Search

Your search keyword '"Kyungho Lee"' showing total 135 results
Start Over Author "Kyungho Lee" Topic business
135 results on '"Kyungho Lee"'

1. Data Privacy in Wearable IoT Devices: Anonymization and Deanonymization

Author

Riha Kim, Semi Park, Kyungho Lee, and Hyunsik Yoon

Subjects
Information privacy, Science (General), Article Subject, Computer Networks and Communications, business.industry, Computer science, Wearable computer, Masking (Electronic Health Record), Q1-390, Information sensitivity, Human–computer interaction, T1-995, Data Protection Act 1998, Internet of Things, business, Geographic coordinate system, Technology (General), Wearable technology, Information Systems
Abstract

With the development of IoT devices, wearable devices are being used to record various types of information. Wearable IoT devices are attached to the user and can collect and transmit user data at all times along with a smartphone. In particular, sensitive information such as location information has an essential value in terms of privacy, and therefore some IoT devices implement data protection by introducing methods such as masking. However, masking can only protect privacy to a certain extent in logs having large numbers of recorded data. However, the effectiveness may decrease if we are linked with other information collected from within the device. Herein, a scenario-based case study on deanonymizing anonymized location information based on logs stored in wearable devices is described. As a result, we combined contextual and direct evidence from the collected information. It was possible to obtain the result in which the user could effectively identify the actual location. Through this study, not only can a deanonymized user location be identified but we can also confirm that cross-validation is possible even when dealing with modified GPS coordinates.

Published
2021

2. Learning time-critical responses for interactive character control

Author

Kyungho Lee, Sehee Min, Jehee Lee, and Sunmin Lee

Subjects
Recurrent neural network, Computer science, business.industry, Human–computer interaction, Character (computing), Control (management), Architecture, business, Computer Graphics and Computer-Aided Design, Composition (language), Motion (physics), Agile software development, Network model
Abstract

Creating agile and responsive characters from a collection of unorganized human motion has been an important problem of constructing interactive virtual environments. Recently, learning-based approaches have successfully been exploited to learn deep network policies for the control of interactive characters. The agility and responsiveness of deep network policies are influenced by many factors, such as the composition of training datasets, the architecture of network models, and learning algorithms that involve many threshold values, weights, and hyper-parameters. In this paper, we present a novel teacher-student framework to learn time-critically responsive policies, which guarantee the time-to-completion between user inputs and their associated responses regardless of the size and composition of the motion databases. We demonstrate the effectiveness of our approach with interactive characters that can respond to the user's control quickly while performing agile, highly dynamic movements.

Published
2021

3. Gut Microbiota-Immune System Interactions during Acute Kidney Injury

Author

Sanjeev Noel, Sepideh Gharaie, Kyungho Lee, Fuad Mohammad, James A. White, and Hamid Rabb

Subjects
medicine.medical_treatment, 030232 urology & nephrology, 030204 cardiovascular system & hematology, Gut flora, 03 medical and health sciences, 0302 clinical medicine, Immune system, Antigen, Humans, Medicine, Kidney, biology, business.industry, Acute kidney injury, General Medicine, Acute Kidney Injury, biology.organism_classification, Natural killer T cell, medicine.disease, Gastrointestinal Microbiome, medicine.anatomical_structure, Cytokine, Immune System, Perspective, Immunology, Dysbiosis, business, CD8
Abstract

Distant organ crosstalk during AKI, first studied mechanistically in the lung (1), is now known to play an important role in disease outcomes. The relationship between intestinal microbiota and AKI has also been explored, resulting in exciting findings that are promising for future human therapeutics. In search of ways to reduce kidney T cells by using “cleaner,” germfree (GF) mice, it was unexpectedly found that GF mice not only retained their kidney immune cells, but also had a higher number of natural killer T (NKT) cells and reduced IL-4 levels compared with normal wild-type (WT) mice. Moreover, GF mice subjected to kidney ischemia-reperfusion (IR) injury had increased CD8 T-cell trafficking and inflammatory cytokine mediators compared with normal WT mice (2). Induction of ischemic AKI in GF mice led to a worse course of AKI, in terms of both structure and function. Conventionalizing GF mice with normal mouse stool led to normalizing T-cell and NKT populations, and relative protection from AKI, compared with GF mice (2). It was subsequently observed that early exposure to gut microbiota during development was associated with long-term changes in NKT-cell function in nonrenal tissues, and NKT cells in GF mice had a less mature phenotype with diminished activation capacity upon antigen encounter (3,4). To elucidate whether the effects were bidirectional and AKI led to changes in the gut microbiome, gut microbiota was evaluated in C57BL/6 WT mice after ischemic or nephrotoxic (cisplatin; CP) injury. DNA was isolated from the fecal pellets ( n =4–5 per group) at baseline (D0) and at 3 days (D3) post-IR. The V3–V5 region of the 16S ribosomal RNA gene was amplified using the 357F/926R primer set and sequenced using the Roche/454 platform. IR and CP modified the relative abundance of specific bacterial species belonging to the phyla Actinobacteria, Bacteroidetes, Firmicutes, …

Published
2021

4. Will EU’s GDPR Act as an Effective Enforcer to Gain Consent?

Author

Changsoo Lee, Jemin Justin Lee, Kyungho Lee, Jinhyoung Hong, Junhyoung Oh, and Simon S. Woo

Subjects
Structure (mathematical logic), General Computer Science, Computer science, business.industry, Privacy policy, 05 social sciences, Internet privacy, General Engineering, 050801 communication & media studies, 02 engineering and technology, Service provider, Python (programming language), computer.software_genre, 0508 media and communications, Order (business), 020204 information systems, General Data Protection Regulation, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), General Materials Science, Web service, business, computer, computer.programming_language
Abstract

Since the GDPR was implemented in 2018, organizations that collect data from the EU residents are required to receive the user’s consent. Organizational measures to ensure that the organizations are compliant to the recently enacted GDPR are still abstract and ambiguous. Moreover, data subjects and controllers have demanded the practice of obtaining consent from organizations. By observing the case law and guidelines related to the GDPR provisions, we deduced four consent conditions. Then, we examined how online service provider’s websites are making efforts to implement the GDPR framework. For this, we identified key characteristics of these websites, such as the existence of consent buttons. In order to help the data subjects obtain consent, we proposed an automatic tool that can check the consent conditions by checking the websites. Our study examined 10,000 websites for 26 days using the Python libraries with the tool automatically crawling the website information and analyzes the HTML structure according to the specified conditions. In addition, this tool crawls the privacy policy of each website. Moreover, it automatically determines whether it meets the four consent conditions by calculating it according to the formula defined in the consent condition. To evaluate the tool’s accuracy, the researchers manually analyzed 500 websites and compared the manual analysis with the results of the tool’s automatic analysis. We found that this tool differentiates itself through qualitative comparisons with other GDPR meters.

Published
2021

5. A Review of Insider Threat Detection Approaches With IoT Perspective

Author

Aram Kim, Jinho Ryu, Kyungho Lee, and Junhyoung Oh

Subjects
General Computer Science, Computer science, Literature based, 02 engineering and technology, Computer security, computer.software_genre, Insider, 0202 electrical engineering, electronic engineering, information engineering, dataset, General Materials Science, survey, Government, business.industry, General Engineering, Insider threat, 020206 networking & telecommunications, Application layer, Research objectives, Internet-of-Things, 020201 artificial intelligence & image processing, lcsh:Electrical engineering. Electronics. Nuclear engineering, Internet of Things, business, computer, Insider threat detection, lcsh:TK1-9971
Abstract

Security professionals, government agencies, and corporate organizations have found an inherent need to prevent or mitigate attacks from insider threats. Accordingly, active research on insider threat detection has been conducted to prevent and mitigate adverse effects such as leakage of valuable information that may be caused by insiders. Along with the growth of Internet-of-Things (IoT), new security challenges arise in the existing security frameworks. Attack surfaces are significantly enlarged which could cause a severe risk in terms of company insider threat management. In this work, we provide a generalization of aspects of insider threats with IoT and analyze the surveyed literature based on both private and public sources. We then examine data sources considering IoT environments based on the characteristics and the structure of IoT (perceptual, network, and application layers). The result of reviewing the study shows that using the data source of the network and application layer is more suitable than the perceptual layer in the IoT environment. We also categorized each layer’s data sources according to their features, and we investigated research objectives and methods for each category. Finally, the potential for utilization and limitations under the IoT environment are presented at the end of each layer examination.

