• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.42 no.2
• /
• pp.36-48
• /
• 2019

As the importance of Knowledge Management System (KMS) in the military increases, Republic of Korea Army (ROK Army) developed Army Knowledge Portal. Although the members in the military are encouraged to use the portal, few members currently use it. This study was conducted to find variables to predict the user's intention to use the portal, which contributes to activating the use of Army Knowledge Portal in the army. On the basis of Technology Acceptance Model (TAM), ten variables such as perceived ease of use, general information security awareness, information security awareness, expectation for external rewards, expectation for relationships, sense of self-worth, attitude toward compliance with security policy, attitude toward knowledge sharing, intention of non-combat knowledge sharing, and intention of combat knowledge sharing were considered as independent variables. 105 participants on active duty who currently use or have experience to use the portal participated in this study. The results indicated that general information security awareness and information security awareness increases compliance with the information security policy. In addition, the attitude toward knowledge sharing is enhanced by expectations for relationship and sense of self-worth. Based on the results, the authors propose the need for policy alternatives to reinforce the reward system and security policy, which activates the use of Knowledge Portal Service for ROK Army.

• Journal of The Institute of Information and Telecommunication Facilities Engineering
• /
• v.2 no.4
• /
• pp.71-77
• /
• 2003

Security system in internet as well as the performance in information network became more important as the internet environment is getting popular and complicate. In this study, the security system (Firewall and IDS) was installed in high speed information network and analyzed for a change in the speed of data transfer and the possibility of invasion. The selection of appropriate system, efficient detection and protection and surveillance method were suggested and analyzed In order to do experiments, an experimental model was com prized to analyze the parameters that was affected by the detection and protection system in network. This will give a standard how much we can pull up the security system maintaining the network speed.

• Convergence Security Journal
• /
• v.15 no.3_1
• /
• pp.107-114
• /
• 2015

Since 2002, information security management system has been implemented (ISMS) certification scheme whilst providing telecommunications services to enhance the level of enterprise information security was ongoing and Prevent accidents and avoid spread of infringement, such as rapid response and there is a lot of it came true. However, this system is the protection of the country or the investment company, as part of the actual information on how management affects the performance came from or how measures are still lacking for. In this study, the companies have their own privacy ISMS certification measures the level of activity continued to improve information security performance measures and methodology are presented. The government is also based on the validity of the certification system to ensure the overall implementation of the ISMS itself is this a step increase effective information security system is to be certified in advance to prevent security incidents and to improve business performance to help.

• Journal of KIISE:Information Networking
• /
• v.30 no.6
• /
• pp.776-786
• /
• 2003

Security Evaluation System is a system that evaluates the security of the entire enterprise network domain which consists of various components and that supports a security manager or a Security Management System in making decisions about security management of the enterprise network based on the evaluation. It helps the security manager or the security management system to make a decision about how to change the configuration of the network to prevent the attack due to the security vulnerabilities of the network. Security Evaluation System checks the “current status” of the network, predicts the possible intrusion and supports decision-making about security management to prevent the intrusion in advance. In this paper we analyze the requirements of the Security Evaluation System that automates the security evaluation of the enterprise network which consists of various components and that supports decision-making about security management to prevent the intrusion, and we propose a design for it which satisfies the requirements.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.2
• /
• pp.60-69
• /
• 2013

Highlighted by recent security breaches including Google, Western Energy Company, and the Stuxnet infiltration of Iranian nuclear sites, Cyber warfare attacks pose a threat to national and global security. In particular, targeted attacks such as APT exploiting a high degree of stealthiness over a long period, has extended their victims from PCs and enterprise servers to government organizations and critical national infrastructure whereas the existing security measures exhibited limited capabilities in detecting and countermeasuring them. As a solution to fight against such attacks, we designed and implemented a security monitoring system, which shares security information and helps cooperative countermeasure. The proposed security monitoring system collects security event logs from heterogeneous security devices, analyses them, and visualizes the security status using 3D technology. The capability of the proposed system was evaluated and demonstrated throughly by deploying it under real network in a ISP for a week.

