• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.255-264
• /
• 2016

Due to the development of information and communication technology, the great change on economics has grown and the biggest change is the e-commerce. With the methods of electronic financial frauds becoming advanced, reported phishing incidents have greatly increased. The Fraud Detection System(hereafter FDS) has taken effect to prevent electronic financial frauds, but economic losses still occurring. This Paper aims to analyze the financial environment, financial information technology environment, financial information technology security environment and some features of the institutional changes. In order to supplement the defect of FDS, it gives some recommendations for the improvement of the effective FDS Management System and information sharing on frauds with some public institution and a major consideration for collection or utilization of personal information.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.213-218
• /
• 2021

This paper proposes a technique for detecting a significant threat that attempts to get sensitive and confidential information such as usernames, passwords, credit card information, and more to target an individual or organization. By definition, a phishing attack happens when malicious people pose as trusted entities to fraudulently obtain user data. Phishing is classified as a type of social engineering attack. For a phishing attack to happen, a victim must be convinced to open an email or a direct message [1]. The email or direct message will contain a link that the victim will be required to click on. The aim of the attack is usually to install malicious software or to freeze a system. In other instances, the attackers will threaten to reveal sensitive information obtained from the victim. Phishing attacks can have devastating effects on the victim. Sensitive and confidential information can find its way into the hands of malicious people. Another devastating effect of phishing attacks is identity theft [1]. Attackers may impersonate the victim to make unauthorized purchases. Victims also complain of loss of funds when attackers access their credit card information. The proposed method has two major subsystems: (1) Data collection: different websites have been collected as a big data corresponding to normal and phishing dataset, and (2) distributed detection system: different artificial algorithms are used: a neural network algorithm and machine learning. The Amazon cloud was used for running the cluster with different cores of machines. The experiment results of the proposed system achieved very good accuracy and detection rate as well.

• Knowledge Management Research
• /
• v.19 no.2
• /
• pp.109-132
• /
• 2018

Recently, new financial services related to FinTech has gained attention more and more. Online P2P financial services transactions such as FinTech require careful examination of the constituents of information systems as an investment is made based on the information presented on the online platform without direct face-to-face contact. The purpose of this study is to find out the success factors of online P2P Lending service among FinTech. To serve the purpose, we build IS (information system) success model, and then use Kano model and fuzzy analytic hierarchy process (Fuzzy-AHP) to find out factors for the success of online P2P Lending service. In particular, this study uses Kano model to classify information system satisfaction factors and to calculate the satisfaction coefficient. The Kano model, however, has a drawback of evaluating single criterion. Therefore, we use multi-criteria decision-making technique such as Fuzzy-AHP to derive the relative importance of the factors. The analysis results show different results depending on the analysis technique. In the Kano model, most of the information system factors are a one-dimensional quality attribute. The satisfaction coefficient is highest for personalized service, followed by the responsiveness of service, ease of using a system, understanding of information, usefulness of information' reliability. The service reliability is the highest in dissatisfaction coefficient, followed by system security, service responsiveness, system stability, and personalized service. The results of the Fuzzy-AHP analysis shows that the usefulness of information quality, the personalization of service quality, and the security of system quality are the significant factors and the stability of system quality was a secondary factor.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.4
• /
• pp.953-960
• /
• 2016

Due to the prevalent use of online systems and the increasing amount of accessible information, the influence of recommender systems is growing bigger than ever. However, there are several attempts by malicious users who try to compromise or manipulate the reliability of recommender systems with cyber-attacks. By analyzing the ratio of 'sympathy' against 'apathy' responses about a concerned review and reflecting the results in a recommendation system, we could present a way to improve the performance of a recommender system and maintain a robust system. After collecting and applying actual movie review data, we found that our proposed recommender system showed an improved performance compared to the existing recommendation systems.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.2
• /
• pp.843-859
• /
• 2018

Cybersecurity has emerged as a serious problem in Korea and there have been relevant movements to improve domestic cybersecurity policy and system. However, discussions have yet to result in actual progress and the legislation for improvement of cybersecurity policy and system have been stagnant until now. As evidenced by the introduction of primary government legislation bill for national cybersecurity in 2017, the preparations for improvements to the policy and system are still in progress. However, we cannot be positive about the possibility of implementing these improvements during the process. Recognition of the importance of cybersecutiry has gradually risen and is more prevalent than in years past, however, in-depth discussions are not being made. In principle, misunderstandings about cybersecurity itself and insufficient understandings of the relevant legislation seem to cause such problems. Therefore, it is necessary to review key issues related to the improvement of cybersecurity policy and system and reconsider tasks for the future. Such issues include the relationship between cybersecurity and fundamental rights, establishing responsibility and capability of each of entities for cybersecurity, and the role of the military in cybersecurity. This type of in-depth discussion will be helpful for finding ways to improve upon cybersecurity policy and system. Moreover, this study aims to key issues with questionnaire survey and political and normative inquiry.