Published
2020

6. Early postoperative urinary MCP-1 as a potential biomarker predicting acute rejection in living donor kidney transplantation: a prospective cohort study

Author

Cheol-Jung Lee, Kyunga Kim, Jae Berm Park, Wooseong Huh, Hye Ryoun Jang, Junseok Jeon, Ghee Young Kwon, Jung Eun Lee, Dae Joong Kim, Minjung Kim, Yoon Goo Kim, Mee Yeon Park, Kyungho Lee, Kyo Won Lee, Sungjun Hong, and Kyeong Eun Yang

Subjects
Adult, Graft Rejection, Male, medicine.medical_specialty, Chemokine, Science, Urinary system, Urology, Urine, Living donor, Predictive Value of Tests, medicine, Humans, Clinical significance, Prospective Studies, Prospective cohort study, Chemokine CCL2, Kidney transplantation, Multidisciplinary, biology, business.industry, medicine.disease, Kidney Transplantation, biology.protein, Medicine, Cytokines, Immunohistochemistry, Female, Chemokines, business, Biomarkers, Glomerular Filtration Rate
Abstract

We investigated the clinical relevance of urinary cytokines/chemokines reflecting intrarenal immunologic micromilieu as prognostic markers and the optimal measurement timing after living donor kidney transplantation (LDKT). This prospective cohort study included 77 LDKT patients who were followed for ≥ 5 years. Patients were divided into control (n = 42) or acute rejection (AR, n = 35) group. Early AR was defined as AR occurring within 3 months. Serum and urine cytokines/chemokines were measured serially as follows: intraoperative, 8/24/72 h, 1 week, 3 months, and 1 year after LDKT. Intrarenal total leukocytes, T cells, and B cells were analyzed with immunohistochemistry followed by tissueFAXS. Urinary MCP-1 and fractalkine were also analyzed in a validation cohort. Urinary MCP-1 after one week was higher in the AR group. Urinary MCP-1, fractalkine, TNF-α, RANTES, and IL-6 after one week were significantly higher in the early AR group. Intrarenal total leukocytes and T cells were elevated in the AR group compared with the control group. Urinary fractalkine, MCP-1, and IL-10 showed positive correlation with intrarenal leukocyte infiltration. Post-KT 1 week urinary MCP-1 showed predictive value in the validation cohort. One-week post-KT urinary MCP-1 may be used as a noninvasive diagnostic marker for predicting AR after LDKT.

Published
2021

9. Usability Evaluation Model for Biometric System considering Privacy Concern Based on MCDM Model

Author

Junhyoung Oh, Ukjin Lee, and Kyungho Lee

Subjects
Article Subject, Biometrics, Computer Networks and Communications, business.industry, Computer science, 05 social sciences, Iris recognition, Usability, 02 engineering and technology, Fingerprint recognition, Multiple-criteria decision analysis, Facial recognition system, Empirical research, Human–computer interaction, lcsh:Technology (General), 0502 economics and business, 0202 electrical engineering, electronic engineering, information engineering, lcsh:T1-995, 050211 marketing, 020201 artificial intelligence & image processing, Relevance (information retrieval), lcsh:Science (General), business, lcsh:Q1-390, Information Systems
Abstract

Biometric devices play an integral role in consumer’s daily life, providing a seamless environment. However, it is essential to measure the usability of biometrics, owing to the elements of biometrics satisfying both usability and security. This study redefines the elements of biometrics pertaining to usability determined in previous studies and adds elements of psychological relevance, such as privacy concerns. To organize the interrelated usability structure systemically, this paper applies the DEcision MAking Trial and Evaluation Laboratory (DEMATEL) to derive the usability structure. Thereupon, the established structure is applied in the clustered weighted Analytical Network Processes (ANP) to generate the proposed usability evaluation model. By these methods, the pertinent relationships between the factors are clarified and the weight of each element is determined. In the empirical study, 106 students measured usability of the fingerprint recognition system, iris recognition system, and facial recognition system employing our usability evaluation model. The results of this model generate the quantitative score of usability for biometric systems and suggest strategies to increase the score. The proposed usability evaluation model can comprehensively assist usability practitioners to evaluate biometric systems.

Published
2019

12. Interactive character animation by learning multi-objective control

Author

Jehee Lee, Kyungho Lee, and Seyoung Lee

Subjects
business.industry, Computer science, Deep learning, Process (computing), 020207 software engineering, 02 engineering and technology, Computer Graphics and Computer-Aided Design, Motion (physics), Character (mathematics), Recurrent neural network, Human–computer interaction, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Character animation, 020201 artificial intelligence & image processing, Artificial intelligence, business, Generator (mathematics)
Abstract

We present an approach that learns to act from raw motion data for interactive character animation. Our motion generator takes a continuous stream of control inputs and generates the character's motion in an online manner. The key insight is modeling rich connections between a multitude of control objectives and a large repertoire of actions. The model is trained using Recurrent Neural Network conditioned to deal with spatiotemporal constraints and structural variabilities in human motion. We also present a new data augmentation method that allows the model to be learned even from a small to moderate amount of training data. The learning process is fully automatic if it learns the motion of a single character, and requires minimal user intervention if it deals with props and interaction between multiple characters.

Published
2018

13. Dietary Modification Alters the Intrarenal Immunologic Micromilieu and Susceptibility to Ischemic Acute Kidney Injury

Author

Kyeong Eun Yang, Yoon-Goo Kim, Hye Ryoun Jang, Junseok Jeon, Dae Joong Kim, Ghee Young Kwon, Wooseong Huh, Jung Eun Lee, and Kyungho Lee

Subjects
0301 basic medicine, lcsh:Immunologic diseases. Allergy, medicine.medical_specialty, VEGF receptors, Immunology, ischemia-reperfusion injury, Renal function, 030204 cardiovascular system & hematology, Diet, High-Fat, Kidney, Body weight, Proinflammatory cytokine, Mice, 03 medical and health sciences, 0302 clinical medicine, Renal injury, Ischemia, Internal medicine, high-salt diet, medicine, Animals, Humans, Immunology and Allergy, Cytotoxic T cell, Hypoxia, Original Research, biology, business.industry, Acute kidney injury, medicine.disease, Mice, Inbred C57BL, 030104 developmental biology, Endocrinology, high-fat diet, Cellular Microenvironment, acute kidney injury, biology.protein, Cytokines, Disease Susceptibility, immunologic micromilieu, business, diet, lcsh:RC581-607, Infiltration (medical), Diet Therapy
Abstract

The versatility of the intrarenal immunologic micromilieu through dietary modification and the subsequent effects on susceptibility to ischemic acute kidney injury (AKI) are unclear. We investigated the effects of high-salt (HS) or high-fat (HF) diet on intrarenal immunologic micromilieu and development of ischemic AKI using murine ischemic AKI and human kidney-2 (HK-2) cell hypoxia models. Four different diet regimens [control, HF, HS, and high-fat diet with high-salt (HF+HS)] were provided individually to groups of 9-week-old male C57BL/6 mice for 1 or 6 weeks. After a bilateral ischemia-reperfusion injury (BIRI) operation, mice were sacrificed on day 2 and renal injury was assessed with intrarenal leukocyte infiltration. Human kidney-2 cells were treated with NaCl or lipids. The HF diet increased body weight and total cholesterol, whereas the HF+HS did not. Although the HF or HS diet did not change total leukocyte infiltration at 6 weeks, the HF diet and HF+HS diet increased intrarenal CD8 T cells. Plasma cells increased in the HF and HS diet groups. The expression of proinflammatory cytokines including TNF-α, IFN-γ, MCP-1, and RANTES was increased by the HF or HS diet, and intrarenal VEGF decreased in the HS and HF+HS diet groups at 6 weeks. Deterioration of renal function following BIRI tended to be aggravated by the HF or HS diet. High NaCl concentration suppressed proliferation and enhanced expression of TLR-2 in hypoxic HK-2 cells. The HF or HS diet can enhance susceptibility to ischemic AKI by inducing proinflammatory changes to the intrarenal immunologic micromilieu.

