Search

Your search keyword '"Kyungho Lee"' showing total 63 results
Start Over Author "Kyungho Lee" Topic computer
63 results on '"Kyungho Lee"'

1. Will EU’s GDPR Act as an Effective Enforcer to Gain Consent?

Author

Changsoo Lee, Jemin Justin Lee, Kyungho Lee, Jinhyoung Hong, Junhyoung Oh, and Simon S. Woo

Subjects
Structure (mathematical logic), General Computer Science, Computer science, business.industry, Privacy policy, 05 social sciences, Internet privacy, General Engineering, 050801 communication & media studies, 02 engineering and technology, Service provider, Python (programming language), computer.software_genre, 0508 media and communications, Order (business), 020204 information systems, General Data Protection Regulation, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), General Materials Science, Web service, business, computer, computer.programming_language
Abstract

Since the GDPR was implemented in 2018, organizations that collect data from the EU residents are required to receive the user’s consent. Organizational measures to ensure that the organizations are compliant to the recently enacted GDPR are still abstract and ambiguous. Moreover, data subjects and controllers have demanded the practice of obtaining consent from organizations. By observing the case law and guidelines related to the GDPR provisions, we deduced four consent conditions. Then, we examined how online service provider’s websites are making efforts to implement the GDPR framework. For this, we identified key characteristics of these websites, such as the existence of consent buttons. In order to help the data subjects obtain consent, we proposed an automatic tool that can check the consent conditions by checking the websites. Our study examined 10,000 websites for 26 days using the Python libraries with the tool automatically crawling the website information and analyzes the HTML structure according to the specified conditions. In addition, this tool crawls the privacy policy of each website. Moreover, it automatically determines whether it meets the four consent conditions by calculating it according to the formula defined in the consent condition. To evaluate the tool’s accuracy, the researchers manually analyzed 500 websites and compared the manual analysis with the results of the tool’s automatic analysis. We found that this tool differentiates itself through qualitative comparisons with other GDPR meters.

Published
2021

2. A Review of Insider Threat Detection Approaches With IoT Perspective

Author

Aram Kim, Jinho Ryu, Kyungho Lee, and Junhyoung Oh

Subjects
General Computer Science, Computer science, Literature based, 02 engineering and technology, Computer security, computer.software_genre, Insider, 0202 electrical engineering, electronic engineering, information engineering, dataset, General Materials Science, survey, Government, business.industry, General Engineering, Insider threat, 020206 networking & telecommunications, Application layer, Research objectives, Internet-of-Things, 020201 artificial intelligence & image processing, lcsh:Electrical engineering. Electronics. Nuclear engineering, Internet of Things, business, computer, Insider threat detection, lcsh:TK1-9971
Abstract

Security professionals, government agencies, and corporate organizations have found an inherent need to prevent or mitigate attacks from insider threats. Accordingly, active research on insider threat detection has been conducted to prevent and mitigate adverse effects such as leakage of valuable information that may be caused by insiders. Along with the growth of Internet-of-Things (IoT), new security challenges arise in the existing security frameworks. Attack surfaces are significantly enlarged which could cause a severe risk in terms of company insider threat management. In this work, we provide a generalization of aspects of insider threats with IoT and analyze the surveyed literature based on both private and public sources. We then examine data sources considering IoT environments based on the characteristics and the structure of IoT (perceptual, network, and application layers). The result of reviewing the study shows that using the data source of the network and application layer is more suitable than the perceptual layer in the IoT environment. We also categorized each layer’s data sources according to their features, and we investigated research objectives and methods for each category. Finally, the potential for utilization and limitations under the IoT environment are presented at the end of each layer examination.

Published
2020

3. Honeypot System for Automatic Reporting of Illegal Online Gambling Sites Utilizing SMS Spam

Author

Kyungho Lee, Moohong Min, Jemin Justin Lee, and Hyunbeom Park

Subjects
Short Message Service, Honeypot, Uniform resource locator, Computer science, Order (business), Online gambling, Sms spam, Computer security, computer.software_genre, computer, Block (data storage)
Abstract

The emergence of illegal online gambling (IOG) has led to an increase in gambling addiction and threats to cyber security. Since IOG is advertised through short message service (SMS), we propose a novel system to detect and extract uniform resource locator (URL) information from SMS spam. For majority of the cases, these URLs are not directly linked to a real website address, which causes difficulties for detection systems. In order to address this problem, we utilized a readable transformation technique (RTT). The resulting suggestions can be enhanced to extract URLs automatically from SMS spam, which will allow local authorities identify and block IOG operations.

Published
2021

4. Improved Mitigation of Cyber Threats in IIoT for Smart Cities: A New-Era Approach and Scheme

Author

Kyungho Lee and Semi Park

Subjects
Scheme (programming language), cybersecurity, Process (engineering), Computer science, 02 engineering and technology, computer.software_genre, lcsh:Chemical technology, Biochemistry, Critical infrastructure, Article, Analytical Chemistry, Smart city, 0202 electrical engineering, electronic engineering, information engineering, Data envelopment analysis, lcsh:TP1-1185, Electrical and Electronic Engineering, Instrumentation, computer.programming_language, industrial control systems, 020206 networking & telecommunications, Industrial control system, Atomic and Molecular Physics, and Optics, anomaly detection, Random forest, smart city, 020201 artificial intelligence & image processing, Anomaly detection, Data mining, data envelopment analysis, computer
Abstract

Cybersecurity in Industrial Internet of Things (IIoT) has become critical as smart cities are becoming increasingly linked to industrial control systems (ICSs) used in critical infrastructure. Consequently, data-driven security systems for analyzing massive amounts of data generated by smart cities have become essential. A representative method for analyzing large-scale data is the game bot detection approach used in massively multiplayer online role-playing games. We reviewed the literature on bot detection methods to extend the anomaly detection approaches used in bot detection schemes to IIoT fields. Finally, we proposed a process wherein the data envelopment analysis (DEA) model was applied to identify features for efficiently detecting anomalous behavior in smart cities. Experimental results using random forest show that our extracted features based on a game bot can achieve an average F1-score of 0.99903 using 10-fold validation. We confirmed the applicability of the analyzed game-industry methodology to other fields and trained a random forest on the high-efficiency features identified by applying a DEA, obtaining an F1-score of 0.997 using the validation set approach. In this study, an anomaly detection method for analyzing massive smart city data based on a game industry methodology was presented and applied to the ICS dataset.

