of security is also increasing in proportion to the increasing number of security incidents of IoT devices. However, due to the limited performance of IoT devices, there are limitations to applying existing security solutions. Therefore, a new automatic firmware distribution solution is needed to solve this problem. To solve this problem, we propose a new automatic firmware update system that uses a hybrid blockchain that combines a public blockchain and a private blockchain. The public blockchain allows various firmware providers to distribute firmware using a common system. Private blockchain solves the transaction overload problem of the public blockchain and facilitates the management of IoT devices. It also uses distributed file storage to ensure high availability without failing. Therefore, this system is expected to be very effective for improving the security of IoT devices.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.2
• /
• pp.127-140
• /
• 2009

Recently, software piracy is one of the serious crimes for the digital materials. It makes economically devasting to the software industry and the market. In particular, it is a widespread phenomenon among university students in Korea and negative affects in measuring social and cultural level. Many studies have been focused on the users' intention of the software piracy for making anti-piracy policy. The purpose of this study is to investigate the factors affecting university students' software piracy intention. The survey includes responses from 271 university students in a school of business adminstration. The research model was estimated with multiple regression. The analysis showed results that user's characteristics, subjective norms, and perceived software quality were significantly related to intention of software piracy, but security policy was not. Perceived importance of intellectual property has negative impact on user's software piracy intention. Based on the findings, we suggest the implications for developing and implementing appropriate policies for anti-piracy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1279-1289
• /
• 2020

To securely protect users' sensitive information and national secrets, the importance of cryptographic modules has been emphasized. Currently, many companies and national organizations are actively using cryptographic modules. In Korea, To ensure the security of these cryptographic modules, the cryptographic module has been verified through the Korea Certificate Module Validation Program(KCMVP). Most of the domestic cryptographic modules are CPU-based software (S/W). However, CPU-based cryptographic modules are difficult to use in servers that need to process large amounts of data. In this paper, we propose an S/W cryptographic module that provides a high-speed operation using GPU. We describe the configuration and operation of the S/W cryptographic module using GPU and present the changes in the cryptographic module security requirements by using GPU. In addition, we present the performance improvement compared to the existing CPU S/W cryptographic module. The results of this paper can be used for cryptographic modules that provide cryptography in servers that manage IoT (Internet of Things) or provide cloud computing.

• Journal of Internet Computing and Services
• /
• v.23 no.4
• /
• pp.73-85
• /
• 2022

In the era of the 4th industrial revolution, where automation and connectivity are maximized with artificial intelligence, the importance of data collection and utilization for model update is increasing. In order to create a model using artificial intelligence technology, it is usually necessary to gather data in one place so that it can be updated, but this can infringe users' privacy. In this paper, we introduce federated learning, a distributed machine learning method that can update models in cooperation without directly sharing distributed stored data, and introduce a study to optimize distributed consensus among participants without an existing server. In addition, we propose a pattern and group-based distributed consensus optimization algorithm that uses an algorithm for generating patterns and groups based on the Kirkman Triple System, and performs parallel updates and communication. This algorithm guarantees more privacy than the existing distributed consensus optimization algorithm and reduces the communication time until the model converges.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.487-498
• /
• 2023

Security incidents using vulnerabilities in cloud services occur, but it is difficult to collect and analyze traces of incidents in cloud environments with complex and diverse service models. As a result, the importance of cloud forensics research has emerged, and infringement response scenarios must be designed from the perspective of cloud service users (CSUs) and cloud service providers (CSPs) based on representative security threat cases in the public cloud service model. This simulated hacking-based proactive cloud infringement response framework can be used to respond to the cloud service critical resource attack process from the viewpoint of vulnerability detection before cyberattacks occur on the cloud, and can also be expected for data acquisition. Therefore, in this paper, we propose a framework for preventive cloud infringement based on simulated hacking by analyzing and utilizing Cloudfox, a cloud penetration test tool.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.99-116
• /
• 2023

The importance of data in the era of the 4th industrial revolution, a hyper-connected society based on information technology such as data and AI, is increasing, and the government is actively enacting and revising laws to revitalize the data economy. It is necessary to prevent and improve problems that may set an obstacle to the revitalization of the data industry or setting the wrong direction, such as possibility of conflict between the regulatory law(Personal Information Protection Act) and the Data Activation Act, differences in position by type of specialized agencies, performance scope of Data Specialist Organization and Expert Data Combination Agency, etc. In regard, I would like to analyze the role, current situation, and use cases of Expert Data Combination Agency, listen to field opinions, and derive and introduce measures to expand the role of Expert Data Combination Agency and improve them to vitalize the data economy

• Korean Security Journal
• /
• no.32
• /
• pp.7-32
• /
• 2012

This study aimed to evaluate the relative status using Analytic Hierarchy Process(AHP) on the spiritual factors of the security martial arts for the guards to perform the best security service. There were 540 participants who were students majored in security martial arts, workers for security and specialists of practical and theoretical security martial arts for this study. The exploratory and confirmatory factor analysis were carried out using the selecting data through literature reviews in the level of the factor-extraction about the spiritual characteristics. The specialists' survey was conducted on the relative status among factors using the spiritual concept structure based on the studied above. Selected data was calculated with SPSS 18.0 for windows, AMOS 5.0, and Expert Choice 2000 software. The conclusion can be made through those process above. First, 4 general factors and 20 detailed factors were found as the result of the factor exploration related to the spiritual characteristics of the security martial arts. The result which was verified on Construction validity of searched factors had stable figures on every standard. In other words, the participants for survey on this study "Spiritual characteristic concepts of the security martial arts" can be evaluated it is valid. The general factors of security martial arts' spirit were conceptualized with Psychological spirit, ethical spirit, martial art spirit, practical spirit through the naming process on the general factors of the security martial arts' spiritual characteristic concepts. The detailed factors of security martial arts' spirit were concentration, self-confidence, self-management, immersion, self-esteem in psychological spirit and sacrifice, justice, royalty, peace, sense of duty in ethical spirit and courtesy, toughness, defense, balance of mind and body, bravery in martial arts and responsibility, cooperation, modesty, determination, professionalism in practical spirit of security martial arts. That is, the conceptualization of security martial arts' spirit was verified that it had validity. Second, the hierarchical model of the security martial arts was composed with 4 superordinate concepts and 20 subordinate concepts. As the result of evaluating relative status based on Spiritual characteristics-hierarchy model, the impotance was proven in order of ethical spirit(.482), martial art spirit(.248), practical spirit(.188), psychological spirit(.083). Also the importance related to spiritual characteristics of security martial arts on subordinate concepts was proven in order of sacrifice(.252), courtesy(.110), sense of duty(.108), responsibility(. 073), royalty(.053), toughness(.052), justice(.049), defense(.038), professionalism(.038), determination(.035), cooperation(.029), self-confidence (.026), bravery(.025), self-esteem(.024), balance of mind and body(.023), peace(.019), concentration(.014), modesty(.013), self-management(.011), flow (.007). To sum up, the spiritual factor related to ethics such as sacrifice, justice, royalty, peace, sense of duty was the most important for the security martial arts.