• International Journal of Internet, Broadcasting and Communication
• /
• v.15 no.4
• /
• pp.115-127
• /
• 2023

In this paper, we have undertaken a comprehensive investigation into the current state of anti-drone technology due to the increasing concerns and risks associated with the widespread use of drones. We carefully analyze anti-drone technology, dividing it into three crucial domains: detection, identification, and neutralization methods. This categorization enables us to delve into intricate technical details, highlighting the diverse techniques used to counter evolving drone threats. Additionally, we explore the legal and regulatory aspects of implementing anti-drone technology. Our research also envisions potential directions for advancing and evolving anti-drone tech to ensure its effectiveness in an ever-changing threat environment.

• Convergence Security Journal
• /
• v.5 no.4
• /
• pp.27-32
• /
• 2005

Recently The social interest regarding is coming to be high about Home Network accordong to intelligence anger of diffusions and the family home appliance machineries and tools of the superhigh speed Internet In the ubiquitous computing socioty, only neither the threat of the private life which is caused by in cyber attack will be able to increase according to the computer environment dependence degree of the individual increases in the ubiquitous computing socioty, only neither the threat of the private life which is caused by in cyber attack will be able to increase according to the computer environment dependence degree of the individual increases Beacaues of Home network is starting point to go ubiquitous computing enviorment, The Increase of Cyber attack through Internet will raise its head with the obstacle to disrupt the activation of the groove network. So there is a possibility of saying that the counter-measure preparation is urgent, In the various environment like this, It means the threat which present time than is complicated will exist. So it will analyze the Home network system environment of present time and observe the Security threat and attack type in the ubiquitous computing enviorment. So it will analyze the Home network system environment of present time and observe the Security threat and attack type in the ubiquitous computing enviorment.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.43-54
• /
• 2016

The occurrence of cyber crime is on the rise every year, and the security control center, which should play a crucial role in monitoring and early response against the cyber attacks targeting various information systems, its importance has increased accordingly. Every endeavors to prevent cyber attacks is being attempted by information security personnel of government and financial sector's security control center, threat response Center, cyber terror response center, Cert Team, SOC(Security Operator Center) and else. The ordinary method to monitor cyber attacks consists of utilizing the security system or the network security device. It is anticipated, however, to be insufficient since this is simply one dimensional way of monitoring them based on signatures. There has been considerable improvement of the security control system and researchers also have conducted a number of studies on monitoring methods to prevent threats to security. In accordance with the environment changes from ESM to SIEM, the security control system is able to be provided with more input data as well as generate the correlation analysis which integrates the processed data, by extraction and parsing, into the potential scenarios of attack or threat. This article shows case studies how to detect the threat to security in effective ways, from the initial phase of the security control system to current SIEM circumstances. Furthermore, scenarios based security control systems rather than simple monitoring is introduced, and finally methods of producing the correlation analysis and its verification methods are presented. It is expected that this result contributes to the development of cyber attack monitoring system in other security centers.

• Journal of the Korea Convergence Society
• /
• v.9 no.7
• /
• pp.55-62
• /
• 2018

Recently, as the threat of cyber crime increases, the importance of security control to cope with cyber attacks on the information systems in the first place such as real-time detection is increasing. In the name of security control center, cyber terror response center and infringement response center, institutional control personnel are making efforts to prevent cyber attacks. Especially, we are detecting infringement accident by using network security equipment or utilizing control system, but it's not enough to prevent infringement accident by just controlling based on device-driven simple patterns. Therefore, the security control system is continuously being upgraded, and the development and research on the detection method are being actively carried out by the prevention activity against the threat of infringement. In this paper, we have defined the method of detecting infringement of major component module in order to improve the problem of existing infringement detection method. Through the performance tests for each module, we propose measures for effective security control and study effective infringement threat detection method by upgrading the control system using Security Information Event Management (SIEM).