Published
2021

5. A Multi-Component Analysis of CPTED in the Cyberspace Domain

Author

Myong Hyun Go, Haengrok Oh, Kauh Janghyuk, Jemin Justin Lee, Yu Kyung Kim, Minhee Joo, Kyungho Lee, and Jeongeun Seo

Subjects
IoT, Computer science, natural surveillance, Access control, Factor analysis of information risk, computer.software_genre, lcsh:Chemical technology, Biochemistry, Article, Analytical Chemistry, Human–computer interaction, 0502 economics and business, Realm, lcsh:TP1-1185, 050207 economics, Electrical and Electronic Engineering, Instrumentation, 0505 law, FAIR, business.industry, 05 social sciences, access control, spatial syntax, Atomic and Molecular Physics, and Optics, Virtual machine, 050501 criminology, Crime prevention through environmental design, business, Cyberspace, computer, lme4, CPTED
Abstract

The visual fidelity of a virtual environment lacks the exceedingly complex layers from the physical world, but the continuous improvements of image rendering technology and computation powers have led to greater demands for virtual simulations. Our study employs Crime Prevention through Environmental Design (CPTED) as a risk control measure and utilizes two principles: Access Control and Natural Surveillance. We conducted an experiment with (n-sample: 100) graduate students. For the experiment, we utilized the Factor Analysis of Information Risk (FAIR) to quantitatively analyze the risk. Furthermore, we adopted the lme4 package for R to estimate the mixed effect of the 6,242,880 observations retrieved from Kaggle. Based on the two experiments, we were able to critically evaluate the contributions of CPTED through a multi-component analysis. Our study investigates how spatial syntax and territorial demarcation may translate in the cyberspace realm. We found that the corollaries of the mophology in the virtual environment effects the distribution of crime. The results of our study discusses how to determine the criminogenic designs and capacity in the cyberspace realm.

Published
2020

6. Cybersecurity Framework for IIoT-Based Power System Connected to Microgrid

Author

SungJin Kim, Ji Woong Jang, Junhyoung Oh, Jungtaek Seo, Sungmoon Kwon, and Kyungho Lee

Subjects
Government, Computer Networks and Communications, Computer science, Management efficiency, ComputingMilieux_LEGALASPECTSOFCOMPUTING, 020206 networking & telecommunications, 02 engineering and technology, Computer security, computer.software_genre, Checklist, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Electric power system, 0202 electrical engineering, electronic engineering, information engineering, Industrial Internet, 020201 artificial intelligence & image processing, Smart grid network, Microgrid, Communications protocol, computer, Information Systems
Abstract

Compared to the past infrastructure networks, the current smart grid network can improve productivity and management efficiency. However, as the Industrial Internet of Things (IIoT) and Internet-based standard communication protocol is used, external network contacts are created, which is accompanied by security vulnerabilities from various perspectives. Accordingly, it is necessary to develop an appropriate cybersecurity guideline that enables effective reactions to cybersecurity threats caused by the abuse of such defects. Unfortunately, it is not easy for each organization to develop an adequate cybersecurity guideline. Thus, the cybersecurity checklist proposed by a government organization is used. The checklist does not fully reflect the characteristics of each infrastructure network. In this study, we proposed a cybersecurity framework that reflects the characteristics of a microgrid network in the IIoT environment, and performed an analysis to validate the proposed framework.

Published
2020

7. The Gravy Value: A Set of Features for Pinpointing BOT Detection Method

Author

Semi Park and Kyungho Lee

Subjects
Computer science, business.industry, ComputingMilieux_PERSONALCOMPUTING, Service provider, Computer security, computer.software_genre, Money laundering, Random forest, Support vector machine, Software, Order (exchange), Critical success factor, business, Set (psychology), computer
Abstract

The critical success of online games has led the industry to global success, as the market size is expected to reach 18,194 USD by the year 2020. However, the success of the online game market has led to the growth of illegal activities, such as the use of game bots. Game bots are software applications capable of collecting game items, which are often banned from online game service providers. The illegal activities are not limited to tax evasion and money laundering. In order to help detect these bots, this study employs the dataset from an MMORPG called Aion. By detecting the bots using the server-side analysis, this paper analyzed user behavior and used features based on the experience, skill, and gravy value that represents the cost-efficiency. We experimented with machine learning algorithms such as MLP, SVM, and Random Forest. As a result, the F-score for detecting the total sum of the accounts that consists of the game bots and real users reached 0.9638. We believe our study may help online game service providers, future researchers, and governmental agencies to detect and classify the MMORPG game bots.

Published
2020

8. A Statistical Approach Towards Fraud Detection in the Horse Racing

Author

Hyunbeom Park, Jemin Justin Lee, Moohong Min, Kyungho Lee, and Hyojoung Shin

Subjects
Horse racing, Government, business.industry, Computer science, 05 social sciences, Big data, 02 engineering and technology, Computer security, computer.software_genre, Phenomenon, 0502 economics and business, 0202 electrical engineering, electronic engineering, information engineering, 050211 marketing, 020201 artificial intelligence & image processing, Anomaly detection, business, Internet of Things, computer
Abstract

With the inception of online betting in S. Korea, various foreigner professional gambling groups have exploited the betting regulations. This phenomenon has occurred mainly in Asia, because the regulations on gambling in these countries are complex and robust. Our study focuses on the horse racing in S. Korea, which is operated under the government funding. The foreigner gambling groups tried unlimited betting by modifying the official IoT (Internet of Things) based APP arbitrarily. We have checked that some abnormal transactions can occur by modifying this application. Our study proposes a fraud detection method that can help detecting abnormal activities and prevent them. Currently, the Korea Racing Authority (KRA) has been criticized for being ill-equipped to detect abnormal activities with the Walkerhill Incident. Our study presents a new anomaly detection model that uses a flexible window. In this study, we propose an idea that aims to detect abnormal betting transactions.

Published
2020

9. Methods to Select Features for Android Malware Detection Based on the Protection Level Analysis

Author

Chaeeun Lee, Kyungho Lee, and Eunnarae Ko

Subjects
Software_OPERATINGSYSTEMS, business.industry, Computer science, Deep learning, Confusion matrix, Feature selection, 02 engineering and technology, Permission, Computer security, computer.software_genre, Installation, Feature (computer vision), Ask price, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Artificial intelligence, Android (operating system), business, computer
Abstract

Android’s permission system is asked to users before installing applications. It is intended to warn users about the risks of the app installation and gives users opportunities to review the application’s permission requests and uninstall it if they find it threatening. However, not all android permissions ask for the user’s decision. Those who are defined as ‘Dangerous’ in the permission protection level are only being confirmed by the users in Android Google Market. We examine whether the ‘Dangerous permissions’ are actually being a main component of detection when it comes to defining the app as malicious or benign. To collect important features and to investigate the correlation between the malicious app and the permission’s protection level, feature selection and deep learning algorithms were used. The study evaluates the feature by using the confusion matrix. We used 10,818 numbers of malicious and benign applications, and 457 permission lists to investigate our examination, and it appeared that ‘Dangerous’ permissions may not be the only important factor, and we suggest a different perspective of viewing permissions.

