• Journal of the Korea Institute of Military Science and Technology
• /
• v.21 no.6
• /
• pp.807-816
• /
• 2018

Threat hunting is defined as a process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions. The main concept of threat hunting is to find out weak points and remedy them before actual cyber threat has occurred. And HMM(Hunting Maturity Matrix) is suggested to evolve hunting processes with five levels, therefore, CSOC(Cyber Security Operations Center) can refer HMM how to make them safer from complicated and organized cyber attacks. We are developing a system for cyber situation awareness system with pro-active threat hunting process called unMazeTM. With this unMaze, it can be upgraded CSOC's HMM level from initial level to basic level. CSOC with unMaze do threat hunting process not only detecting existing cyber equipment post-actively, but also proactively detecting cyber threat by fusing and analyzing cyber asset data and threat intelligence.

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.65-73
• /
• 2022

Since cyber operations are performed in a virtual cyber battlefield, the measurement indicators that can evaluate and visualize the current state of the cyber environment in a consistent form are required for the commander to effectively support the decision-making of cyber operations. In this paper, we propose a method to define various evaluation indicators that can be collected on the cyber battlefield, normalized them, and evaluate the cyber status in a consistent form. The proposed cyber battlefield status element consists of cyber asset-related indicators, target network-related indicators, and cyber threat-related indicators. Each indicator has 6 sub-indicators and can be used by assigning weights according to the commander's interests. The overall status of the cyber battlefield can be easily recognized because the measured indicators are visualized in time series on a single screen. Therefore, the proposed method can be used for the situational awareness required to effectively conduct cyber warfare.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2012.01a
• /
• pp.159-162
• /
• 2012

이 연구에서는 사회과 학습부진학생의 부진 원인을 규명하고 사이버 가정학습 2.0을 통해서 일어나는 인식변화과정의 분석을 통해 사이버 가정학습 2.0 시스템에 맞는 상황모형을 도출하였다. 수집된 자료는 근거이론을 통해 분석하였으며, 사회과 학습부진학생이 느끼는 부진 원인에는 인지적 영역과 정의적 영역이 함께 규명됐고, 사이버 가정학습 2.0을 통해 사회과 학습부진학생들은 부정적 인식을 긍정적으로 변화시켜감을 알 수 있었다. 특히 과정분석을 통해 상황모형을 도출한 결과 사회과 학습부진학생을 위한 사이버 가정학습 2.0 문제해결학습 모형이 도출하였는 바, 크게 도입, 문제규명, 탐색, 수행, 정리 및 평가의 다섯 단계로 나뉘어지는 것이었다. 향후에는 보다 장기간의 연구를 통해 학습부진학생의 가족과 또래관계의 분석이 포함된 연구나 사이버 가정학습 2.0과 교실수업을 보다 유기적으로 연계한 연구가 요청된다.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.143-151
• /
• 2020

The cyber battlefield called the fifth battlefield, is not based on geological information unlike the existing traditional battlefiels in the land, sea, air and space, and has a characteristics that all information has tightly coupled correlation to be anlayized. Because the cyber battlefield has created by the network connection of computers located on the physical battlefield, it is not completely seperated from the geolocational information but it has dependency on network topology and software's vulnerabilities. Therefore, the analysis for cyber battlefield should be provided in a form that can recognize information from multiple domains at a glance, rather than a single geographical or logical aspect. In this paper, we describe a study on the development of the cyber operation COP(Common Operational Picture), which is essential for command and control in the cyber warfare. In particular, we propose an architecure for cyber operation COP to intuitively display information based on visualization techniques applying the multi-layering concept from multiple domains that need to be correlated such as cyber assets, threats, and missions. With this proposed cyber operation COP with multi-layered visualization that helps to describe correlated information among cyber factors, we expect the commanders actually perfcrm cyber command and control in the very complex and unclear cyber battlefield.