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.2
• /
• pp.857-880
• /
• 2016

Due to an increasing number of cyberattacks globally, cybersecurity has become a crucial part of national security in many countries. In particular, the Digital Pearl Harbor has become a real and aggressive security threat, and is considered to be a global issue that can introduce instability to the dynamics of international security. Against this context, the cyberattacks that targeted nuclear power plants (NPPs) in the Republic of Korea triggered concerns regarding the potential effects of cyber terror on critical infrastructure protection (CIP), making it a new security threat to society. Thus, in an attempt to establish measures that strengthen CIP from a cybersecurity perspective, we perform a case study on the cyber-terror attacks that targeted the Korea Hydro & Nuclear Power Co., Ltd. In order to fully appreciate the actual effects of cyber threats on critical infrastructure (CI), and to determine the challenges faced when responding to these threats, we examine factual relationships between the cyberattacks and their responses, and we perform analyses of the characteristics of the cyberattack under consideration. Moreover, we examine the significance of the event considering international norms, while applying the Tallinn Manual. Based on our analyses, we discuss implications for the cybersecurity of CI in South Korea, after which we propose a framework for strengthening cybersecurity in order to protect CI. Then, we discuss the direction of national policies.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.10a
• /
• pp.420-423
• /
• 2019

최근 국내에서 발생되고 있는 사이버 공격들의 대부분은 기존 보안장비로 탐지가 어려운 지능형 공격으로 2017년 한 해 동안 발생한 사이버 공격의 경제적 피해액은 약 77조원에 달하고 있다. 또한 이러한 공격을 탐지하는데 평균 145일 정도가 소요되고 있으며 국내 기업 중 약 70% 가량은 사이버 공격을 적극적으로 대응하고 있지 않다. 이러한 공격들은 대부분 과거에 발생한 공격의 변형이거나, 특정 공격 집단이 수행하는 유사/변종 공격들이다. 이러한 사이버 공격을 사전에 탐지하거나 이미 발생된 공격의 변형된 공격을 신속하게 탐지하기 위해서 본 논문에서는 기존 사이버 공격에 사용된 다양한 정보들을 능동적으로 수집하여, 이들 간의 연관성을 분석하고, 실시간으로 유입되는 공격 의심정보와 비교분석하는 기술을 제시한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.951-958
• /
• 2021

With the growing cyber threat to information assets, it has become important to share threat information quickly. This paper examines the sharing of cyber threat information and presents a method to determine the importance of threat indicators in the information sharing market by calculating weights. The analysis was conducted using AHP techniques, with a pairwise comparison of the four factors(attacker & infected system indicators, role indicators, malicious file indicators, technique & spread indicators) and the details of each factor. Analysis shows that malicious file indicators are the most important among the higher evaluation factors and infected system IP, C&C and Smishing are the most important factors in comparison between detailed items. These findings could be used to measure the preference of consumers and the contribution of information provider for facilitating information sharing.

• KIPS Transactions on Software and Data Engineering
• /
• v.8 no.6
• /
• pp.223-234
• /
• 2019

Cyber attacks are an important factor that determines the victory and defeat of Network-centric wars in which advanced weapon systems are highly interlinked. In addition the increasing dependability on software as its develop as the latest fighter is demanding enhanced security measures for fighter software to Cyber attacks. In this paper, we apply the DO-326A, which is an airworthiness security certification standard, to design a risk-based security threat assessment process by reflecting characteristics and operational environment of fighter aircraft. To do this, we add the following steps in security threat assessment stage of DO-326A's airworthiness security certification process. First, we derive security threats of fighter. And then, we scored the security threat in terms of possibility and impact on the fighter. Finally, we determine the security risk severity.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.229-239
• /
• 2018

This paper analyzes the problems of existing CCTV and discusses cyber security problems of IP-CCTV in cloud computing environment. In order to reduce the risk of simply removing the risk associated with the provision of cloud services, the risk analysis and counter-measures need to be carried out effectively. Therefore, the STRIDE model as the Threat Risk Modeling is used to analyze the risk factors, and Analytic Hierarchy Process(AHP) is used to measure risk priorities based on the analyzed threats.

• Convergence Security Journal
• /
• v.12 no.1
• /
• pp.89-96
• /
• 2012

Information society which came due to advance of Information Technology improved the social and economical productivity as well as the quality of national life. But behind the right function the adverse effect as cyber terror is serious and become a big issue. Recently, hackings on a big scale occur frequently. The personal information stored in Internet company is leaked and customers are badly damaged by paralysis of banking system. Also hacking attacks by North Korea occur frequently. It causes confusion in our society and a threat to national security. In this paper, the trend of domestic cyber terror is observed and the countermeasure against cyber terror is proposed.