Published
2020

10. An Artificial Intelligence Approach to Financial Fraud Detection under IoT Environment: A Survey and Implementation

Author

Kyungho Lee and Dahee Choi

Subjects
Article Subject, Computer Networks and Communications, Process (engineering), Computer science, 0211 other engineering and technologies, ComputingMilieux_LEGALASPECTSOFCOMPUTING, Feature selection, 02 engineering and technology, Computer security, computer.software_genre, Identity theft, lcsh:Technology (General), 0202 electrical engineering, electronic engineering, information engineering, lcsh:Science (General), 021110 strategic, defence & security studies, Artificial neural network, business.industry, Deep learning, Credit card, Financial transaction, lcsh:T1-995, 020201 artificial intelligence & image processing, Artificial intelligence, business, Financial fraud, computer, lcsh:Q1-390, Information Systems
Abstract

Financial fraud under IoT environment refers to the unauthorized use of mobile transaction using mobile platform through identity theft or credit card stealing to obtain money fraudulently. Financial fraud under IoT environment is the fast-growing issue through the emergence of smartphone and online transition services. In the real world, a highly accurate process of financial fraud detection under IoT environment is needed since financial fraud causes financial loss. Therefore, we have surveyed financial fraud methods using machine learning and deep learning methodology, mainly from 2016 to 2018, and proposed a process for accurate fraud detection based on the advantages and limitations of each research. Moreover, our approach proposed the overall process of detecting financial fraud based on machine learning and compared with artificial neural networks approach to detect fraud and process large amounts of financial data. To detect financial fraud and process large amounts of financial data, our proposed process includes feature selection, sampling, and applying supervised and unsupervised algorithms. The final model was validated by the actual financial transaction data occurring in Korea, 2015.

Published
2018

11. A Study on Selection of Block Stockyard Applying Decision Tree Learning Algorithm

Author

Jae-Joon Lee, Byeong-Wook Nam, Seung-Hwan Mun, and Kyungho Lee

Subjects
Incremental decision tree, Computer science, business.industry, Decision tree learning, ID3 algorithm, 020101 civil engineering, 02 engineering and technology, Machine learning, computer.software_genre, 01 natural sciences, 010305 fluids & plasmas, 0201 civil engineering, 0103 physical sciences, Artificial intelligence, business, computer, Selection (genetic algorithm), Block (data storage)
Published
2017

12. Automatically Attributing Mobile Threat Actors by Vectorized ATT&CK Matrix and Paired Indicator

Author

Youngsup Shin, Jemin Justin Lee, Kyoung Min Kim, and Kyungho Lee

Subjects
threat intelligence, Advanced persistent threat, Computer science, TP1-1185, computer.software_genre, Login, Computer security, Biochemistry, Analytical Chemistry, Indicator of compromise, Mobile payment, Electrical and Electronic Engineering, Instrumentation, Computer Security, Chemical technology, Communication, cyber security, Matrix (music), Atomic and Molecular Physics, and Optics, mobile security, Malware, Smartphone, Attribution, Delivery of Health Care, computer, Automated method
Abstract

During the past decade, mobile attacks have been established as an indispensable attack vector adopted by Advanced Persistent Threat (APT) groups. The ubiquitous nature of the smartphone has allowed users to use mobile payments and store private or sensitive data (i.e., login credentials). Consequently, various APT groups have focused on exploiting these vulnerabilities. Past studies have proposed automated classification and detection methods, while few studies have covered the cyber attribution. Our study introduces an automated system that focuses on cyber attribution. Adopting MITRE’s ATT&CK for mobile, we performed our study using the tactic, technique, and procedures (TTPs). By comparing the indicator of compromise (IoC), we were able to help reduce the false flags during our experiment. Moreover, we examined 12 threat actors and 120 malware using the automated method for detecting cyber attribution.

Published
2021

15. A Model for Detecting Cryptocurrency Transactions with Discernible Purpose

Author

Chang Yeon Kim, Hyochang Baek, Junhyoung Oh, and Kyungho Lee

Subjects
050101 languages & linguistics, Cryptocurrency, Smart contract, Computer science, 05 social sciences, Financial intelligence, 02 engineering and technology, Computer security, computer.software_genre, Financial transaction, Obfuscation, 0202 electrical engineering, electronic engineering, information engineering, Unsupervised learning, 020201 artificial intelligence & image processing, 0501 psychology and cognitive sciences, Anomaly detection, computer, Database transaction
Abstract

The perpetration of financial fraud progresses parallel with the innovation in the field of finance. Consequently, the emergence of the blockchain technology has also manifested financial transaction obfuscation through the use of de-anonymization of the blockchain technology. This study identifies the suspicious transaction from Binance, an open-source cryptocurrency, through the means of defining and detecting the cryptocurrency wallets. By drawing the metadata of 38,526 wallets from etherscan.io, this study investigates the transactions with discernible purpose. This study performed an unsupervised learning expectation maximization (EM) algorithm to cluster the data set. Based on the features engineered from the unsupervised learning, we performed an anomaly detection using Random Forest (RF). In this study, we offered an insight into labeling the cryptocurrency wallets by providing a model for detecting the cryptocurrency with anomalous transactions. We advocate that labeling the wallets with discernible transactions may help financial institutions, private sectors, financial intelligence, and government agencies identify and detect the transactions with illicit activities.

Published
2019

16. Security Risk Measurement for Information Leakage in IoT-Based Smart Homes from a Situational Awareness Perspective

Author

Kyungho Lee, Haengrok Oh, and Mookyu Park

Subjects
cyber-situational awareness, Situation awareness, Computer science, Human life, 02 engineering and technology, Computer security, computer.software_genre, lcsh:Chemical technology, Biochemistry, Article, Analytical Chemistry, Home automation, 0202 electrical engineering, electronic engineering, information engineering, lcsh:TP1-1185, Electrical and Electronic Engineering, Instrumentation, risk measurement, business.industry, Perspective (graphical), 020206 networking & telecommunications, Atomic and Molecular Physics, and Optics, Internet of Things (IoT), smart homes, Information leakage, 020201 artificial intelligence & image processing, business, Cyberspace, Internet of Things, computer, Personally identifiable information
Abstract

Internet-of-Things (IoT) is a technology that is extensively being used in various fields. Companies like Samsung, LG, and Apple are launching home appliances that use IoT as a part of their smart home business. Currently, Intelligent Things which combine artificial intelligence (AI) and IoT are being developed. Most of these devices are configured to collect and respond to human behavior (motion, voice, etc.) through built-in sensors. If IoT devices do not ensure high security, personal information could be leaked. This paper describes the IoT security threats that can cause information leakage from a hierarchical viewpoint of cyberspace. In addition, because these smart home-based IoT devices are closely related to human life, considering social damage is a problem. To overcome this, we propose a framework to measure the risk of IoT devices based on security scenarios that can occur in a smart home.

