• Journal of Information Technology Services
• /
• v.7 no.1
• /
• pp.117-130
• /
• 2008

Multi-attribute risk assessments provide a useful framework for systematic quantitative risk assessment that the security manager can use to prioritize security requirements and threats. In the first step, the security managers identify the four significant outcome attributes(lost revenue, lost productivity, lost customer, and recovery cost). Next. the security manager estimates the frequency and severity(three points estimates for outcome attribute values) for each threat and rank the outcome attributes according to AHP(Analytic Hierarchy Process). Finally, we generate the threat index by using muiti-attribute function and make sensitivity analysis with simulation package(Crystal Ball). In this paper, we show how multi-attribute risk analysis techniques from the field of security risk management can be used by security managers to prioritize their organization's threats and their security requirements, eventually they can derive threat index. This threat index can help security managers to decide whether their security investment is consistent with the expected risks. In addition, sensitivity analysis allows the security manager to explore the estimates to understand how they affect the selection.

• Journal of Korea Society of Industrial Information Systems
• /
• v.26 no.5
• /
• pp.69-77
• /
• 2021

This study aims to identify security-based threat information for an organization. This is because protecting the threat for IT systems plays an important role for an corporate's intangible assets. Security monitoring systems determine and consequently respond threats by analyzing them in a real time situation, focusing on events and logs generated by security protection programs. The security monitoring task derives priority by dividing threat information into reputation information and analysis information. Reputation information consisted of Hash, URL, IP, and Domain, while, analysis information consisted of E-mail, CMD-Line, CVE, and attack trend information. As a result, the priority of reputation information was relatively high, and it is meaningful to increase accuracy and responsiveness to the threat information.

• Journal of Information Science Theory and Practice
• /
• v.7 no.1
• /
• pp.52-71
• /
• 2019

An insider threat is a threat that comes from people within the organization being attacked. It can be described as a function of the motivation, opportunity, and capability of the insider. Compared to managing the dimensions of opportunity and capability, assessing one's motivation in committing malicious acts poses more challenges to organizations because it usually involves a more obtrusive process of psychological examination. The existing body of research in psycholinguistics suggests that automated text analysis of electronic communications can be an alternative for predicting and detecting insider threat through unobtrusive behavior monitoring. However, a major challenge in employing this approach is that it is difficult to minimize the risk of missing any potential threat while maintaining an acceptable false alarm rate. To deal with the trade-off between the risk of missed catches and the false alarm rate, we propose a unified psycholinguistic framework that consolidates multiple text analyzers to carry out sentiment analysis, emotion analysis, and topic modeling on electronic communications for unobtrusive psychological assessment. The user scenarios presented in this paper demonstrated how the trade-off issue can be attenuated with different text analyzers working collaboratively to provide more comprehensive summaries of users' psychological states.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.125-134
• /
• 2020

The potential security threat is increasing as the supply of ICT products to the defense sector increases with the development of information and communication technology. Attempts to neutralize, such as intelligence gathering and destruction, through attacks on the defense power support system and the intelligence system of the weapons system could pose a fatal threat.Therefore, security measures of supply chain shear system that take into account ICT product production and operation stage to maintenance stage are needed in defense field. In the paper, technical and administrative measures for responding to 12 ICT supply chain security threats at each stage of the defense ICT supply chain life cycle were presented.

• Journal of Korean Public Health Nursing
• /
• v.35 no.2
• /
• pp.283-296
• /
• 2021

Purpose: The aim of this study was to investigate the influence of threat perception and psychological reactance to graphic health warnings on cigarette packages on intention to quit smoking among smoking adolescents. Methods: The participants were 185 smoking adolescents attending two industrial specialized high schools, who had witnessed graphic health warnings on cigarette packages within the previous 30 days. Collected data were analyzed using descriptive statistics, the t-test, one-way analysis of variance, Pearson's correlation coefficients, and hierarchical multiple regression analysis using SPSS/WIN Ver. 25.0. Results: The results showed that participant threat perception (𝛽=.14, p=.037) after witnessing a cigarette warning message had a positive influence on intention to quit smoking. On the other hand, psychological reactance (𝛽=-.23, p=.001) showed a negative influence on intention to quit smoking. Conclusion: When designing and developing a message for smoking adolescents, customized messages are required to reflect teenagers' characteristics and raise threat perception and lower psychological reactance. In addition, we propose a future study be conducted to determine the influences of various psychological determinants, including self-efficacy and skills, on threat perception and psychological reactance to graphic health warnings on cigarette packages among smoking adolescents.

