• Journal of Electrical Engineering and Technology
• /
• v.10 no.3
• /
• pp.888-894
• /
• 2015

This paper presents a unified model based assessment framework to quantify threats and vulnerabilities associated with control systems, especially in the SCADA (Supervisory Control and Data Acquisition) system. In the past, this system was primarily utilized as an isolated facility on a local basis, and then it started to be integrated with wide-area networks as the communication technology would make rapid progress. The introduction of smart grid, which is an innovative application of digital processing and communications to the power grid, might lead to more and more cyber threats originated from IT systems. However, an up-to-date power system often requires the real-time operations, which clearly implies that the cyber security would turn out to be a complicated but also crucial issue for the power system. In short, the purpose of this paper is to streamline a comprehensive approach to prioritizing cyber security risks which are expressed by the combination of threats, vulnerabilities, and values in the SCADA components.

• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.31 no.4
• /
• pp.72-81
• /
• 2023

The use of EFB (Electronic Flight Bag) has expanded, providing convenience to flight crews by minimizing paper usage within aircraft and offering the latest information, operability, and convenience related to aircraft operations. EFBs provide flight-sensitive information such as aircraft performance calculations, airport diagrams, routes, and approach procedures. For these information, EFBs connect to the cyber environment through Wi-Fi or self-contained data communication, allowing access to cloud-based systems for information updates, with administrators uploading the latest information for retrieval. However, in contrast to the evolving aviation technology, there is currently no legislation or security policy in place to maintain the security of EFBs, leaving them exposed to potential cyber threats. Therefore, improvements such as revising relevant laws to address potential cyber threats targeting EFBs and establishing and implementing EFB management systems are necessary. This paper aims to present the necessity for amending laws related to EFB security in response to cyber threats and suggests methods for enhancement.

• International Journal of Computer Science & Network Security
• /
• v.24 no.5
• /
• pp.64-72
• /
• 2024

In recent times cyber attackers can use Artificial Intelligence (AI) to boost the sophistication and scope of attacks. On the defense side, AI is used to enhance defense plans, to boost the robustness, flexibility, and efficiency of defense systems, which means adapting to environmental changes to reduce impacts. With increased developments in the field of information and communication technologies, various exploits occur as a danger sign to cyber security and these exploitations are changing rapidly. Cyber criminals use new, sophisticated tactics to boost their attack speed and size. Consequently, there is a need for more flexible, adaptable and strong cyber defense systems that can identify a wide range of threats in real-time. In recent years, the adoption of AI approaches has increased and maintained a vital role in the detection and prevention of cyber threats. In this paper, an Ensemble Deep Restricted Boltzmann Machine (EDRBM) is developed for the classification of cybersecurity threats in case of a large-scale network environment. The EDRBM acts as a classification model that enables the classification of malicious flowsets from the largescale network. The simulation is conducted to test the efficacy of the proposed EDRBM under various malware attacks. The simulation results show that the proposed method achieves higher classification rate in classifying the malware in the flowsets i.e., malicious flowsets than other methods.

• Spatial Information Research
• /
• v.10 no.1
• /
• pp.1-14
• /
• 2002

Due to the rapid development in information technology, countries of advanced information technology and multi-national information communication industries have expanding their invesment in constructing a cyber territory or a cyber city, and even a cyber globe that combines the real world with the cyber world. As such, in order to keep up with the competition with other countries to secure the Invisible Continent, Korea cannot afford to fall behind in the preparation and efforts to construct a cyber territory. Therefore in preparation for the inevitable establishment of a cyber territory, this study defined the concept of a cyber territory clearly and proposed a promotional strategy needed by the government for the establishment of a cyber territory. A cyber territory is 'the dynamic second territory that realizes various values in various aspects through organically combining innumerable active bodies in a surreal space and that are created by systematically and optimally connecting the physical topographical space and activity of the first nation to the cyberspace'. To explain further, a cyber territory is defined as another simulated space not only to manage the land systematically and deal with administrative services far the greater population, but also to contain economic activities of corporations and the citizens' everyday lives in a virtual reality by digitizing the entire territory including even the sea. In order to establish such cyber territory, it is necessary to revise related laws and policies, to foster related technology and industry as a main engine for national development, to promote public awareness, and to train related human resources.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.26 no.7
• /
• pp.830-837
• /
• 2020