Published
2019

17. Threat Assessment for Android Environment with Connectivity to IoT Devices from the Perspective of Situational Awareness

Author

Jaehyeok Han, Kyungho Lee, Haengrok Oh, and Mookyu Park

Subjects
Situation awareness, Article Subject, Computer Networks and Communications, Computer science, Vulnerability, 02 engineering and technology, Computer security, computer.software_genre, lcsh:Technology, lcsh:Telecommunication, lcsh:TK5101-6720, 0202 electrical engineering, electronic engineering, information engineering, Electrical and Electronic Engineering, Android (operating system), lcsh:T, business.industry, 020206 networking & telecommunications, 020201 artificial intelligence & image processing, Black market, Internet of Things, business, Mobile device, computer, Threat assessment, Personally identifiable information, Information Systems
Abstract

As smartphones such as mobile devices become popular, malicious attackers are choosing them as targets. The risk of attack is steadily increasing as most people store various personal information such as messages, contacts, and financial information on their smartphones. Particularly, the vulnerabilities of the installed operating systems (e.g., Android, iOS, etc.) are trading at a high price in the black market. In addition, the development of the Internet of Things (IoT) technology has created a hyperconnected society in which various devices are connected to one network. Therefore, the safety of the smartphone is becoming an important factor to remotely control these technologies. A typical attack method that threatens the security of such a smartphone is a method of inducing installation of a malicious application. However, most studies focus on the detection of malicious applications. This study suggests a method to evaluate threats to be installed in the Android OS environment in conjunction with machine learning algorithms. In addition, we present future direction from the cyber threat intelligence perspective and situational awareness, which are the recent issues.

Published
2019
Full Text
View/download PDF

18. Android Application Risk Indicator Based on Feature Analysis Utilizing Machine Learning

Author

Won Mok Park, Youngin You, Minhee Joo, Kyungho Lee, and Hyochang Baek

Subjects
021110 strategic, defence & security studies, Computer science, 0211 other engineering and technologies, 02 engineering and technology, Computer security, computer.software_genre, Risk indicator, mental disorders, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Android application, Penetration rate, Android (operating system), Risk assessment, Personally identifiable information, Very high risk, Mobile device, computer
Abstract

As the penetration rate of smart mobile devices has increased, threats targeting the Android platform, which accounts for the majority of mobile operating systems, have increased. As a typical example, a fake Korea Financial Supervisory Service application(app) appeared at the end of 2017. When users installed this app and called the Financial Supervisory Service, there was a case of fake loan consultation, which resulted in financial loss and leakage of personal information. There have been a variety of malicious apps targeting mobile devices. As a result, it became necessary to detect the risks to such malicious apps and to make decisions about the apps. In this paper, we created a model to evaluate the risk of apps in Android and define the characteristics of each element. In addition, the risk from the model is used to make a risk map for decision making using unsupervised algorithms. To make the risk map in this paper uses the data of 2970 apps that is malicious or benign. As a result of the experiment, some of the benign apps were classified as very high risk. They had a lot of high-risk permissions, and there was a need for users to be careful. The results of this study can help users know the exact risk of Android apps and help detect unknown malicious apps.

Published
2019

19. FAIR-Based Cyber Influence Damage Assessment for Exploit in Mobile Device

Author

Jaehyeok Han, Junwoo Seo, Kyungho Lee, Mookyu Park, and Haengrok Oh

Subjects
Exploit, Computer science, 06 humanities and the arts, 02 engineering and technology, Factor analysis of information risk, Permission, 0603 philosophy, ethics and religion, computer.software_genre, Computer security, 0202 electrical engineering, electronic engineering, information engineering, Ransomware, Malware, Cyber-attack, 020201 artificial intelligence & image processing, 060301 applied ethics, Cyberspace, computer, Mobile device
Abstract

Recently, as the utilization rate for mobile devices has increased, cyber attacks targeting them have been increasing. Cyber attacks such as ransomware in general network space have started to spread to mobile devices. In addition, malware that exploits mobile vulnerabilities is also increasing rapidly. Threats to these mobile devices could cause negative damage to human life. Thus, the cyber attack that causes secondary damage to the real world is called a Cyber Influence Attack. This paper presents an influence attack scenario in which the exploit of the Android OS acquires the permission of the mobile device for propagating false information. Based on this scenario, we analyze the damage assessment of mobile device exploit that can cause real social damage as well as damage to cyberspace assets through FAIR (Factor Analysis of Information Risk) model.

Published
2018

20. Money Laundering in the Bitcoin Network: Perspective of Mixing Services

Author

Mookyu Park, Junwoo Seo, Kyungho Lee, and Haengrok Oh

Subjects
Service (business), Situation awareness, Computer science, Perspective (graphical), Sample (statistics), 02 engineering and technology, Money laundering, Computer security, computer.software_genre, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, computer, Mixing (physics)
Abstract

Various crimes using Bitcoin are highlighted. Among various crimes using Bitcoin, this paper suggests a method to detect money laundering focusing on mixing service that provides Money Laundering. This is part of the anti-money-laundering (AML) strategy, which can determine whether the mixer service is used in certain transactions by using transaction sample data using mixer. Money laundering using Bitcoin is often used to avoid fund tracking in the underground world and analyzing it is essential in situational awareness of fund tracking.

Published
2018

22. Motion Grammars for Character Animation

Author

Kyunglyul Hyun, Jehee Lee, and Kyungho Lee

Subjects
Parsing, Syntax (programming languages), Computer science, Programming language, 020207 software engineering, 02 engineering and technology, Animation, computer.software_genre, Computer Graphics and Computer-Aided Design, Motion (physics), Choreography, Human–computer interaction, Formal language, 0202 electrical engineering, electronic engineering, information engineering, Character animation, 020201 artificial intelligence & image processing, computer
Abstract

The behavioral structure of human movements is imposed by multiple sources, such as rules, regulations, choreography, habits, and emotion. Our goal is to identify the behavioral structure in a specific application domain and create a novel sequence of movements that abide by structure-building rules. To do so, we exploit the ideas from formal language, such as rewriting rules and grammar parsing, and adapted those ideas to synthesize the three-dimensional animation of multiple characters. The structured motion synthesis using motion grammars is formulated in two layers. The upper layer is a symbolic description that relates the semantics of each individual's movements and the interaction among them. The lower layer provides spatial and temporal contexts to the animation. Our multi-level MCMC (Markov Chain Monte Carlo) algorithm deals with the syntax, semantics, and spatiotemporal context of human motion to produce highly-structured, animated scenes. The power and effectiveness of motion grammars are demonstrated in animating basketball games from drawings on a tactic board. Our system allows the user to position players and draw out tactical plans, which are animated automatically in virtual environments with three-dimensional, full-body characters.

Published
2016

23. Strategic Decision Making Model Among Collective Intelligences Using The Game Theory in Cyber Attacks - Case study of KHNP Hacking

Author

Sangmin Park, Kyungho Lee, and Jong-in Lim

Subjects
Government, Computer science, Collective intelligence, 02 engineering and technology, Computer security, computer.software_genre, Hacktivism, Cyberwarfare, 020204 information systems, Psychological Warfare, 0202 electrical engineering, electronic engineering, information engineering, Cyber-attack, 020201 artificial intelligence & image processing, computer, Game theory, Hacker
Abstract

Recently various types of cyber attacks have occurred. The strategic goals & tactical means of these have evolved. Especially KHNP cyber attack was the type of hacktivism combined hack and psychological warfare. The cyber attackers have forecd the nation to participate in the cyber warfare and the government to make strategic decisions to the releases of confidential information and the threats of stopping KHNP. In this paper, we would like to study the effective strategic decision-making model utilizing the game theory and including an attack intelligence on open policy Decision framework.