Published
2021

14. Poly (ADP-Ribose) Polymerase Inhibitor Treatment as a Novel Therapy Attenuating Renal Ischemia-Reperfusion Injury

Author

Hye Ryoun Jang, Kyungho Lee, Junseok Jeon, Jung-Ryul Kim, Jung Eun Lee, Ghee Young Kwon, Yoon-Goo Kim, Dae Joong Kim, Jae-Wook Ko, and Wooseong Huh

Subjects
0301 basic medicine, Male, Chemokine, Pharmacology, urologic and male genital diseases, Poly (ADP-Ribose) Polymerase Inhibitor, Pathogenesis, Mice, 0302 clinical medicine, parthanatos, Medicine, Immunology and Allergy, Cell Line, Transformed, Original Research, biology, Acute kidney injury, Acute Kidney Injury, Cell Hypoxia, Treatment Outcome, Reperfusion Injury, PARP inhibitor, medicine.symptom, Chemokines, Injections, Intraperitoneal, Signal Transduction, lcsh:Immunologic diseases. Allergy, Poly ADP ribose polymerase, Immunology, Ischemia-reperfusion injury, Inflammation, Poly(ADP-ribose) Polymerase Inhibitors, Proinflammatory cytokine, 03 medical and health sciences, poly(ADP-ribose) polymerase (PARP) inhibitor, translational immunology, Animals, Humans, Naphthyridines, Cell Proliferation, Dose-Response Relationship, Drug, business.industry, medicine.disease, Mice, Inbred C57BL, Disease Models, Animal, 030104 developmental biology, inflammation, biology.protein, business, lcsh:RC581-607, 030215 immunology
Abstract

Intrarenal robust inflammatory response following ischemia-reperfusion injury (IRI) is a major factor in the pathogenesis of renal injury in ischemic acute kidney injury (AKI). Although numerous studies have investigated various agents of immune modulation or suppression for ischemic AKI, few showed reproducible effects. We hypothesized that poly (ADP-ribose) polymerase (PARP) inhibitor may favorably change post-ischemic intrarenal immunologic micromilieu by reducing damage-associated molecular pattern (DAMP) signals and improve renal outcome in ischemic AKI. The effects of JPI-289 (a PARP inhibitor) on early renal injury in a murine IRI model and hypoxic HK-2 cell model were investigated. Bilateral IRI surgery was performed in three groups of 9-week-old male C57BL/6 mice (control, JPI-289 50 mg/kg, and JPI-289 100 mg/kg; n = 9-10 in each group). Saline or JPI-289 was intraperitoneally injected. Renal function deterioration was significantly attenuated in the JPI-289 treatment groups in a dose-dependent manner. Inflammatory cell infiltration and proinflammatory cytokine/chemokine expressions in the post-ischemic kidneys were also attenuated by JPI-289 treatment. JPI-289 treatment at 0.5 and 0.75 μg/ml facilitated the proliferation of hypoxic HK-2 cells. PARP inhibition with JPI-289 treatment showed favorable effects in ischemic AKI by attenuating intrarenal inflammatory cascade in a murine model and facilitating proliferation of hypoxic HK-2 cells.

Published
2020
Full Text
View/download PDF

15. A Multi-Component Analysis of CPTED in the Cyberspace Domain

Author

Myong Hyun Go, Haengrok Oh, Kauh Janghyuk, Jemin Justin Lee, Yu Kyung Kim, Minhee Joo, Kyungho Lee, and Jeongeun Seo

Subjects
IoT, Computer science, natural surveillance, Access control, Factor analysis of information risk, computer.software_genre, lcsh:Chemical technology, Biochemistry, Article, Analytical Chemistry, Human–computer interaction, 0502 economics and business, Realm, lcsh:TP1-1185, 050207 economics, Electrical and Electronic Engineering, Instrumentation, 0505 law, FAIR, business.industry, 05 social sciences, access control, spatial syntax, Atomic and Molecular Physics, and Optics, Virtual machine, 050501 criminology, Crime prevention through environmental design, business, Cyberspace, computer, lme4, CPTED
Abstract

The visual fidelity of a virtual environment lacks the exceedingly complex layers from the physical world, but the continuous improvements of image rendering technology and computation powers have led to greater demands for virtual simulations. Our study employs Crime Prevention through Environmental Design (CPTED) as a risk control measure and utilizes two principles: Access Control and Natural Surveillance. We conducted an experiment with (n-sample: 100) graduate students. For the experiment, we utilized the Factor Analysis of Information Risk (FAIR) to quantitatively analyze the risk. Furthermore, we adopted the lme4 package for R to estimate the mixed effect of the 6,242,880 observations retrieved from Kaggle. Based on the two experiments, we were able to critically evaluate the contributions of CPTED through a multi-component analysis. Our study investigates how spatial syntax and territorial demarcation may translate in the cyberspace realm. We found that the corollaries of the mophology in the virtual environment effects the distribution of crime. The results of our study discusses how to determine the criminogenic designs and capacity in the cyberspace realm.

Published
2020

16. Turn On the Lights: User Behavior in Game Environment Using CPTED

Author

Jeongeun Seo, Minhee Joo, and Kyungho Lee

Subjects
Risk analysis, Computer science, business.industry, Role playing game, 05 social sciences, ComputingMilieux_PERSONALCOMPUTING, 020206 networking & telecommunications, 02 engineering and technology, Order (business), Human–computer interaction, 0502 economics and business, 0202 electrical engineering, electronic engineering, information engineering, Crime prevention through environmental design, Risk Control, The Internet, 050207 economics, business, Risk management
Abstract

The proliferation of the internet has allowed various online games such as Massive Multiplayer Online Role Playing Game (MMORPG) and First-Person Shooter (FPS) to garner much attention. Both MMORPG and FPS requires lower network latency, as the users are constantly required to assess and respond to the gaming environment and other users’ decisions. Our study aims to investigate the users’ psychological behavior by changing the gaming environment. We present CPTED as a risk control measure. Based on the principle of CPTED, two types of maps were designed and compared to analyze the game violence of users in each map. In order to compare the game violence of the users, 100 questionnaires were conducted. In this study, we used FAIR, a risk analysis model, to assess the threat and violence of the users.

