• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.707-724
• /
• 2024

Recently, Golang has been gaining attention in programming language rankings each year due to its cross-compilation capabilities and high code productivity. However, malware developers have also been increasingly using it to distribute malware such as ransomware and backdoors. Interestingly, Golang, being an open-source language, frequently changes the important values and configuration order of a crucial structure called Pclntab, which includes essential values for recovering deleted symbols whenever a new version is released. While frequent structural changes may not be an issue from a developer's perspective aiming for better code readability and productivity, it poses challenges in cybersecurity, as new versions with modified structures can be exploited in malware development. Therefore, this paper proposes GoAsap, a detection and analysis system for Golang executables targeting the new versions, and validates the performance of the proposed system by comparing and evaluating it against six existing binary analysis tools.

• Information Systems Review
• /
• v.26 no.1
• /
• pp.57-71
• /
• 2024

There are several ways to assess the value of personal data, but there is no standard for evaluating data value. In the case of medical my data utilization platform services, it was found that when the platform company received the user's consent and received data for the purpose of data utilization, an average of about 4,000 credits was paid per user as compensation. As in the previous case, the value of personal information is mainly measured based on the value of each individual, not on specific items of personal information. However, as the number and type of personal information increases, the value of personal information must be measured by type. This study focuses on measuring the value of unstructured personal information, especially images, and proposes standards for unstructured personal information. By measuring the value of images, we will be able to help platform companies set credit standards for compensation per person when providing data and support objective and reasonable pricing when selling B2B data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.309-327
• /
• 2022

As ICT convergence is progressing in all industrial fields and creating the global ecosystem of the supply chain is accelerating, supply chain risk related with cyber area are also increasing. In particular. the supply chain of ICT products is very complex in terms of technical and environmental factors to be managed, so it is vert difficult to transparently manage the entire life cycle. Accordingly, the US, UK, and EU, etc. are conducting and establishing cyber supply chainsecurity-related research and policies for ICT product supply chains. Korea also has the plan to establish management system to secure the supply chain of major ICT equipment as a task in the basic plan of the national cybersecurity strategy announced in 2019, but there is no concrete policy yet. So, In this paper, we review the cyber supply chain security management system in the United States and present a supplementary way to the National Information Security Manual in Korea from the perspective of cyber supply chain security. It is expected that this will serve as a reference material for cyber supply chain measures that can be introduced in domestic information security field.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.25-31
• /
• 2021

The purpose of this study was to keep the Security Control Center, which operates under a shift system, uninterrupted during the COVID-19 virus epidemic. Security facilities responding to cybersecurity threats are essential security facilities that must be operated 24 hours a day, 365 days a day in real time, and are critical to security operations and management. If security facilities such as infectious disease epidemic, system failure, and physical impact are closed or affected, they cannot respond to real-time cyberattacks and can be fatal to security issues. Recently, there have been cases in which security system facilities cannot be operated, such as the closure of facilities due to the COVID-19 virus epidemic and the availability of security systems due to the rainy season, and other cases need to be prepared. In this paper, we propose a plan to configure a security system facility as a multiplexing facility and operate it as an alternative in the event of a closed situation.

• Journal of the Korea Convergence Society
• /
• v.12 no.1
• /
• pp.1-9
• /
• 2021

Recently, new types of security crimes have been steadily occurring in Korea due to environmental changes such as the development of IT technology, and responding to these threats has become a key national task for the establishment of a safe society as well as individuals and businesses. Meanwhile, as the Zero-Contact Era has arrived since the COVID-19 Pandemics, a new convergence security threat that combines the characteristics of the Zero-Contact Era with the existing IT development is threatening our society. Research to prevent and correct these new levels of threats is continuously required in this study. Chapter 1 examined the causes of new convergence security threats and Chapter 2 discussed cybersecurity, fake news, remote voting·work and video security threats as five major threats.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.97-105
• /
• 2022

This paper explains trends in security technologies for ICS. Since ICS is usually applied to large-scale national main infrastructures and industry fields, minor errors caused by cyberattack could generate enormous economic cost. ICS has different characteristic with commonly used IT systems, so considering security threats of ICS separately with IT is needed for developing modern security technology. This paper introduce framework for ICS that analyzes recent cyberattack tactics & techniques and find out trends in Intrusion Detection System (IDS) which is representative technology for ICS security, and analyzes AI technologies used for IDS. Specifically, this paper explains data collection and analysis for applying AI techniques, AI models, techniques for evaluating AI Model.

