Browse > Article
http://dx.doi.org/10.13089/JKIISC.2019.29.2.401

Oversea IP Ranges Blocking for Security Enhancement of Critical Infrastructures with Cyber Threats Analysis in Electric Industry  

Han, Choong-Hee (Korea Power Exchange)
Park, Soon-Tai (Korea Internet & Security Agency)
Lee, Sang-Joon (Chonnam National Univ)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.29, no.2, 2019 , pp. 401-415 More about this Journal
Abstract
Recently, there has been a lot of studies and efforts to strengthen the stability of critical infrastructures against increasing cyber attacks to critical infrastructures. In this thesis, I defined what cyber threats are, after showing you various definitions about what cyber threats are and what the types are. After studying about significant cyber threats from China, I showed you the realities of cyber threats with the analysis about starting points, types of cyber threats, ratios of attacks and so on. At last, I defined guidelines about unnecessary oversea IP range blocking. Also, I proposed unnecessary oversea IP range blocking methodologies with per information system and per network system. Furthermore, I proposed blocking characteristics per security equipment and security operation improvement and blocking effects and service process to normal oversea users.
Keywords
cyber threats; critical infrastructures; cyber security; cyber threats; IP blocking;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Dennis H. McCallam and Preston D. Frazier, "Ubiquitous Connectivity and Threats: Architecting The Next Generation Cyber Security Operation," The 7th Annual IEEE International Conference, pp. 1506-1509, Aug. 2017.
2 Geet Parekh, David DeLatte, Geoffrey L. Herman, "Identifying Core Concepts of Cybersecurity: Results of Two Delphi Processes," IEEE Transactions on Education, vol. 61, no. 1, pp. 11-20, Feb. 2018.   DOI
3 Giyoung Kim, "Threats quantification technics for pre-detection about cyber threats," Journal of The Korea Institute of Information Security & Cryptology, 22(8), pp. 15-20, Dec. 2012.
4 SeolHwa Lim, "APT present condition and malignant code countermeasures," Journal of The Korea Institute of Information Security & Cryptology, 24(2), pp. 63-70, April. 2014.
5 YongWoo Lee, "A Study on the Critical Information Security Threat and Measures to Protect," Master's Thesis, Department of Management & Industry Graduate School of Hannam University, pp. 51-59, Aug. 2011.
6 DongHoon Song, "Cyber security threats assessment with atomic power infrastructures' cyber invasion cases studies," Journal of The Korea Institute of Information Security & Cryptology, 28(2), pp. 51-59, Apr. 2018.
7 Imsup Lee, "A study for Electric IT's Security Improvement measures," Master's Thesis, Department of Information Security Engineering Graduate School of Goryo University, pp. 50-75, Jun. 2012.
8 ChaWon Joo, "A study about Risk analysis and countermeasures with Public Agencies' cyber invasion types," Master's Thesis, Department of Information Security Engineering Graduate School of Goryo University, pp. 38-60, Jun. 2013.
9 Hoogy Lee, "A Study on Estimation of Malicious IP Storage Cycle in Security Monitoring Base," Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology Vol.7, No.7, pp. 953-962, July. 2017.
10 GyoungSoo Shin, "A Study on Cyber Threats from North Korea and Countermeasures," Doctor's Thesis, Department of Political Science and Diplomacy Graduate School of ChungNam University, pp. 103-239, Feb. 2018.
11 HaeGwon Choi, "Study on trend of DDoS threats and prevention for the network service security risk," Master's Thesis, Department of Technology & Industry Graduate School of Jeonbuk University, pp. 3-10, Feb. 2008.
12 Patrick P. Tsang, "Anonymous IP-address Blocking in Tor with Trusted Computing," Dartmouth College of USA, pp. 1-7, 2006.
13 Chris Wilcox, "Correlating Spam Activity with IP Address Characteristics," Colorado State University of USA, pp. 1-6, 2010
14 Ferry Astika Saputra, "Detecting and Blocking Onion Router Traffic Using Deep Packet Inspection," International Electronics Symposium(IES), pp. 283-288, June. 2016.
15 P. Ferguson, D. Senie, "Network ingress filtering: defeating denial of service attacks which employ ip source address spoofing(BCP 38)," May. 2000. http://tools.ietf.org/html/rfc2827
16 Vijayalakshmi Murugesan, "HPSIPT: A high-precision single-packet IP traceback scheme," Elsevier journal of Computer Networks, 143, pp. 275-288, July. 2018.   DOI
17 Clay Johnson III, "Executive Office of the President _ implementation of Trusted Internet Connections_m08-05," Executive office of the President, pp. 1, Nov. 2007.
18 Federal Network Resilience, "Trusted Internet Connections reference Architecture Document version 2.0_TIC_Ref_Arch_v2.2_2017," Homeland Security, pp. 1-75, June. 2017.