Published
2020

17. The Gravy Value: A Set of Features for Pinpointing BOT Detection Method

Author

Semi Park and Kyungho Lee

Subjects
Computer science, business.industry, ComputingMilieux_PERSONALCOMPUTING, Service provider, Computer security, computer.software_genre, Money laundering, Random forest, Support vector machine, Software, Order (exchange), Critical success factor, business, Set (psychology), computer
Abstract

The critical success of online games has led the industry to global success, as the market size is expected to reach 18,194 USD by the year 2020. However, the success of the online game market has led to the growth of illegal activities, such as the use of game bots. Game bots are software applications capable of collecting game items, which are often banned from online game service providers. The illegal activities are not limited to tax evasion and money laundering. In order to help detect these bots, this study employs the dataset from an MMORPG called Aion. By detecting the bots using the server-side analysis, this paper analyzed user behavior and used features based on the experience, skill, and gravy value that represents the cost-efficiency. We experimented with machine learning algorithms such as MLP, SVM, and Random Forest. As a result, the F-score for detecting the total sum of the accounts that consists of the game bots and real users reached 0.9638. We believe our study may help online game service providers, future researchers, and governmental agencies to detect and classify the MMORPG game bots.

Published
2020

18. A Statistical Approach Towards Fraud Detection in the Horse Racing

Author

Hyunbeom Park, Jemin Justin Lee, Moohong Min, Kyungho Lee, and Hyojoung Shin

Subjects
Horse racing, Government, business.industry, Computer science, 05 social sciences, Big data, 02 engineering and technology, Computer security, computer.software_genre, Phenomenon, 0502 economics and business, 0202 electrical engineering, electronic engineering, information engineering, 050211 marketing, 020201 artificial intelligence & image processing, Anomaly detection, business, Internet of Things, computer
Abstract

With the inception of online betting in S. Korea, various foreigner professional gambling groups have exploited the betting regulations. This phenomenon has occurred mainly in Asia, because the regulations on gambling in these countries are complex and robust. Our study focuses on the horse racing in S. Korea, which is operated under the government funding. The foreigner gambling groups tried unlimited betting by modifying the official IoT (Internet of Things) based APP arbitrarily. We have checked that some abnormal transactions can occur by modifying this application. Our study proposes a fraud detection method that can help detecting abnormal activities and prevent them. Currently, the Korea Racing Authority (KRA) has been criticized for being ill-equipped to detect abnormal activities with the Walkerhill Incident. Our study presents a new anomaly detection model that uses a flexible window. In this study, we propose an idea that aims to detect abnormal betting transactions.

Published
2020

19. Methods to Select Features for Android Malware Detection Based on the Protection Level Analysis

Author

Chaeeun Lee, Kyungho Lee, and Eunnarae Ko

Subjects
Software_OPERATINGSYSTEMS, business.industry, Computer science, Deep learning, Confusion matrix, Feature selection, 02 engineering and technology, Permission, Computer security, computer.software_genre, Installation, Feature (computer vision), Ask price, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Artificial intelligence, Android (operating system), business, computer
Abstract

Android’s permission system is asked to users before installing applications. It is intended to warn users about the risks of the app installation and gives users opportunities to review the application’s permission requests and uninstall it if they find it threatening. However, not all android permissions ask for the user’s decision. Those who are defined as ‘Dangerous’ in the permission protection level are only being confirmed by the users in Android Google Market. We examine whether the ‘Dangerous permissions’ are actually being a main component of detection when it comes to defining the app as malicious or benign. To collect important features and to investigate the correlation between the malicious app and the permission’s protection level, feature selection and deep learning algorithms were used. The study evaluates the feature by using the confusion matrix. We used 10,818 numbers of malicious and benign applications, and 457 permission lists to investigate our examination, and it appeared that ‘Dangerous’ permissions may not be the only important factor, and we suggest a different perspective of viewing permissions.

Published
2020

20. An Artificial Intelligence Approach to Financial Fraud Detection under IoT Environment: A Survey and Implementation

Author

Kyungho Lee and Dahee Choi

Subjects
Article Subject, Computer Networks and Communications, Process (engineering), Computer science, 0211 other engineering and technologies, ComputingMilieux_LEGALASPECTSOFCOMPUTING, Feature selection, 02 engineering and technology, Computer security, computer.software_genre, Identity theft, lcsh:Technology (General), 0202 electrical engineering, electronic engineering, information engineering, lcsh:Science (General), 021110 strategic, defence & security studies, Artificial neural network, business.industry, Deep learning, Credit card, Financial transaction, lcsh:T1-995, 020201 artificial intelligence & image processing, Artificial intelligence, business, Financial fraud, computer, lcsh:Q1-390, Information Systems
Abstract

Financial fraud under IoT environment refers to the unauthorized use of mobile transaction using mobile platform through identity theft or credit card stealing to obtain money fraudulently. Financial fraud under IoT environment is the fast-growing issue through the emergence of smartphone and online transition services. In the real world, a highly accurate process of financial fraud detection under IoT environment is needed since financial fraud causes financial loss. Therefore, we have surveyed financial fraud methods using machine learning and deep learning methodology, mainly from 2016 to 2018, and proposed a process for accurate fraud detection based on the advantages and limitations of each research. Moreover, our approach proposed the overall process of detecting financial fraud based on machine learning and compared with artificial neural networks approach to detect fraud and process large amounts of financial data. To detect financial fraud and process large amounts of financial data, our proposed process includes feature selection, sampling, and applying supervised and unsupervised algorithms. The final model was validated by the actual financial transaction data occurring in Korea, 2015.

Published
2018

21. The Association between Peri-Transplant RBC Transfusion and Graft Failure after Kidney Transplantation: A Nationwide Cohort Study

Author

Hye Ryoun Jang, Seokha Yoo, Minkyoo Lee, Kyungho Lee, Seohee Lee, Eun Jin Jang, Ga Hee Kim, and Ho Geol Ryu

Subjects
Rbc transfusion, medicine.medical_specialty, Graft failure, business.industry, graft failure, Peri, Urology, kidney transplantation, Retrospective cohort study, General Medicine, medicine.disease, survival, Article, Red blood cell, medicine.anatomical_structure, Cohort, medicine, Medicine, business, Kidney transplantation, red blood cells, transfusion, Cohort study
Abstract

Background: Patients undergoing kidney transplantation (KT) often receive red blood cell (RBC) transfusion during admission for KT which may increase the risk of allosensitization. The association between peri-transplant RBC transfusion and graft survival was evaluated using a nationwide cohort. Methods: This retrospective study analyzed 13,871 patients who underwent KT in Korea between 2007 and 2015. The outcomes were graft failure rate and overall patient survival depending on the amount of RBC transfusion. Results: The overall graft failure rate was 15.5%. Compared to the graft failure rate of 13.5% in the no transfusion group, the graft failure rate was 15.4% in the 1–2 units group (sHR 1.06 (95% CI 0.97–1.17), p = 0.216), 21.4% in the 3–5 units group (sHR 1.39 (1.21–1.61), p &lt, 0.001), and 35.3% in the 6 or more units group (sHR 2.20 (1.70–2.85), p &lt, 0.001). The overall survival rate was 97.5% in the no transfusion group, compared to 95.9% in the 1–2 units group (HR 1.50 (1.22–1.83), p &lt, 0.001), 92.0% in the 3–5 units group (HR 2.43 (1.87–3.15), p &lt, 0.001), and 67.5% in the 6 or more units group (HR 6.81 (5.03–9.22), p &lt, 0.001). Conclusions: Peri-transplant RBC transfusion was independently associated with the increased risk of renal allograft failure and death in KT patients.

