An Analysis of Research Trends in Information Security Based on Behavioral Economics

행동경제학 기반 정보보안 연구 동향 분석

  • 오명옥 (중앙대학교 융합보안학과) ;
  • 김정덕 (중앙대학교 산업보안학과)
  • Received : 2019.01.28
  • Accepted : 2019.03.30
  • Published : 2019.06.30


Recently, information security accidents are becoming more advanced as social engineering attacks using new types of malicious codes such as phishing. Organizations have made various efforts to prevent information security incidents, but tend to rely on technical solutions. Nevertheless, not all security incidents can be prevented completely. In order to overcome the limitations of the information security approach that depends on these technologies, many researchers are increasingly interested in People-Centric Security. On the other hand, some researchers have applied behavioral economics to the information security field to understand human behavior and identify the consequences of the behavior. This study is a trend analysis study to grasp the recent research trend applying the concept and idea of behavioral economics to information security. We analyzed the research trends, research themes, research methodology, etc. As a result, the most part of previous research is focused on 'operational security' topics, and in the future, it is required to expand research themes and combine behavioral economics with security behavioral issues to identify frameworks and influencing factors.


Supported by : IITP(Institute for Information & communications Technology Promotion)


  1. Min Sik Kim, Jong In Lim, " The Best Model to Optimize Security Investments with Considering a Corelation of Response Techniques Against Each Threat", Jouranl of Information and Security, Vol. 16, NO. 05, 2016.
  2. Jaewon Jun, Jung-hoon Le. Chae-ri Ki, "A Study on the influence of firm's Information Security Activities on the Information Security Compliance Intention of Employee", Jouranl of Information and Security, Vol.6, NO.7, pp. 51-59, 2016.
  3. Kunwoo Kim, Jungduk Kim, "The Values and Strategies of Industrial Security in Digital Economy", Korean Journal of Industry Security, Vol.8, NO.1, pp. 61-74, 2018
  4. Osterman Research, "Best Practices for Implementing Security Awareness Training", Osterman Research, 2008.
  5. Wan Soo, Lee, Chan Souk, Kim, Chong-Ryul, Park, "'Combination of 'Econ' and 'Nudge' : The Applicability of Concepts and Theories of Behavioral Economics in Communication Effect Researches", Korean Society For Journalism And Communication Studies, Vol. l, NO. 2, pp. 129-164, 2016.
  6. Future Technology Research Center, "ECOsight 3.0: Future Technology Outlook", Electronics and Telecommunications Research Institute, 2015
  7. Seung-min Lee, Geun-Hye Song, "Information security trends and security threat analysis", Electronics and Telecommunications Research Institute, 2017
  8. Kim Eun Ji, Lee Joon Tai, "The Empirical Study on the Misuse Intention Using Information System : Focus on Healthcare Service Secto" Jouranl of Information and Security, Vol. 16, No. 5, pp. 23-31, 2016.
  9. Kahneman, "Maps of bounded rationality: Psychology for behavioral economics", American Economic Review, Vol. 93, NO. 5, pp. 1449-1475, 2003.
  10. Seon-gil Yun, 'Heuristics and Persuasion', Communication Books, 2015
  11. Hang-Bae Chang, "An Exploratory Study of Industrial Security Studies for Science and Technologies Protection", The Korea navigation institute, Vol. 17, NO.1, pp. 123-131, 2013.
  12. Mi-Hwa Kang, Tae-Sung Kim, "Research Trends in Information Security Economics: Focused on the Articles Presented at WEIS", Journal of The Korea Institute of Information Security & Cryptology, Vol. 25, NO. 6, pp. 1561-1570, 2015.
  13. A. Gronlund, Editors, "State of the art in e-Gov Research-A survey", Proceeding of the 3rd International Conference of Electronic government, pp. 178-185, 2004.
  14. J. Webter, R. T. Watson, "Analyzing the Past to Prepare for the Future : Writing a Literature Review, Management Information System Quarterly", Vol.26, No.2, pp.13-23, 2002.
  15. Kunwoo Kim, Jungduk Kim, "An Analysis of Research Trends in Information Security Education", Journal of The Korea Institute of Information Security & Cryptology, VOL.26, NO.2, pp. 489-497, 2016.
  16. Myeong-gyun Song, Jungduk Kim, "An analysis of literature review about information security culture: Setting a direction for future study", Journal of Security Engineering, Vol. 12, NO. 5, pp. 515-524, 2015.
  17. A.V. Kozachok, M.V. Bochkov, E.V. Kochetkov, "Heuristic Malware Detection Mechanism Based on Executable Files Static Analysis", Proceeding of the 3rd International Conference of Information Technology and Nanotechnology, 2017.
  18. Lee-Jin Lee, Doo-Ho Park, Chang-Hoon Lee, "Information Security : Phishing Detection Methodology Using Web Sites Heuristic", Korea Information Processing Society, Vol. 4, NO. 10, pp. 349-360, 2015.
  19. Kyung-min Shim, Hoon-beom Hyun, Yong-tae Jeon, Hyun-sik Lee, "A Smishing Analysis and Correspondence method based on Heuristic", Korean Conference on Computers, pp. 1823-1825, 2015.