• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.1-12
• /
• 2021

An operation of an organization is currently using a digital environment which opens to potential cyber-attacks. These phenomena become worst as the cyberattack landscape is changing rapidly. The impact of cyber-attacks varies depending on the scope of the organization and the value of assets that need to be protected. It is difficult to assess the damage to an organization from cyberattacks due to a lack of understanding of tools, metrics, and knowledge on the type of attacks and their impacts. Hence, this paper aims to identify domains and sub-domains of cyber-attack taxonomy to facilitate the understanding of cyber-attacks. Four phases are carried in this research: identify existing cyber-attack taxonomy, determine and classify domains and sub-domains of cyber-attack, and construct the enhanced cyber-attack taxonomy. The existing cyber-attack taxonomies are analyzed, domains and sub-domains are selected based on the focus and objectives of the research, and the proposed taxonomy named AVOIDITALS Cyber-attack Taxonomy is constructed. AVOIDITALS consists of 8 domains, 105 sub-domains, 142 sub-sub-domains, and 90 other sub-sub-domains that act as a guideline to assist administrators in determining cyber-attacks through cyber-attacks pattern identification that commonly occurred on digital infrastructure and provide the best prevention method to minimize impact. This research can be further developed in line with the emergence of new types and categories of current cyberattacks and the future.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.911-914
• /
• 2014

The internet is established as the basic infrastructure of our life and we live in cyberspace on internet, and additionally many problems on cyberspace arise. One among them is the most serious cyber attack of the information society. The cyber attacks increase each year, attack type and the intelligence is evolving, and then the cyber ecosystem is getting more complicated. In this study, we analyze the Internet last incident status and type of Internet invasion and hacking methods, and analyze the corresponding national and international organizations and associations active status.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.1
• /
• pp.103-113
• /
• 2017

Cyber attacks can be classified by type of cyber war, terrorism and crime etc., depending on the purpose and intent. Those are mobilized the various means and tactics which are like hacking, DDoS, propaganda. The damage caused by cyber attacks can be calculated by a variety of categories. We may identify cyber attackers to pursue trace-back based facts including digital forensics etc. However, recent cyber attacks are trying to induce confusion and deception through the manipulation of digital information or even conceal the attack. Therefore, we need to do the harm-based analysis. In this paper, we analyze the damage caused during cyber attacks from economic and political point of view and by inferring the attack intent could classify types of cyber attacks.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2020.07a
• /
• pp.107-110
• /
• 2020

북한의 사이버 공격은 매년 증가하고 있으며 공격 수행인력 또한 6,800여 명으로 지속 늘어나고 있어 우리에게 큰 위협이 되고 있다. 그럼에도 불구하고 현재까지 북한의 사이버 공격사례 분석은 각각의 사건에 대한 개별 현황분석밖에 되지 않아 큰 시각에서의 공격 기술 유형이 어떻게 변화하였는지와 관련된 연구가 필요하다. 이에 따라 본 논문에서는 우선 사이버전의 일반사항 및 공격 기술을 확인하고 최근 3년간 발생한 북한의 사이버 공격사례를 조사하여 세부적으로 사용된 주요 공격 기술의 유형을 확인하고자 한다.

• Journal of IKEEE
• /
• v.26 no.3
• /
• pp.389-395
• /
• 2022

With the evolution of technology, cyber physical systems (CPSs) are being upgraded, and new types of cyber attacks are being discovered accordingly. There are many forms of cyber attack, and all cyber attacks are made to manipulate the target systems. A representative system among cyber physical systems is a cyber physical power system (CPPS), that is, a smart grid. Smart grid is a new type of power system that provides reliable, safe, and efficient energy transmission and distribution. In this paper, specific types of cyber attacks well known as false data injection attacks targeting state estimation and energy distribution of smart grid, and protection strategies for defense of these attacks and dynamic monitoring for detection are described.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.587-596
• /
• 2024