Published
2016

24. A Decision-Making Model for Handling Personal Information Using Metadata

Author

Yang-Ho Kim, Kyungho Lee, and In-hyun Cho

Subjects
Computer science, business.industry, Process (engineering), 020206 networking & telecommunications, 02 engineering and technology, Information security, Computer security, computer.software_genre, Insider, Metadata, 0202 electrical engineering, electronic engineering, information engineering, Systems architecture, 020201 artificial intelligence & image processing, business, Personally identifiable information, computer, Decision-making models, Risk management
Abstract

After realizing through the three large-scale data leakage incidents that intentional or accidental insider jobs are more seri ous than external intrusions, financial companies in Korea have bee n taking measures to prevent data leakage from occuring again. But, the IT system architecture reflecting the domestic financi al environment is highly complicated and thereby difficult to grasp. It is obvious that despite administrative, physical, and techni cal controls, insider threats are likely to cause personal data leakage. In this paper, we present a process that based on metadata defi nes and manages personally identifiable attribute data, and that through inter-table integration identifies personal information broadly and controls access. This process is to decrease the likelihood of violating compliance outlined by the financial su pervisory authority, and to reinforce internal controls. We der ive and verify a decision-making model that reflects the proposed p rocess.Keywords: Personally Identifiable Information, Compliance, Information S ecurity, Risk Management, Metadata

Published
2016

25. Advanced Risk Measurement Approach to Insider Threats in Cyberspace

Author

Inhyun Cho and Kyungho Lee

Subjects
business.industry, Computer science, Process (engineering), Insider threat, 02 engineering and technology, Computer security, computer.software_genre, Theoretical Computer Science, Insider, Computational Theory and Mathematics, Artificial Intelligence, Order (exchange), 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Position (finance), 020201 artificial intelligence & image processing, Leakage (economics), business, Cyberspace, computer, Software, Risk management
Abstract

Inside jobs have been a source of critical threats in cyberspace. To manage such insider threats, a proper measurement approach is required for effective risk-based decision-making. The measurement approach should include insider-related information (e.g. the significance of jobs, the position level, the required authority for data, and the type of employment) in order to better measure and analyze insider risks. In this paper, we suggest an approach that takes into account the insider-related information in calculating data leakage risk of insiders in the banking sector. We implement this approach by utilizing real-world data to calculate insider risks. We present an effective risk measurement approach, which we believe can enhance decision-making process for risk management for insider threats.

Published
2016

26. Advanced Mandatory Authentication Architecture Designed for Internet Bank

Author

Ki-seok Hong and Kyungho Lee

Subjects
Authentication, Computer science, business.industry, Internet privacy, Business model, Computer security, computer.software_genre, Internet security, Attack model, Identification (information), Security association, The Internet, business, computer, Vulnerability (computing)
Abstract

Non-face-to-face real name verification policy that financial authorities announced, in order to secure a face-to-face or more of accuracy, are in principle of multi check. The business model and legal entities of Internet banks is different from existing Internet banking. Relpacing real name verification from face-to-facd to non-face-to-face while maintaining the structure of identification can not only cause inconvenience to a first time member, but also can be more vulnerable to verious security risks. In this study, to evaluate a service level of a bank of the Internet, and provide an improved identification of the structure such that the registration and use of differentiated services is performed in accordance with the evaluation. In addition, the security that may occur with respect to Bank of the Internet to establish a vulnerability and attack model, the results of the analysis of the safety of the step-by-step security attributes and services of the authentication medium of each attack model, existing the safer than Internet banking, confirmed the usefulness in user registration guide.

Published
2015

27. Decision Making Model for Selecting Financial Company Server Privilege Account Operations

Author

Kyungho Lee and Suk-Won Lee

Subjects
Finance, Computer science, business.industry, Principle of least privilege, Analytic hierarchy process, Privilege (computing), Information security, Computer security, computer.software_genre, Account Status, business, computer, Decision-making models, Hacker
Abstract

The server privilege account must be operated through law and r egulation. However, due to regulation non-compliance and inadequate operation on financial company server privilege, an incident that every server data being deleted by hacker occur which is later being named as ‘NH Bank Cyber Attack’. In this p aper, the current operation status on financial company privilege accounts is being analysed to elicit problems and imp rovement. From the analysis, important evaluation factors will be also selected and applied generating the decision making model for financial company server privilege account operation. The evaluation factor deducted from privilege account status analys is will be used to present and verify the decision making model and formula through AHP(Analytic Hierarchy process).Keywords: Server Privilege Account, AHP, Information Security, Decision Making I.서 론 1) 1.1연구배경 및 목적2011년 4월12일 농협 전산망 해킹 사건이 발생하여 내부서버 180대(전체 440대), 웹서버 45대(전체 98대), 테스트 서버 48대(전체 49대) 총 273대(전체 587대) 서버의 모든 데이터가 삭제되어 농협 전

Published
2015

28. Effective Risk Level Assessment Using Three-Dimensional Vector Visualization

Author

Juyoung Lee, In-hyun Cho, Jaehee Lee, and Kyungho Lee

Subjects
Risk analysis, business.industry, Process (engineering), Computer science, Risk management information systems, Information security, computer.software_genre, Visualization, Identification (information), Confidentiality, Data mining, business, computer, Risk management
Abstract

Risk analysis is utilized in devising measures to manage information security risk to an acceptable level. In this risk management decision-making, the visualization of risk is important. However, the pre-existing risk visualization method is limited in visualizing risk factors three-dimensionally. In this paper, we propose an improved risk visualization method which can facilitate the identification of risk from the perspective of confidentiality, integrity, and availability respectively or synthetically. The proposed method is applied to an enterprise's risk analysis in order to verify how effective it is. We argue that through the proposed method risk levels can be expressed three-dimensionally, which can be used effectively for information security decision-making process for internal controls.

Published
2015

29. Advanced protocol against MITM attacks in Industrial Control System

Author

Sangkyo Oh, Moo-seong Ko, and Kyungho Lee

Subjects
Authentication, Computer science, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Intrusion detection system, Industrial control system, Man-in-the-middle attack, Stuxnet, Computer security, computer.software_genre, Airfield traffic pattern, PROFINET, SCADA, business, computer, Computer network
Abstract

If the industrial control system is infected by malicious worm such as Stuxnet, national disaster could be caused inevitably. Therefore, most of the industrial control system defence is focused on intrusion detection in network to protect against these threats. Conventional method is effective to monitor network traffic and detect anomalous patterns, but normal traffic pattern attacks using MITM technique are difficult to be detected. This study analyzes the PROFINET/DCP protocol and weaknesses with the data collected in real industrial control system. And add the authentication data field to secure the protocol, find out the applicability. Improved protocol may prevent the national disaster and defend against MITM attacks.