With the rapid development of information and communication technology, information exchange between ships and shore has become faster and more convenient, However, accessing ship information has also become easier and concerns about cyber security attacks are growing. When a ship suffers a cyber-attack, it may cause considerable damage and incurs enormous costs and time to repair. In response to this threat, the maritime industry now demands that a cyber security officer be assigned to each ship to take charge of cyber security management onboard. In order to reduce the damage cause by an attack and to respond effectively, a specialized training course for the ship's cyber security officer is required. The purpose of this study was to present a training course for the position of the ship's cyber security officer, and to highlight the necessity of amending current legislation, To this end, domestic and foreign trends, ship cyber security incident cases, and cyber security training courses were investigated, and based on the results a standard training course for a ship's cyber security of icer was developed. Additionally, recommendations on the related amendments to legislation ware established. The results of the study can be used as basic data to establish future training courses for cyber security officers.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.9 no.2
• /
• pp.81-89
• /
• 2009

In this thesis we have developed an algorithm to evaluate each student's level of understanding and find out which subjects they are not good at when they get on-line lectures at a cyber university. This algorithm is based on fuzzy logic using each student's scores adjusted according to the level of difficulty. In addition, we also introduced a "duplex intellectual lecturing system" and an "evaluation method based on the level of understanding." With the duplex intellectual lecturing system students can ask questions on line at a cyber university and under the new evaluation method, there is no need for students to move between classes. As a result of a computer simulation test, the duplex on-line lecturing system has proven to be more effective than the current one-way cyber lecturing system.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.10 no.1
• /
• pp.137-144
• /
• 2010

Cyber lectures have been popular with students as they are more accessible. In this thesis we also created a personal identification confirmation system with RFID as it is quite difficult to confirm who is taking a lecture. In the process of developing the confirmation system, an algorithm enabling real-time identification confirmation, as well as interactive virtual questioning system, was also developed. After the computer simulation test we proved the duplex on-line lecturing system is more effective than the current one-way cyber lecturing system which does not take into consideration students with less/no degree of understanding.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.1
• /
• pp.171-178
• /
• 2015

In these days, the practical training education is getting highlighted in IT curriculum. This study is for the Cloud computing based Virtual Desktop Service Plan of IT education and its efficient operation and management plan. With the implementation of a virtual lab environment system, the training environment which is customized by the curriculum is able to be provided. Also in the case of the limited system, the curriculum is able to be provided for each subject in advance. Therefore if the Cloud Training (or Practicing) Portal system for the multiple cyber universities is implemented according to this study's estimated scale and operation managing policies, the virtual training education service system could be provided in more efficient and more effective ways.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.2
• /
• pp.1-8
• /
• 2016

A convergence of finance and information technology brought a remarkable development in Fin-Tech industry. On the other hand, currently existing laws seemed inappropriate to address the liability of financial institutions, Fin-tech enterprises and consumers in case of financial accidents due to its ambiguity. The minimum insurance obligation by financial institutions specified under the Electronic Financial Transaction Act 2006 is not keeping with current reality, considering transaction volume, frequency of incidents, and security investments. This paper aims to lay stress on the need of cyber liability insurance by understanding the domestic financial incidents and management, and the limit of existing insurance policy.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.8 no.9
• /
• pp.1313-1318
• /
• 2013

In order to actively respond to cyber attacks, not only the security systems such as IDS, IPS, and Firewalls, but also ESM, a system that detects cyber attacks by analyzing various log data, are preferably deployed. However, as the attacks be come more elaborate and advanced, existing signature-based detection methods start to face their limitations. In response to that, researches upon symptom detection technology based on attack modeling by employing big-data analysis technology are actively on-going. This symptom detection technology is effective when it can accurately extract features of attacks and manipulate them to successfully execute the attack modeling. We propose the ways to extract attack features which can play a role as the basis of the modeling and detect intelligent threats by carrying out scenario-based modeling.