• Journal of the Korea Institute of Military Science and Technology
• /
• v.21 no.6
• /
• pp.807-816
• /
• 2018

Threat hunting is defined as a process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions. The main concept of threat hunting is to find out weak points and remedy them before actual cyber threat has occurred. And HMM(Hunting Maturity Matrix) is suggested to evolve hunting processes with five levels, therefore, CSOC(Cyber Security Operations Center) can refer HMM how to make them safer from complicated and organized cyber attacks. We are developing a system for cyber situation awareness system with pro-active threat hunting process called unMazeTM. With this unMaze, it can be upgraded CSOC's HMM level from initial level to basic level. CSOC with unMaze do threat hunting process not only detecting existing cyber equipment post-actively, but also proactively detecting cyber threat by fusing and analyzing cyber asset data and threat intelligence.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.13-22
• /
• 2019

The purpose of this study is to suggest the educational system and direction of cyber operations officers of non-cyber operations forces who do not specialize in cyber operations. In order to carry out cyber operations as a joint operation, non-Cyber Operations officers must also know about cyber operations, but there is no education system for them at present, Since there is almost no previous research on this, research in the relevant field is necessary. Therefore, the education system was developed based on the prior literature review, that is, the education system, that is, the necessity of education, the object of education, the goals and contents of the education, and the curriculum. In addition, the relevant experts confirmed the validity of each item with Delphi method, and as a result, some improvement was needed, but it was shown to be suitable as a whole. In addition, detailed educational program development can be developed based on this in the future.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.1
• /
• pp.79-92
• /
• 2020

As the number of systems increases and the network size increases, automated attack prediction systems are urgently needed to respond to cyber attacks. In this study, we developed four types of information gathering sensors for collecting asset and vulnerability information, and developed technology to automatically generate attack graphs and predict attack targets. To improve performance, the attack graph generation method is divided into the reachability calculation process and the vulnerability assignment process. It always keeps up to date by starting calculations whenever asset and vulnerability information changes. In order to improve the accuracy of the attack target prediction, the degree of asset risk and the degree of asset reference are reflected. We refer to CVSS(Common Vulnerability Scoring System) for asset risk, and Google's PageRank algorithm for asset reference. The results of attack target prediction is displayed on the web screen and CyCOP(Cyber Common Operation Picture) to help both analysts and decision makers.

• The Journal of the Korea Contents Association
• /
• v.17 no.4
• /
• pp.596-605
• /
• 2017

Recently, it has been pointed out that the lack of professional ethics of computer and security experts is serious as college students majoring in information security and insiders who are in charge of security work are involved in crimes after being tempted to cyber crimes. In this paper, we investigate and analyze the security ethics awareness and education situation of college students majoring in information security, and examine the security ethics education method for human resource development with personality and qualities. As the information society becomes more widespread, the ethics and occupational consciousness of the university students who are majoring in information security are recognized as lack of awareness and education about security ethics, As a solution to solve these problems, it is expected that it will be possible to nurture security experts who are aware of their vocation through the educational plan to enhance the security ethics of the information security major college students. According to the security ethics education system proposed in the paper, the security ethical consciousness of the group that received education was remarkably improved.

• Nuclear Engineering and Technology
• /
• v.54 no.6
• /
• pp.2011-2022
• /
• 2022

According to the defense-in-depth concept, not only a preventive strategy but also an integrated cyberattack response strategy for NPPs should be established. However, there are limitations in terms of responding to penetrations, and the existing EOPs are insufficient for responding to intentional disruptions. In this study, we focus on manipulative attacks on process data. Based on an analysis of the related attack vectors and possible attack scenarios, we adopt the Kalman filter to detect process anomalies that can be caused by manipulations of process data. To compensate for these manipulations and secure MCR operators' situational awareness, we modify the Kalman filter such that it can filter out the effects of the manipulations adaptively. A case study was conducted using a hardware-in-the-loop system. The results indicated that the developed method can be used to verify whether the displayed safety-related state data are reliable and to implement the required safety response actions.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.109-119
• /
• 2023

C4I system is an integrated battlefield information system that automates the five elements of command, control, communications, computers, and information to efficiently manage the battlefield. C4I systems play an important role in collecting and analyzing enemy positions, situations, and operational results to ensure that all services have the same picture in real time and optimize command decisions and mission orders. However, the current C4I has limitations whenever a new weapon system is introduced, as it only provides battlefield visualization in a single area focusing on the battlefield situation for each military service. In a future battlefield that expands not only to land, sea, and air domains but also to cyber and space domains, improved command and control decisions will be possible if organic data from various weapon systems is gathered to quickly visualize the battlefield situation desired by the user. In this study, the visualization technology applicable to the future C4I system is divided into map area, situation map area, and display area. The technological implementation of this future C4I system is based on various data and communication means such as 5G networks, and is expected to enable hyper-connected battlefield visualization that utilizes a variety of high-quality information to enable realistic and efficient battlefield situation awareness.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.5
• /
• pp.492-501
• /
• 2019

To use the system safely in cyberspace, you need to use a security solution that is appropriate for your situation. In order to strengthen cyber security, it is necessary to accurately understand the flow of security from past to present and to prepare for various future threats. In this study, information security words of security/hacking news of Naver News which is reliable by using text mining were collected and analyzed. First, we checked the number of security news articles for the past seven years and analyzed the trends. Second, after confirming the security/hacking word rankings, we identified major concerns each year. Third, we analyzed the word of each security solution to see which security group is interested. Fourth, after separating the title and the body of the security news, security related words were extracted and analyzed. The fifth confirms trends and trends by detailed security solutions. Lastly, annual revenue and security word frequencies were analyzed. Through this big data news analysis, we will conduct an overall awareness survey on security solutions and analyze many unstructured data to analyze current market trends and provide information that can predict the future.

• 한국HCI학회:학술대회논문집
• /
• 2008.02b
• /
• pp.233-238
• /
• 2008

Ambient Media (or ambient displays, Wisneski et al 1998) is one of newly emergent dynamic design objects, representing information through subtle changes of everyday objects and environments. Unlike the existing GUI-based media focusing on the situation that a user is concentrating the media, ambient media enable a user to be peripherally aware of the information without his/her concentration. In order to design ambient media, it is necessary to interpret the basic elements of dynamic changes in physical space and the proper method to apply them for peripherally representing information in ambient media. The aim of this study is to investigate dynamic design elements and the method to apply them for ambient media design in physical space. We explored and refined the type of the dynamic design elements, analyzing dynamic qualities of ambient media cases as well as various time based design fields. As a result, 4 dynamic elements - tempo, connectivity, intensity and rhythm- were proposed. By literature reviews related to peripheral awareness in psychology or ambient media, we analyzed the characteristics of dynamic design elements. Based on that, we developed a new ambient media, 'Cyber Pung-Kyung', and applied dynamic elements for designing the prototype system. The research outcome is expected to contribute designing ambient media which can represent information peripherally or centrally as needed. Understanding the dynamic design elements is helpful for designing various time based design outcomes as well.