Published
2015

30. An advanced approach to security measurement system

Author

In-hyun Cho, Youngin You, and Kyungho Lee

Subjects
Computer science, Standard of Good Practice, 02 engineering and technology, Asset (computer security), Computer security, computer.software_genre, Security information and event management, Security testing, Critical infrastructure, Theoretical Computer Science, Information security audit, Information security management, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Control system security, 020203 distributed computing, Cloud computing security, Information security, Computer security model, Security service, Hardware and Architecture, Security through obscurity, Security convergence, Network security policy, computer, Software, Information Systems
Abstract

The importance of information security has increased gradually. Initially, the notion of information security was limited to only a few areas. Now, it has expanded to cover a variety of areas. For example, critical infrastructure facilities such as power plants are operated online using industrial control systems so that the facilities are exposed to cyber threats. This is also the case with the other fields that are operated online. Each field requires appropriate information security management. Thus, this paper proposes an advanced security measurement system that reflects the characteristics of each field to achieve effective information security management.

Published
2015

31. Situational Awareness Framework for Cyber Crime Prevention Model in Cyber Physical System

Author

Junhyoung Oh, Junwoo Seo, Minhee Joo, Kyungho Lee, and Mookyu Park

Subjects
Situation awareness, Computer science, business.industry, 020209 energy, Cyber-physical system, 02 engineering and technology, Factor analysis of information risk, Computer security, computer.software_genre, complex mixtures, Electronic mail, stomatognathic diseases, stomatognathic system, TheoryofComputation_LOGICSANDMEANINGSOFPROGRAMS, 0202 electrical engineering, electronic engineering, information engineering, Crime prevention through environmental design, business, Cyberspace, Personally identifiable information, computer, Risk management
Abstract

Recently, IoT, 5G mobile, big data, and artificial intelligence are increasingly used in the real world. These technologies are based on convergenced in Cyber Physical System(Cps). Cps technology requires core technologies to ensure reliability, real-time, safety, autonomy, and security. CPS is the system that can connect between cyberspace and physical space. Cyberspace attacks are confused in the real world and have a lot of damage. The personal information that dealing in CPS has high confidentiality, so the policies and technique will needed to protect the attack in advance. If there is an attack on the CPS, not only personal information but also national confidential data can be leaked. In order to prevent this, the risk is measured using the Factor Analysis of Information Risk (FAIR) Model, which can measure risk by element for situational awareness in CPS environment. To reduce risk by preventing attacks in CPS, this paper measures risk after using the concept of Crime Prevention Through Environmental Design(CPTED).

Published
2018

32. Threat Analysis of Wi-Fi Connected Dashboard Camera

Author

Dahee Choi, Won Mok Park, and Kyungho Lee

Subjects
Authentication, business.industry, Computer science, media_common.quotation_subject, Dashboard (business), Attack tree, STRIDE, Usability, Computer security, computer.software_genre, Data flow diagram, Information security standards, Function (engineering), business, computer, media_common
Abstract

Recently dashboard camera (dashcam) has a function of connecting Wi-Fi to a smartphone for usability. But, it has severe vulnerabilities that it doesn't have authentication process. We analyzed threats of overall functions of dashcam using Data Flow Diagram and STRIDE analysis. After that, we found that dashcam’ s vulnerabilities are closely related to Wi-Fi function and lack of authentication process. We made sets of possible attacks and presented as attack trees. Attack Tree Analysis was used to categorize and prioritize among several ways of possible attacks. This research contributes to suggest vulnerabilities of a dashcam. This emphasizes the importance that information security standards of dashcam should be made and manufacturers of dashcam should apply the standards.

Published
2018

33. A Review of Cyber Security Controls from An ICS Perspective

Author

Kyungho Lee, Juhyeon Lee, Junhyoung Oh, and Youngin You

Subjects
021110 strategic, defence & security studies, Point (typography), Computer science, business.industry, Control (management), 0211 other engineering and technologies, Information technology, 02 engineering and technology, Information security, Industrial control system, Computer security, computer.software_genre, Security controls, Critical infrastructure, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, NIST, business, computer
Abstract

As cyber attacks on national critical infrastructure have increased, researches are actively conducted to protect industrial control systems(ICS). Compared with existing IT systems, research on special attributes of ICS has been performed mainly, and based on this, many security requirements for ICSs have been derived. However, there is insufficient research on security control to understand and improve the security status of target ICS. To the best of our knowledge, only a comprehensive guide to applying existing security controls to ICSs is being presented. Therefore, this study suggests implications for the current security control items from the ICS point of view. For this purpose, each viewpoint for categorizing and analyzing information security control items was established and based on this, an integrated matrix of ICS security control was derived. Through the ICS security control matrix, the information security control items currently being guided are analyzed from the viewpoint of the ICS, and the present status and implications are derived. The findings can be used as an indicator to effectively apply appropriate controls to appropriate locations where security is required. It is also expected to be a useful reference for improving and supplementing security control items currently being used and used.

Published
2018

34. Cyber Influence Attack: Changes in Cyber Threats Seen in the Russian Hacking Incident

Author

Kyungho Lee, Moosung Park, and Mookyu Park

Subjects
021110 strategic, defence & security studies, Government, Impeachment, Presidential election, Computer science, media_common.quotation_subject, 0211 other engineering and technologies, ComputingMilieux_LEGALASPECTSOFCOMPUTING, 02 engineering and technology, Deception, Computer security, computer.software_genre, Social issues, Silence, Dismissal, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, computer, media_common, Hacker
Abstract

As the Russian government is revealed that it had intervened in the US presidential election by hacking, the social confusion caused by cyber attacks increased. This incident has led to the impeachment of the president by the dismissal of FBI director James Comey. In the French presidential election held in 2017, the social confusion created because of fake news during the period of election silence. The past cyber attacks were used as deception tactics, like the Georgian war. Nowadays, these attacks are concentrated in the period of social issues. In other words, these recent changes in cyber attacks have begun to have an adverse effect on systems in the real world, such as hybrid battlefields. This attack is called cyber influence attacks. This paper identifies the weaknesses of the basic democratic election system and classifies it against cyber influence attacks. In addition, we analyze the cyber influence attacks in Russia during the US presidential election in 2016 as a case study.

Published
2018

35. Breaking Text CAPTCHA by Repeated Information

Author

Kyungho Lee, Moosung Park, and Jae Hyeon Woo

Subjects
021110 strategic, defence & security studies, Information retrieval, CAPTCHA, Simple (abstract algebra), Computer science, Sample (material), 0211 other engineering and technologies, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, 02 engineering and technology, computer.software_genre, computer, Image (mathematics)
Abstract

CAPTCHA is a simple challenge-response tool to determine whether the user is a bot or human. The user must answer required text, calculate questions, or choose some images from the provider’s choice. D portal site, which is one of the most famous web portal site in Korea, asks text response in CAPTCHA image when joining a cafe group, but this CAPTCHA is structured in a very regular format which can be read very simply if used repeatedly. We can read the text characters by bot with very high accuracy through some easy steps, among 2,000 sample CAPTHCAs.

