• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.41-47
• /
• 2006

Spyware is any technology that aids in gathering information about a person or organization with-out their knowledge. Software designed to serve advertising, known as adware, can usually be thought of as spyware as well because it almost invariably includes components for tracking and reporting user information. A piece of spyware and adware affect computers which can rapidly become infected with large numbers of spyware and adware components. Users frequently notice from un-wanted behavior and degradation of system performance, such as significant unwanted CPU activity, disk usage, and network traffic which thereby slows down legitimate uses of these resources. The presence of situation will continue because of rapid expansion of Internet usages. Therefore, security solutions, such as anti-adware and anti-spyware, for recovering these malfunction due to the malicious programs must be developed. However, studies on the malicious programs are still not sufficient. Accordingly, this paper has studied the malicious program techniques, based on the results of analysis of present adware and spyware techniques by employing collected samples, and presents efficient measures for blocking and remedying the malicious programs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1219-1223
• /
• 2013

Due to the fundamental features of smartphones, such as openness and mobility, a great deal of malicious software including spyware can be installed more easily. Since spyware can steal user's sensitive information and invade privacy, it is necessary to provide proper security mechanisms like secure virtual keyboards. In this paper, we propose a novel password input system to resist spyware and show how effectively it can reduce the threats.

• Asia pacific journal of information systems
• /
• v.21 no.3
• /
• pp.51-69
• /
• 2011

Security has been considered one of the most critical issues for managing IT resources in many organizations. Despite a growing interest and extensive research on security at various levels, little research has focused on the comparison of security knowledge levels between different cultures. The current study investigates and compares the security knowledge level between Korea and the U.S. Based on the literature review of spyware, Hofstede's cultural dimensions, and security knowledge, this study identifies three constructs (i.e., security familiarity, spyware awareness, and spyware knowledge) to examine the difference of security knowledge levels between Korea and the U.S. Six hundred ninety-six respondents from Korea and the U.S. participated in the survey, and an in-depth analysis based on analysis of covariance (ANCOVA) was carried out. The results show that the levels of security familiarity, spyware awareness, and spyware knowledge are significantly lower in Korea than in the U.S., as expected. These findings present a significant association between national culture and security knowledge, and the degree of individualism (or collectivism) plays an especially critical role in the perception of security. A number of implications for academia and practitioners emerge. Limitations and future research directions are discussed in the conclusion.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.207-214
• /
• 2014

Recently, smartphone spyware resembles various types of virus components in PCs and has trends getting more and more severe. Users do not perceive the risk factors severely even if smartphone security is very vulnerable in spite of the smartphone spyware growth. Thus, this study observes the influence of information security in selecting smartphone based on the personal inclinations and spyware perceptions. The main variables of study model are such as the degree of personal risk-accepting and the risk of smartphone spyware as independent variables and smartphone purchasing intention as a dependent variable. The model is tested using SPSS 21 packages on the effective 200 samples gathered through questionnaire survey on the present smartphone users. As a result, the two main hypotheses which are "the degree of personal risk-accepting will influence on the perceiving risk of smartphone spyware" and "the perceiving risk of smartphone spyware will influence on smartphone purchasing intention" were significant statistically. Therefore, we could find out information security's influence on the selecting smartphone.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.829-838
• /
• 2015

As the number of smartphone users have increased, many kinds of malwares have emerged. Unlike existing malwares, spyware can be installed normally after user authentication and agreement according to security policy. For this reason, it is not easy to catch spywares involving harmful functionalities to users by using existing malware detection system. Therefore, our paper focuses on study about detecting mainly wiretapping spywares among them by developing a new wiretapping detection model and application. Specifically, this study conducts to find out power consumption on each application and modular and network consumption to detect voice wiretapping so Open Source Project Power Tutor is used to do this. The risk assessment of wiretapping is measured by gathered all power consumption data from Open Source Project Power Tutor. In addition, developed application in our study can detect at-risk wiretapping spyware through collecting and analyzing data. After we install the application to the smartphone, we collect needed data and measure it.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.4 s.36
• /
• pp.305-313
• /
• 2005

Spyware is any software which employs a user's Internet connection in the background without their knowledge or explicit permission. The installation of spywares is generally done in a sneaky, misleading or unannounced manner. It does not only compromise the security and privacy of affected users but also be an obstruction to the digital convergence and ubiquitous computing environments. This paper provides a summary of the definition, status, risk analysis, and security controls of the spywares. Furthermore, this paper suggests additional controls which should be considered at an individual, organizational and national perspective.

• Review of KIISC
• /
• v.18 no.3
• /
• pp.17-24
• /
• 2008

우리는 언제부터인가 개인용 컴퓨터에 개인정보와 같은 민감한 데이터를 사용자의 동의 없이 수집하거나 성가시게 혹은 불쾌한 광고를 출력하는 프로그램들로 가득차 있는 것을 자주 경험하고 있다. 이러한 모든 행동들은 사용자의 적절한 동의 절차 없이 이루어졌다는 것이 가장 근본적인 문제이고 바로 여기서부터 문제를 해결해 나가야할 것이다. 그러나 법적으로 스파이웨어(Spyware)가 명확히 정의되어 있지 않고 그나마 (구)정보통신부에서 발표한 문건은 하루가 멀다 하고 새롭게 변화하는 스파이웨어들에 법적인 구속력을 적용하기 힘든 것이 현실이다. 이 글에서는 현재 국 내외에서 스파이웨어가 어떻게 정의되고 있는지 알아보고 스파이웨어를 정의하기 위해 필요한 기술적인 배경을 살펴봄으로써 보다 효율적인 법안을 마련하는 데 도움이 되고자 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.529-530
• /
• 2009

웹 브라우저 환경에서 통신 및 화면 갱신 기능을 제공하기 위해서 최근까지 ActiveX를 제공하였다. 하지만 ActiveX 배포에 따른 보안 문제 또는 Spyware 등으로 인한 개인 정보 노출 가능성을 배제할 수 없게 되었다. 따라서 본 논문에서 제안하는 웹 브라우저 환경에서의 통신 모듈 및 화면 갱신 기법을 통해서 ActiveX의 단점을 보완하려 한다. 또한, 여러 분야에서 적용 가능하지만 NMS 원격 감시 모니터링의 시뮬레이션을 통해서 적용 가능성을 검증하였다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.2
• /
• pp.23-35
• /
• 2015

When people stands near someone's mobile device, it can easily be seen by others. To rephrase this, attackers use human psychology to earn personal information or credit information or other. People are exposed by social engineering attacks. It is certain that we need more than just recommendation for the security to avoid social engineering attacks. This is why I proposed this paper. In this paper, I proposed an authentication technique using NFC and Hash function to stand against social engineering attack. Proposed technique result is showing that it could prevent shoulder surfing, touch event information, spyware attack using screen capture and smudge attack which relies on detecting the oily smudges left behind by user's fingers. Besides smart phone, IPad, Galaxy tab, Galaxy note and more mobile devices has released and releasing. And also, these mobile devices usage rate is increasing widely. We need to attend these matters and study in depth.

• Journal of Korea Game Society
• /
• v.5 no.1
• /
• pp.41-44
• /
• 2005

This paper is model can be useful and capable of automatically collecting and classifying the various information about a wide range of security incidents such as hackings, worms, spyware, cyber-terror, network espionage and information warfare from firewall, IDS, VPN and so on. According to them Internet game and an automated/integrated computer emergency response system can perform an attack assessment and an early warning for any incidents based on Enterprise Security Management environment.