• Journal of the Semiconductor & Display Technology
• /
• v.23 no.3
• /
• pp.115-120
• /
• 2024

As smartphones become more integral to daily life, security concerns, particularly regarding smishing, have risen significantly. With the increasing frequency and variety of smishing attacks, current detection methods struggle to provide effective solutions, with most commercial algorithms achieving around a 70% detection rate. This paper proposes a novel approach to enhancing smishing detection accuracy by utilizing Natural Language Processing to analyze message syntax and semantics, combined with URL Punycode conversion and whitelist techniques. The approach focuses on improving detection through comprehensive message analysis, aiming to address the limitations of existing preventive methods. The proposed system offers conceptual improvements in smishing detection strategies, providing a more robust framework for addressing evolving security challenges.

• Journal of Applied Reliability
• /
• v.14 no.2
• /
• pp.108-113
• /
• 2014

The demand against the risk analysis and information security of system from the companies or the agencies which operate an information system is increasing. ISO/IEC 27001 was established by ISO (International Organization for Standardization) and IEC (International Electrotechnical Commission). Also this standard is international and authoritative standard of ISMS (Information Security Management System). This paper is to review how the ISO 27001 ISMS Requirement has been established and improved, and to communicate the significant changes from ISO27001 : 2005 to ISO 27001 : 2013 focusing on reasons for revisions. Additionally, This paper shows case study for understanding ISO 27001 : 2013 implementation.

• International Commerce and Information Review
• /
• v.9 no.4
• /
• pp.241-261
• /
• 2007

9.11 terrors which happen in 2001 in the U.S. recognize importance about national security and Department of Commerce, country safety department, Federal Communication Commission(FCC) etc. are establishing RFID sticking plan in harbor exit and entrance container for this, and it is real condition that is preparing preparation of law and system that establishes harbor peace law(Safe Port Act) on October, 2006 and acts on for U.S. about container load cargo Europe and Asia each countries. These law and system is logistics security that strengthen search for import and export freight and security to main contents. To meet in these circumstance subsequent, this paper is to examine the following three themes. First, examined necessity of logistics security and logistics security strengthening tendency, and second, examined in achievement of logistics business and RFID, and third, presented logistics security process that utilize change of realization about logistics security and RFID's role for logistics security. Through upper investigation, this paper suggested the realization about logistics security raising, logistics security connection system construction by export step, real-time freight chase that use RFID, construction necessity of executive system and development of logistics security equipment required.

• Korean Journal of Computational Design and Engineering
• /
• v.11 no.5
• /
• pp.327-334
• /
• 2006

Recently, security incidents are growing rapidly in which internal employees let the drawing leak out to competitors or other countries. This type of security incidents has a characteristic that it occurs less frequently than other types of security incidents such as network or server security incident, but the damage is a lot more serious. The existing information security technologies to prevent internal information from being leaked out are only applicable to general documents(office documents, web pages and image files in which data are encrypted one by one). However, architectural drawings made up of collection of files with various formats(extensions) have problems with the process speed of en(de) cryption and accuracy, so the developments of security technologies by new methods are required. In this study, we design and develop a security technology based on work area with which users can protect the leakage of critical information in the kernel level while maintaining their work environment when they have to use sharing information that cannot be managed by the unit of file. As a result, we developed the "Virtual Secure Disk" which allows only authorized users and applications to have an access to drawings, and have verified its security by applying it to the actual company.

• Journal of Information Processing Systems
• /
• v.2 no.2
• /
• pp.95-100
• /
• 2006

While conventional business administration-based information technology management methods are applied to the risk analysis of information systems, no security risk analysis techniques have been used in relation to information protection. In particular, given the rapid diffusion of information systems and the demand for information protection, it is vital to develop security risk analysis techniques. Therefore, this paper will suggest an ideal risk analysis process for information systems. To prove the usefulness of this security risk analysis process, this paper will show the results of managed, physical and technical security risk analysis that are derived from investigating and analyzing the conventional information protection items of an information system.