Published
2018

36. Cyber situational awareness enhancement with regular expressions and an evaluation methodology

Author

Min Sik Kim, Hyun Kyoo Park, Moosung Park, and Kyungho Lee

Subjects
Decision support system, Situation awareness, Computer science, Deep packet inspection, 06 humanities and the arts, 02 engineering and technology, 0603 philosophy, ethics and religion, Computer security, computer.software_genre, Cyber operations, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, 060301 applied ethics, Regular expression, computer
Abstract

Cybersecurity is one of critical issues in modern military operations. In cyber operations, security professionals depend on various information and security systems to mitigate cyber threats through enhanced cyber situational awareness. Cyber situational awareness can give decision makers mission completeness and providing appropriate timely decision support for proactive response. The crucial information for cyber situational awareness can be collected at network boundaries through deep packet inspection with security systems. Regular expression is regarded as a practical method for deep packet inspection that is considering a next generation intrusion detection and prevention, however, it is not commonly used by the reason of its resource intensive characteristics. In this paper, we describe our effort and achievement on regular expression processing capability in real time and an evaluation method with experimental result.

Published
2017

37. A Study on Improvement of Effectiveness Using Anomaly Analysis rule modification in Electronic Finance Trading

Author

Kyungho Lee and Eui-soon Choi

Subjects
Computer science, Fraudulent transaction, Online transaction processing, Anomaly detection, Electronic finance, Anomaly (physics), Computer security, computer.software_genre, Database transaction, computer, Type I and type II errors
Abstract

This paper proposes new methods and examples for improving fraud detection rules based on banking customer`s transaction behaviors focused on anomaly detection method. This study investigates real example that FDS(Fraud Detection System) regards fraudulent transaction as legitimate transaction and figures out fraudulent types and transaction patterns. To understanding the cases that FDS regard legitimate transaction as fraudulent transaction, it investigates all transactions that requied additional authentications or outbound call. We infered additional facts to refine detection rules in progress of outbound calling and applied to existing detection rules to improve. The main results of this study is the following: (a) Type I error is decreased (b) Type II errors are also decreased. The major contribution of this paper is the improvement of effectiveness in detecting fraudulent transaction using transaction behaviors and providing a continuous method that elevate fraud detection rules.

Published
2015

39. Study on Disaster Recovery Efficiency of Terminal PC in Financial Company

Author

Joon-Seob Yoon, Kyungho Lee, and Seung-Chul Yi

Subjects
Finance, Computer science, business.industry, Event (computing), Volume (computing), Disaster recovery, Computer security, computer.software_genre, Business continuity, Terminal (electronics), Data_FILES, Cyber-attack, business, computer
Abstract

Financial companies have invested a lot in their disaster recov ery system and exercised training more than once a year to comply related laws and regulations. But massive PCs(Personal C omputers) became disrupted simultaneously and it took a lot of time to recover massive PCs concurrently when March 20 cyber attack occurred. So, it was impossible to meet the tartgeted business continuity level. It was because the importance of PC recovery was neglected compared to other disaster recovery areas.This study suggests the measure to recover massive branch termi nal PCs of financial companies simultaneously in cost-effective way utilizing the existing technology and tests recovery time. It means that in the event of disaster financial companies could recover branch terminal PCs in 3 hours which is recommended recovery time by regulatory body. Other financial companies operating similar type and volume of branches would refer to the recovery structure and method proposed by this study.Keywords: Terminal, PC, desktop, disaster, recovery, cyber attack, malco de, APT, BCP, DRP

Published
2015

40. A Study on Decision Making Process of System Access Management

Author

Young-Seok Cho, Jong-In Im, and Kyungho Lee

Subjects
Information security audit, Information security management, Certified Information Security Manager, Computer science, Standard of Good Practice, Security management, Information security, Computer security, computer.software_genre, computer, Security information and event management, Threat
Abstract

Recently, the administration and supervision of Information Sec urity Certification and Security Inspection has been enforced but information leakage and security accidents by insiders are increasing consistently. The security accidents by insiders ran to 21% in 2010, by the 2011 Cyber Security Watch Survey. The probl em is that immediate recognition is difficult and stopgap measure is mostly adopted without company’s external notice app rehensive for cost increase or credit drop in case of internal security accidents. In the paper, we conducted the regression s tudy on security access management then proposed the standard process available for other systems and businesses sites. It ca n be very useful for many companies to investigate, analyze and improve the problem of security management conveniently. Keywords: Security Management, Regression Study I.서 론 † 최근 2011 Cyber Security Watch Survey [1]에 의하면 2010년 한 해 동안 발생한 보안사고 중 21%가 내부자에 의해 발생한 것이라고 밝혔다. 오늘날 내부자의 침입 행위는 네트워크 및 기반시설 보안

Published
2015

41. Studies on the effect of information security investment executive

Author

Joon-Sub Yoon, Seonghoon Jeong, Jong-in Lim, and Kyungho Lee

Subjects
Finance, Certified Information Security Manager, business.industry, Computer science, Information security, Computer security, computer.software_genre, Investment (macroeconomics), Asset (computer security), Security information and event management, Information security management, Security convergence, business, computer, Corporate security
Published
2014

42. Generating and ranking diverse multi-character interactions

Author

Carol O'Sullivan, Jehee Lee, Kyungho Lee, Jessica K. Hodgins, and Jungdam Won

Subjects
Dance, business.industry, Process (engineering), Character (computing), Computer science, Rank (computer programming), Animation, Machine learning, computer.software_genre, Computer Graphics and Computer-Aided Design, Choreography, Ranking, Human–computer interaction, Selection (linguistics), Artificial intelligence, business, Set (psychology), computer, ComputingMethodologies_COMPUTERGRAPHICS
Abstract

In many application areas, such as animation for pre-visualizing movie sequences and choreography for dance or other types of performance, only a high-level description of the desired scene is provided as input, either written or verbal. Such sparsity, however, lends itself well to the creative process, as the choreographer, animator or director can be given more choice and control of the final scene. Animating scenes with multi-character interactions can be a particularly complex process, as there are many different constraints to enforce and actions to synchronize. Our novel 'generate-and-rank' approach rapidly and semi-automatically generates data-driven multi-character interaction scenes from high-level graphical descriptions composed of simple clauses and phrases. From a database of captured motions, we generate a multitude of plausible candidate scenes. We then efficiently and intelligently rank these scenes in order to recommend a small but high-quality and diverse selection to the user. This set can then be refined by re-ranking or by generating alternatives to specific interactions. While our approach is applicable to any scenes that depict multi-character interactions, we demonstrate its efficacy for choreographing fighting scenes and evaluate it in terms of performance and the diversity and coverage of the results.