Published
2021

22. A Study on Selection of Block Stockyard Applying Decision Tree Learning Algorithm

Author

Jae-Joon Lee, Byeong-Wook Nam, Seung-Hwan Mun, and Kyungho Lee

Subjects
Incremental decision tree, Computer science, business.industry, Decision tree learning, ID3 algorithm, 020101 civil engineering, 02 engineering and technology, Machine learning, computer.software_genre, 01 natural sciences, 010305 fluids & plasmas, 0201 civil engineering, 0103 physical sciences, Artificial intelligence, business, computer, Selection (genetic algorithm), Block (data storage)
Published
2017

24. Terpenes from Forests and Human Health

Author

Young-Ran Lim, Im-Soon Lee, Kyungho Lee, Jae-Seok Lee, Kyoung Sang Cho, and Jang Ho Lee

Subjects
0301 basic medicine, Ecology, business.industry, Health, Toxicology and Mutagenesis, Pharmacology toxicology, Review Article, Immune function, Biology, Toxicology, Biotechnology, Terpene, 03 medical and health sciences, chemistry.chemical_compound, Human health, 030104 developmental biology, chemistry, Health, business, Beneficial effects, Forest therapy, Isoprene, Cancer, Neuronal health
Abstract

Forest bathing has beneficial effects on human health via showering of forest aerosols as well as physical relaxation. Terpenes that consist of multiple isoprene units are the largest class of organic compounds produced by various plants, and one of the major components of forest aerosols. Traditionally, terpene-containing plant oil has been used to treat various diseases without knowing the exact functions or the mechanisms of action of the individual bioactive compounds. This review categorizes various terpenes easily obtained from forests according to their anti-inflammatory, anti-tumorigenic, or neuroprotective activities. Moreover, potential action mechanisms of the individual terpenes and their effects on such processes, which are described in various in vivo and in vitro systems, are discussed. In conclusion, the studies that show the biological effectiveness of terpenes support the benefits of forest bathing and propose a potential use of terpenes as chemotherapeutic agents for treating various human diseases.

Published
2017

26. Security Risk Measurement for Information Leakage in IoT-Based Smart Homes from a Situational Awareness Perspective

Author

Kyungho Lee, Haengrok Oh, and Mookyu Park

Subjects
cyber-situational awareness, Situation awareness, Computer science, Human life, 02 engineering and technology, Computer security, computer.software_genre, lcsh:Chemical technology, Biochemistry, Article, Analytical Chemistry, Home automation, 0202 electrical engineering, electronic engineering, information engineering, lcsh:TP1-1185, Electrical and Electronic Engineering, Instrumentation, risk measurement, business.industry, Perspective (graphical), 020206 networking & telecommunications, Atomic and Molecular Physics, and Optics, Internet of Things (IoT), smart homes, Information leakage, 020201 artificial intelligence & image processing, business, Cyberspace, Internet of Things, computer, Personally identifiable information
Abstract

Internet-of-Things (IoT) is a technology that is extensively being used in various fields. Companies like Samsung, LG, and Apple are launching home appliances that use IoT as a part of their smart home business. Currently, Intelligent Things which combine artificial intelligence (AI) and IoT are being developed. Most of these devices are configured to collect and respond to human behavior (motion, voice, etc.) through built-in sensors. If IoT devices do not ensure high security, personal information could be leaked. This paper describes the IoT security threats that can cause information leakage from a hierarchical viewpoint of cyberspace. In addition, because these smart home-based IoT devices are closely related to human life, considering social damage is a problem. To overcome this, we propose a framework to measure the risk of IoT devices based on security scenarios that can occur in a smart home.

Published
2019

27. Threat Assessment for Android Environment with Connectivity to IoT Devices from the Perspective of Situational Awareness

Author

Jaehyeok Han, Kyungho Lee, Haengrok Oh, and Mookyu Park

Subjects
Situation awareness, Article Subject, Computer Networks and Communications, Computer science, Vulnerability, 02 engineering and technology, Computer security, computer.software_genre, lcsh:Technology, lcsh:Telecommunication, lcsh:TK5101-6720, 0202 electrical engineering, electronic engineering, information engineering, Electrical and Electronic Engineering, Android (operating system), lcsh:T, business.industry, 020206 networking & telecommunications, 020201 artificial intelligence & image processing, Black market, Internet of Things, business, Mobile device, computer, Threat assessment, Personally identifiable information, Information Systems
Abstract

As smartphones such as mobile devices become popular, malicious attackers are choosing them as targets. The risk of attack is steadily increasing as most people store various personal information such as messages, contacts, and financial information on their smartphones. Particularly, the vulnerabilities of the installed operating systems (e.g., Android, iOS, etc.) are trading at a high price in the black market. In addition, the development of the Internet of Things (IoT) technology has created a hyperconnected society in which various devices are connected to one network. Therefore, the safety of the smartphone is becoming an important factor to remotely control these technologies. A typical attack method that threatens the security of such a smartphone is a method of inducing installation of a malicious application. However, most studies focus on the detection of malicious applications. This study suggests a method to evaluate threats to be installed in the Android OS environment in conjunction with machine learning algorithms. In addition, we present future direction from the cyber threat intelligence perspective and situational awareness, which are the recent issues.

Published
2019
Full Text
View/download PDF

28. An Improved Model of Effectiveness on the Implementation of Personal Information Utilization Agreement in Financial Companies

Author

Kyungho Lee and Gi-hyun Jang

Subjects
060201 languages & linguistics, Finance, Computer science, Process (engineering), business.industry, media_common.quotation_subject, TheoryofComputation_GENERAL, 06 humanities and the arts, 02 engineering and technology, Agreement, 0602 languages and literature, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, Personally identifiable information, media_common
Abstract

It is required to have Personal Information Agreement when a fi nancial company uses personal information by the Law of Privacy. So, financial companies have to demand customers the s ubmission of Personal Information Agreement. Thus, financial companies have made Personal Information Agreement in various f ormats for customers. However, financial companies are lack of a verification process, the cases of collecting invalid Agreement often occurred. This study focuses on the verification pr ocess of Personal Information Agreement and the contents of Personal Information Agreement. In conclusion, this study proposes an improved model that added to the process of verification for th e concept of Agreement. Based on this study, I hope financial companies to reform their agreement process and to improve the effectiveness on the implementation of Personal Information Utilization Agreement. Keywords: Personal Information, Utilization, Written Agreement, Verification procedures, Personal Information Agreement

Published
2016

29. A Decision-Making Model for Handling Personal Information Using Metadata

Author

Yang-Ho Kim, Kyungho Lee, and In-hyun Cho

Subjects
Computer science, business.industry, Process (engineering), 020206 networking & telecommunications, 02 engineering and technology, Information security, Computer security, computer.software_genre, Insider, Metadata, 0202 electrical engineering, electronic engineering, information engineering, Systems architecture, 020201 artificial intelligence & image processing, business, Personally identifiable information, computer, Decision-making models, Risk management
Abstract

After realizing through the three large-scale data leakage incidents that intentional or accidental insider jobs are more seri ous than external intrusions, financial companies in Korea have bee n taking measures to prevent data leakage from occuring again. But, the IT system architecture reflecting the domestic financi al environment is highly complicated and thereby difficult to grasp. It is obvious that despite administrative, physical, and techni cal controls, insider threats are likely to cause personal data leakage. In this paper, we present a process that based on metadata defi nes and manages personally identifiable attribute data, and that through inter-table integration identifies personal information broadly and controls access. This process is to decrease the likelihood of violating compliance outlined by the financial su pervisory authority, and to reinforce internal controls. We der ive and verify a decision-making model that reflects the proposed p rocess.Keywords: Personally Identifiable Information, Compliance, Information S ecurity, Risk Management, Metadata

Published
2016

30. Advanced Risk Measurement Approach to Insider Threats in Cyberspace

Author

Inhyun Cho and Kyungho Lee

Subjects
business.industry, Computer science, Process (engineering), Insider threat, 02 engineering and technology, Computer security, computer.software_genre, Theoretical Computer Science, Insider, Computational Theory and Mathematics, Artificial Intelligence, Order (exchange), 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Position (finance), 020201 artificial intelligence & image processing, Leakage (economics), business, Cyberspace, computer, Software, Risk management
Abstract

Inside jobs have been a source of critical threats in cyberspace. To manage such insider threats, a proper measurement approach is required for effective risk-based decision-making. The measurement approach should include insider-related information (e.g. the significance of jobs, the position level, the required authority for data, and the type of employment) in order to better measure and analyze insider risks. In this paper, we suggest an approach that takes into account the insider-related information in calculating data leakage risk of insiders in the banking sector. We implement this approach by utilizing real-world data to calculate insider risks. We present an effective risk measurement approach, which we believe can enhance decision-making process for risk management for insider threats.