• International Journal of Computer Science & Network Security
• /
• v.22 no.7
• /
• pp.206-212
• /
• 2022

Strengthening global geopolitical instability in the world leads to an aggravation of international conflicts; it destabilizes the domestic political situation in countries, violates the rights and freedoms of man and citizen, and also activates economic crime. The full-scale invasion of the Russian Federation on the territory of Ukraine and the deployment of military operations in a large territory of a sovereign country have created a number of destabilizing factors in the development of digital technologies and negatively affect the state and trends of digital marketing, which allows establishing interaction with a wide audience and facilitating the search for new customers in various places. The purpose of the research lies in substantiating the theoretical and applied principles for studying the features of digital marketing in the conditions of wartime posture in Ukraine. In the course of the research, general and special methods of economic analysis have been used and applied, namely: analysis and synthesis; analogies and comparisons; generalization and systematization; graphic and tabular methods. Regarding the results of the research of digital marketing in the conditions of wartime posture in Ukraine, it has been established that the intensification of the development of digital marketing is caused by the crisis phenomena of social-economic, social-political and military nature, as well as exacerbated by the challenges of the COVID-19 pandemic. It has been proven that highly developed countries use innovative digital technologies more effectively in the field of marketing, which indicates the importance of the Multidimensional Index of Digitization (the USA - MID: 0,92-0,92; the UK - MID: 0,80-0,97; Japan - MID: 0,80-0,88; Canada - MID: 0,78-0,81; Germany - MID: 0,78-0,88; France - MID: 0,72-0,76), however, the developing countries record much lower values (Ukraine - MID: 0,22-0,48). Accordingly, the level of cybersecurity in highly developed countries is also significantly higher than in transitive countries, in particular, in the United States (GCI: 0,919-0,999); Great Britain (GCI: 0,783-0,995); Canada (GCI: 0,818-0,978) and in Ukraine (GCI: 0,501-0,661).

• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.9-17
• /
• 2023

Due to COVID-19, the concept of Zero Trust, a safe security in a non-face-to-face environment due to telecomm uting, is drawing attention. U.S. President Biden emphasized the introduction of Zero Trust in an executive order to improve national cybersecurity in May 2021, and Zero Trust is a global trend. However, the most difficulty in introd ucing new technologies such as Zero Trust in Korea is excessive regulation of cloud and network separation, which is based on the boundary security model, but is limited to not reflecting all new information protection controls due to non-face-to-face environments. In particular, in order for the government's policy to ease network separation to b ecome an effective policy, the zero trust name culture is essential. Therefore, this paper aims to study legal improve ments that reflect the concept of zero trust under the Electronic Financial Transactions Act.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.71-82
• /
• 2024

With the advancement of information and communication technology (ICT), the use of electronic document types such as PDF, MS Office, and HWP files has increased. Such trend has led the cyber attackers increasingly try to spread malicious documents through e-mails and messengers. To counter such attacks, AI-based methodologies have been actively employed in order to detect malicious document files. The main challenge in detecting malicious HWP(Hangul Word Processor) files is the lack of quality dataset due to its usage is limited in Korea, compared to PDF and MS-Office files that are highly being utilized worldwide. To address this limitation, data augmentation have been proposed to diversify training data by transforming existing dataset, but as the usefulness of the augmented data is not evaluated, augmented data could end up harming model's performance. In this paper, we propose an effective semi-supervised learning technique in detecting malicious HWP document files, which improves overall AI model performance via quantifying the utility of augmented data and filtering out useless training data.

• Information Systems Review
• /
• v.25 no.3
• /
• pp.179-197
• /
• 2023

As a sufficient workforce supports the industry's growth, workforce training has also been carried out as part of the industry promotion policy. However, the market still has a shortage of skilled mid-level workers. The information security disclosure requires organizations to secure personnel responsible for information security work. Still, the division between information technology work and job areas is unclear, and the pay is not high for responsibility. This paper compares job keywords in advertisements for the information security workforce for 2014, 2019, and 2022. There is no difference in the keywords describing the job duties of information security personnel in the three years, such as implementation, operation, technical support, network, and security solution. To identify the actual needs of companies, we also analyzed and compared the contents of job advertisements posted on online recruitment sites with information security sector knowledge and skills defined by the National Competence Standards used for comprehensive vocational training. It was found that technical skills such as technology development, network, and operating system are preferred in the actual workplace. In contrast, managerial skills such as the legal system and certification systems are prioritized in vocational training.