Published
2014

44. A Study on the Impact Analysis of Security Flaws between Security Controls: An Empirical Analysis of K-ISMS using Case-Control Study

Author

Jong-in Lim, Hwankuk Kim, and Kyungho Lee

Subjects
Computer Networks and Communications, Computer science, Standard of Good Practice, Information security, Computer security, computer.software_genre, Security information and event management, Security controls, Threat, Information security audit, Information security management, Security management, computer, Information Systems
Abstract

The measurement of information security levels is a very important but difficult task. So far, various measurement methods have studied the development of new indices. Note, however, that researches have focused on the problem of attaining a certain level but largely neglecting research focused on the issue of how different types of possible flaws in security controls affect each other and which flaws are more critical because of these effects. Furthermore, applying the same weight across the board to these flaws has made it difficult to identify the relative importance. In this paper, the interrelationships among security flaws that occurred in the security controls of K-ISMS were analyzed, and the relative impact of each security control was measured. Additionally, a case-control study was applied using empirical data to eliminate subjective bias as a shortcoming of expert surveys and comparative studies. The security controls were divided into 2 groups depending on whether or not a security flaw occurs. The experimental results show the impact relationship and the severity among security flaws. We expect these results to be applied as good reference indices when making decisions on the removal of security flaws in an enterprise

Published
2017

45. Developing Criteria for Invasion of Privacy by Personal Drone

Author

Kyungho Lee and Sohyeon Park

Subjects
020301 aerospace & aeronautics, Information privacy, business.industry, Aviation, Computer science, Internet privacy, Privacy laws of the United States, 02 engineering and technology, Computer security, computer.software_genre, Drone, 0203 mechanical engineering, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, computer
Abstract

Recently, concerns have increased over careless accidents and invasion of privacy caused by drones, in proportion to the growth of the consumer drone market. Accordingly, some countries including the US and Japan, and in Europe are establishing regulations and guidelines for drones aviation. However, the rules primarily concern aviation safety, and define broad criteria for invasion of privacy. Lack of specific criteria for invasion of privacy has caused disputes continually. Furthermore, fear of invasion of privacy led some people to take strong measures against drones. In this paper, we conduct a survey on image identifiability determined by resolution, and propose criteria on invasion of privacy induced by aerial drone filming. Based on the criteria, we calculate the range of distance and height where drone-induced invasion of privacy may be prevented. Our research may provide a basis for substantive legal criteria that constitute invasion of privacy, and for preventing disputes related to invasion of privacy.

Published
2017

46. Re-identification of medical records by optimum quasi-identifiers

Author

Yong Ju Lee and Kyungho Lee

Subjects
Computer science, Medical record, De-identification, Inference, 020207 software engineering, Subject (documents), 02 engineering and technology, Medical research, computer.software_genre, Re identification, Identifier, 0202 electrical engineering, electronic engineering, information engineering, Range (statistics), 020201 artificial intelligence & image processing, Data mining, computer
Abstract

Recently, medical records are shared to online for a purpose of medical research and expert opinion. There is a problem with sharing the medical records. If someone knows the subject of the record by using various methods, it can result in an invasion of the patient's privacy. De-identification techniques are applicable to address the problem, however, de-identified data has a risk of re-identification. For this reason, if de-identification techniques are not sufficient, it may increase a risk of re-identification. On the contrary, if the techniques are too excessive, data utility may be damaged. Meanwhile, de-identified data can be re-identified from inference using background knowledge. The objective of this paper is to analyze the probability of re-identification according to inferable quasi-identifiers. We analyzed factors, inferable quasi-identifiers, which can be inferred from background knowledge. Then, we estimated the probability of re-identification from taking advantage of the factors. As a result, we determined the effect of the re-identification according to the type and the range of inferable quasi-identifiers. This paper contributes to a decision on de-identification target and level for protecting patient's privacy through a comparative analysis of the probability of re-identification according to the type and the range of inference.

Published
2017

48. A Study on Efficiency of ISMS for ICS with Compliance

Author

Jun Seok Seo, Misun Song, and Kyungho Lee

Subjects
Index (economics), National security, General Computer Science, business.industry, Computer science, media_common.quotation_subject, Industrial control system, Computer security, computer.software_genre, Discretion, Policy Compliance, Compliance (psychology), SCADA, Risk analysis (engineering), Set (psychology), business, computer, media_common
Abstract

A policy is a set of ideas or plans that is used as a basis for making decisions, especially in politics, economics, or business, and it serves as a reference for the organization's activities or specific individual. In this sense, it is important to strengthen the capability of security performance. When it comes to Industrial Control Systems (ICS) which considerably affect the national security, policy compliance with consideration of ICS's characteristic is crucial. This paper is based on data from evaluating the degree of compliance of specific country's infrastructure with survey. Method used in this paper consists of four steps. First, an employee of specific company participates as a subject and evaluates the compliance of his/her organization with personal discretion. Second, determine criteria for further analysis. Third, analyze data for existence and compliance of policy. Fourth, calculate 'Policy- Domain-System (P-D-S)' index from data processed in the previous step. PDS and ISMS data can be used at the same time. This paper will contribute the efficiency of existing ISMS standard.

Published
2014

49. Security control analysis of ICS

Author

Youngin You, Kyungho Lee, and Dong-Kyun Seo

Subjects
Control system security, General Computer Science, business.industry, Computer science, Vulnerability, Industrial control system, computer.software_genre, Computer security, Security controls, SCADA, Information system, Malware, business, computer, Risk management
Abstract

Industrial control systems (ICS) are computer-controlled systems that monitor and control industrial processes that exist in the physical world. ICS monitors and controls the national infrastructure or industrial process including transportation facilities, water treatment and distribution, electrical power transmission and distribution, and gas pipelines. If a SCADA system is stationary, disaster is inevitable. But, many ICSes were not built to withstand security incidents, such as accidental cyber-related incidents, DoS attacks, and malware infiltrations. Vulnerability of ICS information system becomes clear, security evaluation of the system began to be implemented. Security evaluation for ICS information system has been implemented for all areas, it is performed without considering the characteristics of each field. Control to be applied to all areas, all the same, but the importance of the control is different. This paper has offered the reader a correlation analysis approach which will allow them to grade importance their defensive efforts. Once a prioritized list has been created, a risk management approach to addressing system vulnerabilities may occur. Furthermore, this result based on real data of power generation companies.

Published
2014

50. Advanced Protocol to Prevent Man-in-the-middle Attack in SCADA System

Author

Sangkyo Oh, Sangjin Lee, Kyungho Lee, and Hyunji Chung

Subjects
Authentication, Spoofing attack, General Computer Science, Network packet, business.industry, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Man-in-the-middle attack, Computer security, computer.software_genre, Stuxnet, PROFINET, SCADA, business, Protocol (object-oriented programming), computer, Computer network
Abstract

SCADA system is a computer system that monitors and controls the national infrastructure or industrial process including transportation facilities, water treatment and distribution, electrical power transmission and distribution, and gas pipelines. If a SCADA system is infected by a malicious worm, such as the Stuxnet, disaster is inevitable. Since the appearance of Stuxnet, researchers focused on detecting this intrusion in SCADA networks. As a result, various methods have been presented by researchers. One of them is to monitor traffic and detect anomalous patterns. However, it is not able to detecting a spoofed packet. This study present three cases of system anomaly by example of pattern based on real data of PROFINET/DCP protocol. And propose protection method using the authentication.

Published
2014

Catalog

Books, media, physical & digital resources
See catalog results