• The Journal of Information Technology
• /
• v.3 no.1
• /
• pp.89-97
• /
• 2000

Electronic commerce on the network requires a new payment system, electronic cash that carries digitalized information of cash. The new system, however, demands the security and privacy because electronic cash is different from real cash in that it can be easily duplicated, forged, or traced. Therefore, electronic cash system should be guaranteed security and privacy to be used as a new payment mechanism with assurance. First, this paper analyzes the existing electronic cash system involving electronic coins, divisible electronic bills, and electronic license. Then the paper proposes a new electronic cash system which claims to be more efficient in the amount of communication and computation. Finally, this study attempts to solve the problem of electronic license.

• Journal of Legislation Research
• /
• no.54
• /
• pp.155-192
• /
• 2018

As the 'hyper-connected society' has emerged through the 'Fourth Industrial Revolution, public interests as well as social dangers have increased. Above all, the risk of infringement of information, including confidential personal information, is dramatically increasing. As the hyper-connected society has been realized, even if only one of the internet devices is hacked, there would be a danger that the ripple effect of such a hacking spreads to the whole network. Therefore, the necessity and importance of information security, including cybersecurity, has been increasing. In other words, the stability of cyberspace and internet space is becoming more important. As a result, the Korean government is seeking to build a legal system related to information security, which would be able to cope with the information infringement problem in the hyper-connected society. However, it seems that the government is still struggling with the direction of building such a legal system. In this context, a comparative review examining the legal systems of advanced foreign countries will provide meaningful implications as to what kinds of legal policies we should devise and implement for information security. In particular, the U.S. legislative act that actively responds to the cybersecurity violations is worthy of reference. For this reason, this article systematically analyzes the current status of the U.S. cybersecurity laws. Especially, this article focuses on the "Cybersecurity Information Sharing Act of 2015"(hereinafter "CISA"), that was recently enacted by the U.S. congress. The CISA prescribes the systemic and detailed information-sharing between national and private entities. The CISA, that actively promotes information-sharing, is full of suggestions for us, in that information-sharing is an effective way to properly realize information security in today's hyper-connected society.

• Convergence Security Journal
• /
• v.10 no.2
• /
• pp.27-35
• /
• 2010

We implemented an application system which is able to verify visitor identification for remote bundle control based on OSGi and web camera control using embedded linux system. This system are designed open Oscar framework by porting java on the embedded linux system and implemented web camera system in local area networks. Also This system can verify information of visitor from receiving the data of RFID reader and designed the wireless internet system in home. Basically, in this paper we expect that home network system development and the period of application service development are reduced with integrated service provision based on OSGi.

• International Journal of Computer Science & Network Security
• /
• v.24 no.9
• /
• pp.202-206
• /
• 2024

Robust system may not guaranty its applicability and adaptability. That is why research and development go together in the modern research concept. In this paper we are going to examine the applicability and adaptability of gait-based biometric identity verification system especially in the GCC (Gulf Cooperation Council). The system itself closely involved with human interaction where privacy and personality are in concern. As of 1^st phase of our research we will establish gait-based identity verification system and then we will explain them in and out of human interaction with the system. With involved interaction we will conduct an extensive survey to find out both applicability and adoptability of the system. To conduct our experiment, we will use UCMG databased [1] which is readily available for the research community with more than three thousand video sequences in different viewpoint collected in various walking pattern and clothing. For the survey we will prepare questioners which will cover approach of data collection, potential traits to collect and possible consequences. For analyzing gait biometric trait, we will apply multivariate statistical classifier through well-known machine learning algorithms in a ready platform. Similarly, for the survey data analysis we will use similar approach to co-relate the user view point for such system. It will also help us to find the perception of the user for the system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1551-1560
• /
• 2016

With the advancement of wearable devices and wireless body are networks, smart healthcare systems based on such technologies have been emerging to effectively monitor patient health and disease progression. In order to implement viable smart healthcare systems, the security and privacy of patient's personal health information must be considered. Yang et al. proposed a privacy-preserving authentication scheme using key-insulation technique for remote health monitoring system, however, key-insulation technique is not properly adapted to their scheme which in turn causes a security pitfall contrary to their assertions. Besides, Yang et al.'s scheme does not guarantee user anonymity against healthcare service provider. Therefore, in this paper, we discuss the security concerns for Yang et al.'s scheme and present an improved anonymous authentication scheme.