• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.645-656
• /
• 2019

As the number of cyber threats to control systems increases, the need for control system cyber security is also increasing. Currently, various cyber security related education and control system education are being conducted. However, it does not fully reflect the characteristics of the control system and the characteristics of the participants. In this paper, we propose a training system and technique to enhance the control system cyber security capability. To this end, we analyze the limitations of existing security education. Based on the results, we develop a control system training environment model based on the IEC62443 Standard and develop an ARCH based training method.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.05a
• /
• pp.302-305
• /
• 2020

정보처리기술이 발달함에 따라 원자력시설에 대한 사이버침해 가능성이 갈수록 높아지고 있다. 방사능방재법 및 관련 법령에 의거하여 국내 원자력시설은 각 시설 별 사이버사건 비상대응 절차를 수립하고 절차의 유효성 및 비상대응조직의 대응역량을 제고하기 위한 목적의 주기적인 사이버사건 대응훈련을 실시하고 있으며, 규제기관의 독립적인 훈련평가 결과를 통해 많은 개선사항이 도출되고 있다. 본 논문에서는 현행 원자력시설의 사이버사건 대응훈련 체계를 분석하여 사이버사건대응 훈련 정책의 개념에 대해, 국내·외 기준에 따른 사이버사건 대응훈련 정책의 요소를 식별하여 이를 개선하기 위한 구체적인 규제방안을 제시한다.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.189-197
• /
• 2023

The Republic of Korea Army (ROK Army) is currently developing the Army Synthetic Battle Training System (ASBTS) by 2026 and will use it to advance division-level LVC integrated training. This study proposes a way to improve the effectiveness and efficiency of training by applying VR/AR technology to the ASBTS. To this end, we analyzed cases of VR/AR technology use in the defense field in advanced countries and the ROK military. As a result, we confirmed that the effectiveness and efficiency of training can be improved when the training system is converted to an immersive system. Accordingly, we selected and presented defense training subjects to be applied to VR/AR technology, considered the development direction for applying VR/AR technology to the ASBTS, and proposed a way to apply VR/AR technology to the ASBTS.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.5
• /
• pp.818-828
• /
• 2018

Nowadays, various security systems are developed and used for protecting information on the network. Although security solutions can prevent some of the security risks, they provide high performance only if used appropriately in accordance with their purposes and functionality. Security solutions commonly used in information protection systems include firewalls, IDS, and IPS. However, despite various information protection systems are introduced, there are always techniques that can threaten the security systems through bypassing them. The purpose of this paper is to develop effective training techniques for responding to the bypass attack techniques in the information security systems and to develop effective techniques that can be applied to the training. In order to implement the test bed we have used GNS3 network simulator, and deployed it on top of virtual operating system using VirtualBox. The proposed correspondence training scenario against bypassing information protection system attacks could be very effectively used to counteract the real attacks.

• Journal of Digital Convergence
• /
• v.10 no.5
• /
• pp.37-51
• /
• 2012

The purpose of this study is to approach information security from a more comprehensive perspective. Particularly, information countermeasures includes a technological tool for end users, thereby increasing the end users' technological stresses. Based on the technostress framework, we investigate a effect of security awareness training on technostress, and also examine a effect of technostress on the persistent security compliance. Results showed that security awareness training influenced on techno-overload and techno-uncertainty. We also found that techno-overload and techno-uncertainty have a significant effect on the persistent security compliance. Conclusion and implications are discussed.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2016.05a
• /
• pp.164-166
• /
• 2016

2001년 미국 뉴욕에서 항공기를 테러수단으로 사용한 테러사건발생이후 국제항해선박과 항만시설에 대한 보안의 중요성이 강조되며 국제해사기구(IMO)에서 ISPS Code제정 국제적 테러대응을 한지 10년에 이르렀다. 그러나 여전히 항만보안에 대한 항만시설운영자의 관심을 받지 못하고 있으며 항만보안의 최일선을 담당하는 항만보안책임자 및 보안관리자의 교육 및 관리가 열악하다. 본 연구에서는 항만보안교육의 실태분석을 통하여 향후 우리나라가 항만보안교육을 임해야 할 방향성에 대해 제시하고자 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.11a
• /
• pp.1462-1464
• /
• 2008

본 논문에서는 정보시스템 운영시 발생하는 사용자 취약성(Human Vulnerability) 문제의 심각성에 대해 알아보고 이를 개선하기 위한 교육 및 훈련 프로그램을 다루고 있는 기존 관련 연구들을 조사 분석 한다. 아울러 기존 연구에서 보완되어야 할 개선 요구사항 들을 도출하여 향후 효과적인 취약성 개선 프로그램 제공을 위한 가상머신에 기반한 보안 훈련장 시스템 아키텍쳐를 제안한다.

• Convergence Security Journal
• /
• v.20 no.5
• /
• pp.65-74
• /
• 2020

Recently, with the rapid development of eXtended Reality(XR) technology, the development and use of education and training systems using XR technology is increasing significantly. In particular, in areas that involve great risks and high costs such as military training and counter-terrorism training, the use of XR based simulators is preferred because they can improve training performance, reduce training costs, and minimize the risk of safety issues that may occur in actual training, by creating a training environment similar to actual training. In this paper, we propose a plan to build and evaluate an XR based hyper-realistic counter-terrorism education, training, and evaluation system to improve the ROK police's ability to respond to terrorist situations using the 5G and AR based Integrated Command and Control Platform previously developed by the Korea Military Academy. The proposed system is designed to improve counter-terrorism capabilities with virtual training for individual and team units based on hyper-realistic content and training scenarios. Futhermore, it can also be used as a on-site command and control post in connection with a simulation training site and an actual operation site.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.10a
• /
• pp.512-514
• /
• 2018

최근 보안 버그의 중요성이 증가함에 따라, 버그 리포트 중 보안과 관련된 리포트를 빠르게 분류하는 기술이 필요하다. 기존 기술들은 버그 리포트의 단어들을 가지고 기계학습을 위한 훈련 데이터를 생성한다. 이 때 기계학습에 잡음이 발생하면 성능을 떨어뜨릴 수 있다. 이를 보완하기 위해 본 연구에서는 감정 단어를 활용하여 잡음을 줄인 보안 버그리포트를 자동으로 식별하는 기계학습기반 기술을 제안한다. 제안 기술은 기계학습 시 사용되는 훈련 데이터의 품질을 높이기 위해 감정 단어를 활용한다. 실험 결과 감정 단어를 활용했을 때 기존 기술 대비 보안 버그를 분류하는 정확도가 3.03% 향상되었다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.05a
• /
• pp.277-280
• /
• 2015

Smishing, Phishing personal privacy caused by Incident accidents such as Phishing information security has become a hot topic. Such incidents have privacy in personal information management occurs due to a lack of user awareness. This paper is based on the existing structure of the XML Tag question bank used a different Key-Value Structure-based JSON. JSON is an advantage that does not depend on the language in the text-based interchange format. The proposed system is divided into information security sector High, Middle and Low grade. and Provides service to the user through the free space and the smart device and the PC to the constraints of time. The use of open source Apache Load Balancing technology for reliable service. It also handles the user's web page without any training sessions Require server verification result of the training(training server). The result is sent to the training server using jQuery Ajax. and The resulting data are stored in the database based on the user ID. Also to be used as a training statistical indicators. In this paper, we design a level training system to enhance the user's information security awareness.