Published
2016

31. Advanced Mandatory Authentication Architecture Designed for Internet Bank

Author

Ki-seok Hong and Kyungho Lee

Subjects
Authentication, Computer science, business.industry, Internet privacy, Business model, Computer security, computer.software_genre, Internet security, Attack model, Identification (information), Security association, The Internet, business, computer, Vulnerability (computing)
Abstract

Non-face-to-face real name verification policy that financial authorities announced, in order to secure a face-to-face or more of accuracy, are in principle of multi check. The business model and legal entities of Internet banks is different from existing Internet banking. Relpacing real name verification from face-to-facd to non-face-to-face while maintaining the structure of identification can not only cause inconvenience to a first time member, but also can be more vulnerable to verious security risks. In this study, to evaluate a service level of a bank of the Internet, and provide an improved identification of the structure such that the registration and use of differentiated services is performed in accordance with the evaluation. In addition, the security that may occur with respect to Bank of the Internet to establish a vulnerability and attack model, the results of the analysis of the safety of the step-by-step security attributes and services of the authentication medium of each attack model, existing the safer than Internet banking, confirmed the usefulness in user registration guide.

Published
2015

32. Decision Making Model for Selecting Financial Company Server Privilege Account Operations

Author

Kyungho Lee and Suk-Won Lee

Subjects
Finance, Computer science, business.industry, Principle of least privilege, Analytic hierarchy process, Privilege (computing), Information security, Computer security, computer.software_genre, Account Status, business, computer, Decision-making models, Hacker
Abstract

The server privilege account must be operated through law and r egulation. However, due to regulation non-compliance and inadequate operation on financial company server privilege, an incident that every server data being deleted by hacker occur which is later being named as ‘NH Bank Cyber Attack’. In this p aper, the current operation status on financial company privilege accounts is being analysed to elicit problems and imp rovement. From the analysis, important evaluation factors will be also selected and applied generating the decision making model for financial company server privilege account operation. The evaluation factor deducted from privilege account status analys is will be used to present and verify the decision making model and formula through AHP(Analytic Hierarchy process).Keywords: Server Privilege Account, AHP, Information Security, Decision Making I.서 론 1) 1.1연구배경 및 목적2011년 4월12일 농협 전산망 해킹 사건이 발생하여 내부서버 180대(전체 440대), 웹서버 45대(전체 98대), 테스트 서버 48대(전체 49대) 총 273대(전체 587대) 서버의 모든 데이터가 삭제되어 농협 전

Published
2015

33. Effective Risk Level Assessment Using Three-Dimensional Vector Visualization

Author

Juyoung Lee, In-hyun Cho, Jaehee Lee, and Kyungho Lee

Subjects
Risk analysis, business.industry, Process (engineering), Computer science, Risk management information systems, Information security, computer.software_genre, Visualization, Identification (information), Confidentiality, Data mining, business, computer, Risk management
Abstract

Risk analysis is utilized in devising measures to manage information security risk to an acceptable level. In this risk management decision-making, the visualization of risk is important. However, the pre-existing risk visualization method is limited in visualizing risk factors three-dimensionally. In this paper, we propose an improved risk visualization method which can facilitate the identification of risk from the perspective of confidentiality, integrity, and availability respectively or synthetically. The proposed method is applied to an enterprise's risk analysis in order to verify how effective it is. We argue that through the proposed method risk levels can be expressed three-dimensionally, which can be used effectively for information security decision-making process for internal controls.

Published
2015

34. Advanced protocol against MITM attacks in Industrial Control System

Author

Sangkyo Oh, Moo-seong Ko, and Kyungho Lee

Subjects
Authentication, Computer science, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Intrusion detection system, Industrial control system, Man-in-the-middle attack, Stuxnet, Computer security, computer.software_genre, Airfield traffic pattern, PROFINET, SCADA, business, computer, Computer network
Abstract

If the industrial control system is infected by malicious worm such as Stuxnet, national disaster could be caused inevitably. Therefore, most of the industrial control system defence is focused on intrusion detection in network to protect against these threats. Conventional method is effective to monitor network traffic and detect anomalous patterns, but normal traffic pattern attacks using MITM technique are difficult to be detected. This study analyzes the PROFINET/DCP protocol and weaknesses with the data collected in real industrial control system. And add the authentication data field to secure the protocol, find out the applicability. Improved protocol may prevent the national disaster and defend against MITM attacks.

Published
2015

35. A Study on Parallax Registration for User Location onthe Transparent Display using the Kinect Sensor

Author

Kyungho Lee, Jung-Min Lee, Byeong-Wook Nam, and Yuepeng Wu

Subjects
Geographic information system, business.industry, Distortion (optics), International standard, Transparent display, law.invention, Lens (optics), Geography, law, Computer graphics (images), Information system, Computer vision, Artificial intelligence, Parallax, business
Abstract

International Hydrographic Organization(IHO) adopted standard S-100 as the international standard Geographic Information System(GIS) that can be generally used in the maritime sector. Accordingly, the next-generation system to support navigation information based on GIS standard technology has being developed. AR based navigation information system that supported navigation by overlapping navigation information on the CCTV image has currently being developed. In this study, we considered the application of a transparent display as a method to support efficiently this system. When a transparent display applied, the image distortion caused by using a wide-angle lens for parallax secure, and the disc s, and demonstrated the applicability of the technology by developing a prototype.

Published
2015

36. Perioperative risk factors of progressive chronic kidney disease following liver transplantation: analyses of a 10-year follow-up single-center cohort

Author

Jae-Won Joh, Wooseong Huh, Gaabsoo Kim, Hye Ryoun Jang, Jung Eun Lee, Jong Man Kim, Kyungho Lee, Kyunga Kim, Suk-Koo Lee, and Junseok Jeon

Subjects
medicine.medical_specialty, medicine.medical_treatment, Urology, Kidney failure, Renal function, 030230 surgery, Liver transplantation, urologic and male genital diseases, 03 medical and health sciences, 0302 clinical medicine, Diabetes mellitus, medicine, Renal insufficiency, business.industry, Acute kidney injury, Retrospective cohort study, Perioperative, medicine.disease, female genital diseases and pregnancy complications, Risk factors, Cohort, Original Article, 030211 gastroenterology & hepatology, Surgery, business, Kidney disease
Abstract

Purpose The incidence of chronic kidney disease (CKD) has been increasing due to improved survival after liver transplantation (LT). Risk factors of kidney injury after LT, especially perioperative management factors, are potentially modifiable. We investigated the risk factors associated with progressive CKD for 10 years after LT. Methods This retrospective cohort study included 292 adult patients who underwent LT at a tertiary referral hospital between 2000 and 2008. Renal function was assessed by the e stimated glomerular filtration rate (eGFR) using the Modification of Diet in Renal Disease formula. The area under the curve of serial eGFR (AUCeGFR) was calculated for each patient to assess the trajectory of eGFR over the 10 years. Low AUCeGFR was considered progressive CKD. Linear regression analyses were performed to examine the associations between the variables and AUCeGFR. Results Multivariable analysis showed that older age (regression coefficient = −0.53, P < 0.001), diabetes mellitus (DM) (regression coefficient = −6.93, P = 0.007), preoperative proteinuria (regression coefficient = −16.11, P < 0.001), preoperative acute kidney injury (AKI) (regression coefficient = −14.35, P < 0.001), postoperative AKI (regression coefficient = −3.86, P = 0.007), and postoperative mean vasopressor score (regression coefficient = −0.45, P = 0.034) were independently associated with progressive CKD. Conclusion More careful renoprotective management is required in elderly LT patients with DM or preexisting proteinuria. Postoperative AKI and vasopressor dose may be potentially modifiable risk factors for progressive CKD.

