• Proceedings of the Korean Society of Computer Information Conference
• /
• 2023.07a
• /
• pp.221-223
• /
• 2023

오늘날 전 세계적으로 연결되어 있는 인터넷을 통해 사용자들은 아무런 제약 없이 의사소통 및 거래 등 다양한 활동을 할 수 있게 되었다. 그러나 이러한 인터넷상의 자유를 범죄의 수단으로 한 인터넷상의 사이버 범죄가 급속하게 증가하고 있다. 특히 인터넷 중 하나로 분류되는 다크웹에서는 심각한 중대 범죄들이 많이 발생하고 있는데, 다크웹은 일반 네트워크와 달리 암호화 기술을 사용하는 특정 네트워크를 통해서만 접속이 가능하기 때문에 사용자에게 익명성과 비밀성을 제공할 수 웹 사이트이다. 이러한 다크웹의 특성으로 인해 마약 거래, 아동 포르노 유포, 개인정보 유출 등 다양한 사이버 범죄가 발생하고 있다. 본 논문에서는 이러한 다크웹 상에서 발생하는 주요 범죄 사례를 알아보고 이에 대한 포렌식 수사 기법의 동향을 살펴보고자 한다.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.101-106
• /
• 2023

Recently, cyberattacks are increasing in social engineering attacks using intelligent and continuous phishing sites and hacking techniques using malicious code. As personal security becomes important, there is a need for a method and a solution for determining whether a malicious URL exists using a web application. In this paper, we would like to find out each feature and limitation by comparing highly accurate techniques for detecting malicious URLs. Compared to classification algorithm models using features such as web flat panel DB and based URL detection sites, we propose an efficient URL anomaly detection technique.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.591-594
• /
• 2008

This paper explores how to characterise security properties of software components, and how to reason about their suitability for a trustworthy compositional contract. Our framework provides an explicit opportunity for software composers as well as software components to test a priori security properties of software components in a system composition. The proposed framework uses logic programming as a tool to represent security properties of atomic components and reason about their compositional matching with other components.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10c
• /
• pp.661-663
• /
• 2002

웹을 이용한 서비스는 위와 같은 여러 장점을 가지고 있지만 각종 데이터 및 문서가 웹 상에 존재하므로 가상공간에서의 문서의 처리가 위조나 변경이 가능하다. 이러한 웹 상에서의 전송 시 발생할 수 있는 수많은 역기능들을 줄일 수 있는 가장 강력한 방법은 암호 옹용 기술을 전자상거래 시스템 구축에 사용함으로써, 기밀성(confidentiality), 무결성(integrity), 인증(authentication) 등의 보안 서비스를 제공하는 것이다. 이에 본 논문에서는 현재 진행중인 표준화 단체의 동향을 파악하고 WS-Security 명세서를 통해 웹 서비스 보안의 전반적인 기술을 분석한다.

• Journal of Global Scholars of Marketing Science
• /
• v.15 no.2
• /
• pp.1-25
• /
• 2005

Unlike the traditional bricks-and-mortar marketplace, the online environment includes several distinct factors that influence Web site trust. As consumers become more savvy about the Internet, the author contends they will insist on doing business with web companies they trust. This study examines 1) how Web site trust is affected by the following web purchase-related factors: security, privacy, brand name, word-of-mouth, good online experience, and quality of information, and 2) how it influences outcomes. Unlike Urban and colleagues' study (2000), the author argues that not all e-trust bUilding programs guarantee success in building Web site trust. In addition to the mechanism depending on a program, building e-brand trust requires a systematic relationship between a consumer and a particular web site. The findings show that Web site trust does not build one or two components but are established by the interrelationships of complex components. By carefully investigating these variables in formulating marketing strategies, marketers can cultivate brand loyalty and gain a formidable competitive edge.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.1
• /
• pp.125-132
• /
• 2011

A hierarchical Web Security System, which is a solution to various web-based attacks, seemingly is not able to keep up with the improvement of detoured or compound attacks. In this paper, we suggest an efficient detecting scheme for web-based attacks like Malware, XSS, Creating Webshell, URL Spoofing, and Exposing Private Information through monitoring HTTP outbound traffics in real time. Our proposed scheme detects web-based attacks by comparing the outbound traffics with the signatures of HTML tag or Javascript created by the attacks. Through the verification analysis under the real-attacked environment, we show that our scheme installed in a hierarchical web security system has superior detection capability for detoured web-based attacks.

• Convergence Security Journal
• /
• v.7 no.4
• /
• pp.61-72
• /
• 2007

We developed a convenience-featured Web browser which is intended to enhance Web users' convenience. The integrated convenience functions are VPV(Visited Page Viewer), APV(Aligned Page Viewer), USC(User Specified Capture), and VAC(Video and Audio Converter) which is the most important feature of FLV(FLash Video file) in UCC (User Created Contents). The four functions are considered ad the most needed functions to the Web users and we referred to the opinion of frequent and advanced Web users. We addressed important algorithms and techniques in terms of the implementation of the above four functions. The implementation methods based on the MDI application using rendering technique same as in Internet Explorer 6.0 are shown with codes. The results of implementation is compared with the survey conducted on 134 Computer Science and Multimedia Engineering major students. All four integrated functions are considered to be useful.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.168-176
• /
• 2023

The use of sensors and actuators as a form of controlling cyber-physical systems in resource networks has been integrated and referred to as the Internet of Things (IoT). However, the connectivity of many stand-alone IoT systems through the Internet introduces numerous security challenges as sensitive information is prone to be exposed to malicious users. In this paper, IoT based-security issues ontology is proposed to collect, examine, analyze, prepare, acquire and preserve evidence of IoT security issues challenges. Ontology development has consists three main steps, 1) domain, purpose and scope setting, 2) important terms acquisition, classes and class hierarchy conceptualization and 3) instances creation. Ontology congruent to this paper is method that will help to better understanding and defining terms of IoT based-security issue ontology. Our proposed IoT based-security issue ontology resulting from the protégé has a total of 44 classes and 43 subclasses.

• Journal of Korea Multimedia Society
• /
• v.23 no.11
• /
• pp.1396-1405
• /
• 2020

Cyber threats such as forced personal information collection and distribution of malicious codes using malicious URLs continue to occur. In order to cope with such cyber threats, a security technologies that quickly detects malicious URLs and prevents damage are required. In a web environment, malicious URLs have various forms and are created and deleted from time to time, so there is a limit to the response as a method of detecting or filtering by signature matching. Recently, researches on detecting and predicting malicious URLs using machine learning techniques have been actively conducted. Existing studies have proposed various features and machine learning algorithms for predicting malicious URLs, but most of them are only suggesting specialized algorithms by supplementing features and preprocessing, so it is difficult to sufficiently reflect the strengths of various machine learning algorithms. In this paper, a system for predicting malicious URLs using multiple machine learning algorithms was proposed, and an experiment was performed to combine the prediction results of multiple machine learning models to increase the accuracy of predicting malicious URLs. Through experiments, it was proved that the combination of multiple models is useful in improving the prediction performance compared to a single model.

• 제어로봇시스템학회:학술대회논문집
• /
• 2002.10a
• /
• pp.54.1-54
• /
• 2002

1. Introduction 2. Related Work 3. Secure Data Transmission on web-based monitoring and control System 3.1 Requirement facts with the Security for the Secure Data Transmission 3.2 Architecture for the Secure Data Transmission 4. Conclusions and Further Research