Cyber Attack and Cyber Threat are getting confused and evolved. Therefore, using AI(Artificial Intelligence), which is the most important technology in Fourth Industry Revolution, to build a Cyber Threat Detection System is getting important. Especially, Government's SOC(Security Operation Center) is highly interested in using AI to build SOAR(Security Orchestration, Automation and Response) Solution to predict and build CTI(Cyber Threat Intelligence). In this thesis, We introduce the Cyber Threat Detection System by analyzing Network Traffic and Web Application Firewall(WAF) Log data. Additionally, we apply the well-known TF-IDF(Term Frequency-Inverse Document Frequency) method and AutoML technology to classify Web traffic attack type.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.237-246
• /
• 2016

Recently various types of cyber attacks have occurred. The strategic goals & tactical means of these have evolved. Especially KHNP cyber attack was the type of hacktivism combined hack and psychological warfare. The cyber attackers have forecd the nation to participate in the cyber warfare and the government to make strategic decisions to the releases of confidential information and the threats of stopping KHNP. In this paper, we would like to study the effective strategic decision-making model utilizing the game theory and including an attack intelligence on open policy Decision framework.

• Convergence Security Journal
• /
• v.5 no.4
• /
• pp.27-32
• /
• 2005

Recently The social interest regarding is coming to be high about Home Network accordong to intelligence anger of diffusions and the family home appliance machineries and tools of the superhigh speed Internet In the ubiquitous computing socioty, only neither the threat of the private life which is caused by in cyber attack will be able to increase according to the computer environment dependence degree of the individual increases in the ubiquitous computing socioty, only neither the threat of the private life which is caused by in cyber attack will be able to increase according to the computer environment dependence degree of the individual increases Beacaues of Home network is starting point to go ubiquitous computing enviorment, The Increase of Cyber attack through Internet will raise its head with the obstacle to disrupt the activation of the groove network. So there is a possibility of saying that the counter-measure preparation is urgent, In the various environment like this, It means the threat which present time than is complicated will exist. So it will analyze the Home network system environment of present time and observe the Security threat and attack type in the ubiquitous computing enviorment. So it will analyze the Home network system environment of present time and observe the Security threat and attack type in the ubiquitous computing enviorment.

• Convergence Security Journal
• /
• v.18 no.3
• /
• pp.123-132
• /
• 2018

North Korea's cyber warfare capability is becoming a serious security threat to Korea because most of the operational systems of social infrastructure and advanced weapons system are all networked. Therefore, the purpose of this article is to examine what the Korean government should do to strengthen cyber security capabilities toward North Korea. For this purpose, this article analyzed North Korea's cyber attack cases against Korea by categorizing according to threat type and purpose. The research findings are as follows. It is necessary first, to have aggressive cyber protection and attack capabilities; second, to establish an integrated cyber security control tower that can be overseen by the national government; third, to need to legislate domestic cyber- related laws; fourth, to build a multilateral & regional cyber cooperation system. The implication of these findings are that it needs to be strengthened the cyber security capability from the cyber threats of North Korea by minimizing the damage during the peacetime period and for the complete warfare in case of emergency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.215-223
• /
• 2019

The recent trend of cyber attack threat is mainly APT (Advanced Persistent Threat) attack. This attack is a combination of hacking techniques to try to steal important information assets of a corporation or individual, and social engineering hacking techniques aimed at human psychological factors. Spear phishing attacks, one of the most commonly used APT hacking techniques, are known to be easy to use and powerful hacking techniques, with more than 90% of the attacks being a key component of APT hacking attacks. The existing research for cyber security threat defense is mainly focused on the technical and policy aspects. However, in order to preemptively respond to intelligent hacking attacks, it is necessary to study different aspects from the viewpoint of social engineering. In this study, we analyze the correlation between human personality type (DISC) and cyber security threats, focusing on spear phishing attacks, and present countermeasures against security threats from a new perspective breaking existing frameworks.