Published
2020

37. Situational Awareness Framework for Cyber Crime Prevention Model in Cyber Physical System

Author

Junhyoung Oh, Junwoo Seo, Minhee Joo, Kyungho Lee, and Mookyu Park

Subjects
Situation awareness, Computer science, business.industry, 020209 energy, Cyber-physical system, 02 engineering and technology, Factor analysis of information risk, Computer security, computer.software_genre, complex mixtures, Electronic mail, stomatognathic diseases, stomatognathic system, TheoryofComputation_LOGICSANDMEANINGSOFPROGRAMS, 0202 electrical engineering, electronic engineering, information engineering, Crime prevention through environmental design, business, Cyberspace, Personally identifiable information, computer, Risk management
Abstract

Recently, IoT, 5G mobile, big data, and artificial intelligence are increasingly used in the real world. These technologies are based on convergenced in Cyber Physical System(Cps). Cps technology requires core technologies to ensure reliability, real-time, safety, autonomy, and security. CPS is the system that can connect between cyberspace and physical space. Cyberspace attacks are confused in the real world and have a lot of damage. The personal information that dealing in CPS has high confidentiality, so the policies and technique will needed to protect the attack in advance. If there is an attack on the CPS, not only personal information but also national confidential data can be leaked. In order to prevent this, the risk is measured using the Factor Analysis of Information Risk (FAIR) Model, which can measure risk by element for situational awareness in CPS environment. To reduce risk by preventing attacks in CPS, this paper measures risk after using the concept of Crime Prevention Through Environmental Design(CPTED).

Published
2018

38. Reminder as ‘Watch-Out’: The Role of Privacy Salience at the Point of Interaction with Biometric Systems

Author

Kyungho Lee, Junhyoung Oh, and Ukjin Lee

Subjects
Biometrics, Biometric system, business.industry, Computer science, Data_MISCELLANEOUS, 05 social sciences, Internet privacy, Theory of planned behavior, 050801 communication & media studies, Usability, Fingerprint recognition, Public interest, 0508 media and communications, Salience (neuroscience), 0502 economics and business, 050211 marketing, Information presentation, business
Abstract

Biometrics users are concerned about privacy issues, while personal recognition methods are automated and easy to use. For users who want to protect their biometric information, practitioners need to take action in the public interest to better prevent users from leaking their biometric information in situations where the user interacts with the biometric system. This study explores how the user can perceive the consequences of registering biometric information through the Theory of Planned Behavior and attitude aspects. Sensitivity to potential consequences of the biological system was confirmed by the behavior and response observed by the subjects after using the biometric system. The sensitivity of the experimental group was found to be higher than that of the control group. Therefore, this study suggests that simple information presentation in system interaction can lead to more protective against privacy issue.

Published
2018

39. Threat Analysis of Wi-Fi Connected Dashboard Camera

Author

Dahee Choi, Won Mok Park, and Kyungho Lee

Subjects
Authentication, business.industry, Computer science, media_common.quotation_subject, Dashboard (business), Attack tree, STRIDE, Usability, Computer security, computer.software_genre, Data flow diagram, Information security standards, Function (engineering), business, computer, media_common
Abstract

Recently dashboard camera (dashcam) has a function of connecting Wi-Fi to a smartphone for usability. But, it has severe vulnerabilities that it doesn't have authentication process. We analyzed threats of overall functions of dashcam using Data Flow Diagram and STRIDE analysis. After that, we found that dashcam’ s vulnerabilities are closely related to Wi-Fi function and lack of authentication process. We made sets of possible attacks and presented as attack trees. Attack Tree Analysis was used to categorize and prioritize among several ways of possible attacks. This research contributes to suggest vulnerabilities of a dashcam. This emphasizes the importance that information security standards of dashcam should be made and manufacturers of dashcam should apply the standards.

Published
2018

40. A Review of Cyber Security Controls from An ICS Perspective

Author

Kyungho Lee, Juhyeon Lee, Junhyoung Oh, and Youngin You

Subjects
021110 strategic, defence & security studies, Point (typography), Computer science, business.industry, Control (management), 0211 other engineering and technologies, Information technology, 02 engineering and technology, Information security, Industrial control system, Computer security, computer.software_genre, Security controls, Critical infrastructure, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, NIST, business, computer
Abstract

As cyber attacks on national critical infrastructure have increased, researches are actively conducted to protect industrial control systems(ICS). Compared with existing IT systems, research on special attributes of ICS has been performed mainly, and based on this, many security requirements for ICSs have been derived. However, there is insufficient research on security control to understand and improve the security status of target ICS. To the best of our knowledge, only a comprehensive guide to applying existing security controls to ICSs is being presented. Therefore, this study suggests implications for the current security control items from the ICS point of view. For this purpose, each viewpoint for categorizing and analyzing information security control items was established and based on this, an integrated matrix of ICS security control was derived. Through the ICS security control matrix, the information security control items currently being guided are analyzed from the viewpoint of the ICS, and the present status and implications are derived. The findings can be used as an indicator to effectively apply appropriate controls to appropriate locations where security is required. It is also expected to be a useful reference for improving and supplementing security control items currently being used and used.

Published
2018

41. Complex Network of Damage Assessment Using GMM Based FAIR

Author

Junwoo Seo, Moosung Park, Kyoung Min Kim, Mookyu Park, Minhee Joo, and Kyungho Lee

Subjects
Router, Exploit, business.industry, Computer science, Node (networking), 05 social sciences, Complex network, Degree distribution, 050105 experimental psychology, Networking hardware, 03 medical and health sciences, 0302 clinical medicine, Convergence (routing), 0501 psychology and cognitive sciences, Macro, business, 030217 neurology & neurosurgery, Computer network
Abstract

With the recent increase in IoT devices, network connectivity devices such as routers or switches are increasing. This increase in equipment could increase the degree of a particular node (hub node or hub router) in terms of network characteristics. In other words, the structure of the network can be changed into a more complicated network form. The convergence of links to these specific nodes provides an opportunity for attackers to enjoy maximum benefit at minimal cost. An attacker can attack only a few hub routers with a high degree of network structure, which can paralyze networks in some areas. This possibility is because the actual network follows the power degree distribution. These research measures threats based on network characteristics and data on exploits of network equipment. The threat measurement is applied to the FAIR(Factor Analysis of Information Risk) model, and the damage caused by the macro network structure is assessed.

Published
2018

42. Risk Management to Cryptocurrency Exchange and Investors Guidelines to Prevent Potential Threats

Author

Kyungho Lee and Chang Yeon Kim

Subjects
Finance, Cryptocurrency, business.industry, Computer science, 05 social sciences, Vulnerability, 020206 networking & telecommunications, 02 engineering and technology, Investment (macroeconomics), Currency, Server, 0502 economics and business, Management system, 0202 electrical engineering, electronic engineering, information engineering, business, Know-how, 050203 business & management, Risk management
Abstract

Investment and interest in cryptocurrency is rapidly growing. The price of each bitcoin, in particular, has exceeded 10,000 dollars as of November 2017, so we do not know how long the uptrend will continue. Although blockchain technology is more open and security oriented than conventional currency issuing methods, it is relatively ineffective in terms of distribution and management of cryptocurrency. The most common way to get cryptocurrency is trading through exchange and mining, which novices sometimes invest in without sufficient knowledge. Therefore, this paper analyzes vulnerabilities of potential cryptocurrency exchanges and individual user wallets. Moreover, this paper will suggest policy risk management methods using international standards such as from NIST and ISO. Blockchain, weaknesses of countermeasures management system, countermeasures to deal with them, management vulnerability of investors and management plan. Server management plan and personal action tips will be provided.