• Proceedings of the Korean Information Science Society Conference
• /
• 2000.04a
• /
• pp.671-673
• /
• 2000

현실세계에서 사이버 세계로의 전환은 우리에게 많은 생활의 변화를 가져옴과 동시에 혼란을 동반 하고 있다. 이러한 상황에서 암호기술은 사이버 세계의 질서를 잡는 핵심기술로 발전하고 있다. 본 논문에서는 기존의 공개키 기반 구조의 단점들을 보안 하는 방법으로 생체인증 기술인 지문 인식시스템과 RSA암호 알고리즘을 결합한 새로운 인증 시스템을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.11a
• /
• pp.890-892
• /
• 2022

스마트폰 모바일 앱을 이용한 범죄 예방 시스템은 다양하게 제안되고 개발되어 왔으나, 생활 안전의 유지를 위한 경찰 등 공공 서비스를 위한 인력은 매우 부족한 실정이다. 본 연구는 스마트폰 이용자가 "범죄예방 이론"에 따라 "범죄 취약환경에 및 감시 등 방어기제 부재" 상황에서 신속하게 벗어날 수 있도록 도움을 주는 앱 시스템 필요성 인식에 따라 "긴급 상황 인식 및 자동 알림 신고 앱 시스템"을 기획하여 개발한 결과를 기술하였다.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.39-48
• /
• 2022

Cyberattacks around the world continue to increase, and their damage extends beyond government facilities and affects civilians. These issues emphasized the importance of developing a system that can identify and detect cyber anomalies early. As above, in order to effectively identify cyber anomalies, several studies have been conducted to learn BGP (Border Gateway Protocol) data through a machine learning model and identify them as anomalies. However, BGP data is unbalanced data in which abnormal data is less than normal data. This causes the model to have a learning biased result, reducing the reliability of the result. In addition, there is a limit in that security personnel cannot recognize the cyber situation as a typical result of machine learning in an actual cyber situation. Therefore, in this paper, we investigate BGP (Border Gateway Protocol) that keeps network records around the world and solve the problem of unbalanced data by using SMOTE. After that, assuming a cyber range situation, an autoencoder classifies cyber anomalies and visualizes the classified data. By learning the pattern of normal data, the performance of classifying abnormal data with 92.4% accuracy was derived, and the auxiliary index also showed 90% performance, ensuring reliability of the results. In addition, it is expected to be able to effectively defend against cyber attacks because it is possible to effectively recognize the situation by visualizing the congested cyber space.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.447-463
• /
• 2022

Artificial Intelligence (AI) technology is a major technology that develops smart ships into autonomous ships in the marine industry. Autonomous ships recognize a situation with the information collected without human judgment which allow them to operate on their own. Existing ship systems, like control systems on land, are not designed for security against cyberattacks. As a result, there are infringements on numerous data collected inside and outside the ship and potential cyber threats to AI technology to be applied to the ship. For the safety of autonomous ships, it is necessary to focus not only on the cybersecurity of the ship system, but also on the cybersecurity of AI technology. In this paper, we analyzed potential cyber threats that could arise in AI technologies to be applied to existing ship systems and autonomous ships, and derived categories that require security risks and the security of autonomous ships. Based on the derived results, it presents future directions for cybersecurity research on autonomous ships and contributes to improving cybersecurity.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2020.07a
• /
• pp.131-134
• /
• 2020

스마트시티로 가는 첫걸음이자 핵심이라 할 수 있는 IoT 기술이 우리의 삶을 변화시키고 있다. 원격에서 집 내부의 상태를 확인하며 조정할 수 있고, 집 내부의 상황도 영상을 통해 확인할 수 있게 되었다. 이처럼 IoT 기술은 우리 삶의 편리함을 제공하고 중요한 요소가 되었지만, IoT 환경 관리의 주체가 사용자 개인이거나 IoT 환경상태를 모니터링하며 관리할 수 있는 수단이 없어 관리가 되지 않고 있고 공격을 받아도 사용자가 알 수 없다는 특성 때문에 IoT 보안에 있어 심각한 문제를 일으킬 수 있다. 이러한 문제에도 불구하고 IoT 보안에 대한 인식과 IoT 환경에 특화된 관리 시스템은 갖춰지지 않고 있다. 본 논문에서는 오픈 소스 데이터 분석 및 시각화 솔루션인 Elastic Stack을 활용하여 손쉽게 IoT 환경을 관리하고 상태를 시각화하여 제공하는 IoT 환경 관리 시스템을 제안한다.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.5
• /
• pp.85-91
• /
• 2024

With the current surge in leisure sports activities involving firearms and the costly shooting practices in the military, there's a growing interest in using virtual reality as a cost-effective alternative. This study proposes a system that addresses the drawbacks of existing shooting practice setups, such as dim spaces and high installation costs, by making it feasible on large display screens. The system integrates IR receivers and guns for practice, ensuring usability and efficiency through an application. Additionally, an accuracy adjustment feature enhances precise coordination recognition. As a result, this cyber light gun system offers an affordable solution for outdoor training.