• Korean Security Journal
• /
• no.17
• /
• pp.33-51
• /
• 2008

According to dictionary, the meaning of protection is "guard and protect" that means protecting the Protectee's safety in case of sudden attack or various accident and Security means all protecting activity including Protectee and place where he is in or will be as comprehensively meaning of safe. As you see in the definition, Protection and security is the act to protect or will to protect from a security-threat act. A security-threat act can be discussed in the range of the concept of a criminal act in Criminal Law. A security-threat act is based on criminal act in Criminal Law, we are going to review such a security-threat act in a point of view in a sphere of learning in today's remarkable a brain-neuro science and cognitive science based on cognitive psychology, and to use an analysis on such a security-threat act to make a foundation for a establishment of the scientific preventive social security countermeasure. To do so, First of all we are going to review a security-threat act based on criminal act in Criminal Law in a point of protection police logic view. Next, we are going to introduce how cognitive science understand about act of man before we analyse a threat act as one of an act of man in cognitive science point of view. Finally, we are going to discuss the need of cognitive scientific analyse in order to establish the Scientific Preventive Social-security Countermeasure at the same time we are going to analyse a threat act in a cognitive scientific view.

• Korean Journal of Culture and Social Issue
• /
• v.25 no.2
• /
• pp.119-135
• /
• 2019

There have been many efforts to reduce prejudice and discrimination against people with mental illness in our community. Studies have shown that the threat to people with mental illness is a important factor. In this study, we focused on contact experience and sense of community that are believed to influence both realistic and symbolic threat We looked the differences in threat depending on the type of contact(family, friends/coworker, public places, no contact) with people with mental illness. Next, if there is contact experience, we questioned that the quality of the experience could influence the threats in all types of contact. Finally, could contact experience and sense of community affect the threats? The total of 465 respondents were surveyed in this study. The result showed that the realistic threat were not different depending on the types of contact, but that the symbolic threat were more higher people with no-contact experience than people with contact experience. The quality of experience had a significant effect on both threats, except in the case of the family contact on realistic threat. Lastly, sense of community was analyzed as a significant variable for both realistic and symbolic threats. Based on these results, we discussed the impact of contact and sense of community and implications of this study.

• Journal of the Korea Convergence Society
• /
• v.6 no.3
• /
• pp.65-71
• /
• 2015

Based on Technology Threat Avoidance Theory, this study explains the process that the users cope with IT Threat and accomplish IS outcome. To empirically test the proposed model, data were collected through a survey of respondents who have the experience of using IS, and analyzed by using structural equations modelling. The result shows IT Threat had negative effects on Problem-Focused Coping and IS Appropriation. Also Problem-Focused Coping had significant effects on IS Appropriation and IS Appropriation had positive relation on IS Performance. In conclusion the study proposed that IT users improve Convergence Information System Performance by Problem-Focused Coping when they perceive IT Threat.

• Journal of Korean Association for Spatial Structures
• /
• v.11 no.4
• /
• pp.89-99
• /
• 2011

As the scope of the target of terrorism is recently extending, the danger of domestic terroristic attacks is increasing constantly, and the form of terrorism is changing from hard targets such as significant facilities of the country into soft target of multi-complex buildings such as skyscrapers. Accordingly this study analyzes the terrorism threat level on skyscrapers by comparing the assessment results of the terrorism threat level on skyscrapers and high-rise buildings with the assessment results of the terrorism threat level on low-rise buildings through fema 455 - Rapid Visual Screening. As a result, skyscrapers and high-rise buildings are relatively higher threat rating than consequences and vulnerability rating. This is caused by the fact that the terrorism threat level on skyscrapers is high due to their residents and their national or regional symbolism and visibility

• Journal of the Korean Institute of Intelligent Systems
• /
• v.22 no.6
• /
• pp.715-721
• /
• 2012

A threat evaluation is the technique which decides order of priority about tracks engaging with enemy by recognizing battlefield situation and making it efficient decision making. That is, in battle situation of multiple target it makes expeditious decision making and then aims at minimizing asset's damage and maximizing attack to targets. Threat value computation used in threat evaluation is calculated by sensor data which generated in battle space. Because Battle situation is unpredictable and there are various possibilities generating potential events, the damage or loss of data can make confuse decision making. Therefore, in this paper we suggest that substantial threat value calculation using learning bayesian network which makes it adapt to the varying battle situation to gain reliable results under given incomplete data and then verify this system's performance.