Published
2018

43. Development of Hull Thickness Management System for Ship Management System

Author

Kae-Myoung Park, Kyungho Lee, and Jeong youl Lee

Subjects
Data platform, Engineering, Ship management, business.industry, Hull, Management system, 3d model, Usability, Product model, business, Maintenance system, Marine engineering
Abstract

Received 9 January 2015; received in revised form 1 April 2015; accepted 2 April 2015ABSTRACTThe specific goal of the SMS (Ship Management System) is to increate ship safety and decreasemaintenance fee. Equipment of ship is managed by PMS (Planned Management System), sub-system of SMS. But hull has not managed by ship manager. So, the Classes have developed thesystem for hull maintenance. Recently, the ship maintenance system has been developed for sat-isfying operator’s requirements such as managing maintenance data as integrated platform, intui-tive manipulation and design for ease of use. To reflect such requirement, 3D Model basedmaintenance system was introduced for ship in operation stage. Hull items that have to beinspected, repaired, replaced, are stored in integrated data platform with drawing, reports, andetc. and completely linked to 3D product Model. This system is specially developed for mea-surement and maintenance of hull thicknessKey Words: Hull Maintenance, Thickness measurement, Ship Management System, Ship Model

Published
2015

44. Morale enhancing determination model of information security

Author

Kyungho Lee, Kyongwon Kim, and Jong-in Lim

Subjects
Government, ComputingMilieux_THECOMPUTINGPROFESSION, business.industry, Computer science, Action plan, Liability, Agency (sociology), Workload, Information security, Marketing, business, Working group, Financial services
Abstract

As the number of recent information security incident occurrenc e increases, more and more workload and liability pressure are given to info-security professionals, which results in decrease of morale level of working groups in the field. In order t o solve this problem, Korean government is providing various acti on plans to improve the morale level of info-security professionals, and also requiring financial companies to submit its own action plan of increasing morale of info-security professionals to Financial Service Agency. For this study, base d on the previous studies and relevant professionals’ interview s, we selected 16 critical morale increase variables, and performed survey for empirical analysis. As a result, 3 features; role, system, and relationship were presented as the main factor of m orale increasement of info-security professionals. This study a lso suggests a decision making method of utilizing the developed mo rale measurement model for individual organizations.Keywords: Info-security professionals, Morale measurement model, Morale increase factors, Model utilization

Published
2015

45. A Study on Personal Information Protection Management Assessment Method by DEA

Author

Myeong-soo Jeong and Kyungho Lee

Subjects
Group information management, Government, Knowledge management, Computer science, business.industry, Scale (social sciences), Privacy policy, Management system, Personal knowledge management, Personal information management, business, Personally identifiable information
Abstract

Recently, with the growing number of services using personal information, government offices` tasks have become more dependent to personal information. Various policies and systems have been made and managed for the safe use of personal information in the circumstances that inevitably require the use of personal information, but the personal information privacy incidents and their scale are on a constant increase. Thus, Korea has been implementing personal information protection management system since 2008 to examine whether public organizations observe the personal information protection act and to how well they manage the personal information, and to improve what is insufficient in the process. However, despite high scores of the outcomes of the system, questions about the effectiveness of the outcomes and about the actual manage level are being raised. Thus, this study seeks to analyze public organizations` activities to protect personal information and the effectiveness of their foundation efforts for them by using the DEA model, and to propose a new model to enhance the effectiveness of the outcomes of personal information protection management system by reflecting them into the outcomes of system, using the derived effectiveness.

Published
2015

46. A Study on Information Access Control Policy Based on Risk Level of Security Incidents about IT Human Resources in Financial Institutions

Author

Kyungho Lee and Jae-Yoon Sim

Subjects
Finance, IT risk, Computer science, business.industry, Role-based access control, Information access, Position (finance), Access control, Information security, Risk factor (computing), business, Personally identifiable information
Abstract

The financial industry in South Korea has witnessed a paradigm shift from selling traditional loan/deposit products to diversified consumption channels and financial products. Consequently, personification of financial services has accelerated and the value of finance-related personal information has risen rapidly. As seen in the 2014 card company information leakage incident, most of major finance-related information leakage incidents are caused by personnel with authorized access to certain data. Therefore, it is strongly required to confirm whether there are problems in the existing access control policy for personnel who can access a great deal of data, and to complement access control policy by considering risk factors of information security. In this paper, based on information of IT personnel with access to sensitive finance-related data such as job, position, sensitivity of accessible data and on a survey result, we will analyze influence factors for personnel risk measurement and apply data access control policy reflecting the analysis result to an actual case so as to introduce measures to minimize IT personnel risk in financial companies.

Published
2015

48. Study on Disaster Recovery Efficiency of Terminal PC in Financial Company

Author

Joon-Seob Yoon, Kyungho Lee, and Seung-Chul Yi

Subjects
Finance, Computer science, business.industry, Event (computing), Volume (computing), Disaster recovery, Computer security, computer.software_genre, Business continuity, Terminal (electronics), Data_FILES, Cyber-attack, business, computer
Abstract

Financial companies have invested a lot in their disaster recov ery system and exercised training more than once a year to comply related laws and regulations. But massive PCs(Personal C omputers) became disrupted simultaneously and it took a lot of time to recover massive PCs concurrently when March 20 cyber attack occurred. So, it was impossible to meet the tartgeted business continuity level. It was because the importance of PC recovery was neglected compared to other disaster recovery areas.This study suggests the measure to recover massive branch termi nal PCs of financial companies simultaneously in cost-effective way utilizing the existing technology and tests recovery time. It means that in the event of disaster financial companies could recover branch terminal PCs in 3 hours which is recommended recovery time by regulatory body. Other financial companies operating similar type and volume of branches would refer to the recovery structure and method proposed by this study.Keywords: Terminal, PC, desktop, disaster, recovery, cyber attack, malco de, APT, BCP, DRP

Published
2015

49. Study the role of information security personnel have on an organization's information security level

Author

Jong In Im, Misun Song, Kyungho Lee, and Dong-Keun Choi

Subjects
Information security audit, Knowledge management, Information security management, Certified Information Security Manager, Computer science, business.industry, Information security standards, Standard of Good Practice, Information security, Public relations, Asset (computer security), business, Security information and event management
Abstract

The issue of information security within an organization began to be recognized as risk of the organization. Because of this, not only ISO(Information Security Officer) but an executive or CEO were forced to resign. In addition, it brought about heavy financial damage to the company and made the company difficult to restore trust to customers. At a time when inadvertent discl osure of personal information has become accepted as a matter of survival because of having a bad effect within an organization, how the information security specialist causes influence on information protection level of the organization. For these reasons, t argeting the information security specialists of various industry sector s, we'll analyse how task performance rate of the information s ecurity specialist within an organization cause influence to the information security level. The goal of this study is for the company to raise the task proportion of information security specialist an d to improve the information protection level of the organizati on. Keywords: Security organization, security level

Published
2015

50. Studies on the effect of information security investment executive

Author

Joon-Sub Yoon, Seonghoon Jeong, Jong-in Lim, and Kyungho Lee

Subjects
Finance, Certified Information Security Manager, business.industry, Computer science, Information security, Computer security, computer.software_genre, Investment (macroeconomics), Asset (computer security), Security information and event management, Information security management, Security convergence, business, computer, Corporate security
Published
2014

Catalog

Books, media, physical & digital resources
See catalog results