• Journal of the Korea Society of Computer and Information
• /
• v.25 no.9
• /
• pp.71-80
• /
• 2020

As societies become hyperconnected, we need more cyber security experts. To this end, in this paper, based on the analysis results of the real world cyber attacks and the MITRE ATT&CK framework, we developed CyTEA that can model cyber threats and generate simulated cyber threats in a cyber security training system. In order to confirm whether the simulated cyber threat has the effectiveness of the actual cyber threat level, the simulation level was examined based on procedural, environmental, and consequential similarities. in addition, it was confirmed that the actual defense training using cyber simulation threats is the same as the expected defense training when using real cyber threats in the cyber security training system.

• IE interfaces
• /
• v.17 no.3
• /
• pp.384-396
• /
• 2004

This paper is concerned with a six sigma green belt training program. Comparative studies of existing training programs for three major companies (Samsung Electronics Company, Hyundai Motor Company, and LG Chemical Ltd.) and two consulting firms (Korean Standards Association and Korea Management Association) are performed. Based on the comparative studies, a cyber green belt training program is developed. The training program, which is composed of 34 modules, follows a disciplined process of five macro phases: define, measure, analyze, improve, and control (DMAIC). This cyber training program is serviced in the homepage http://ise.chonbuk.ac.kr/∼sixsigma. It has been utilized as one semester subject of "Six Sigma Quality Management" in the department of industrial engineering. The advantage and disadvantage of this cyber training program are also discussed.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.26 no.7
• /
• pp.830-837
• /
• 2020

With the rapid development of information and communication technology, information exchange between ships and shore has become faster and more convenient, However, accessing ship information has also become easier and concerns about cyber security attacks are growing. When a ship suffers a cyber-attack, it may cause considerable damage and incurs enormous costs and time to repair. In response to this threat, the maritime industry now demands that a cyber security officer be assigned to each ship to take charge of cyber security management onboard. In order to reduce the damage cause by an attack and to respond effectively, a specialized training course for the ship's cyber security officer is required. The purpose of this study was to present a training course for the position of the ship's cyber security officer, and to highlight the necessity of amending current legislation, To this end, domestic and foreign trends, ship cyber security incident cases, and cyber security training courses were investigated, and based on the results a standard training course for a ship's cyber security of icer was developed. Additionally, recommendations on the related amendments to legislation ware established. The results of the study can be used as basic data to establish future training courses for cyber security officers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.533-540
• /
• 2016

It is important to establish the environment for cyber warrior training, testing support and effectiveness analysis in order to cope with sharply increasing cyber threat. However, those practices cannot be easily performed in real world and are followed with many constraints. In this paper, we propose a live/virtual M&S-based system for training/testing and constructive M&S-based system for effectiveness analysis to provide an environment similar to real world. These can be utilized to strengthen the capability to carry out cyber war and analyze the impact of cyber threat under the large-scale networks.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.22 no.6
• /
• pp.797-805
• /
• 2019

Threats targeting cyberspace are becoming more intelligent and increasing day by day. To cope with such cyber threats, it is essential to improve the coping ability of system security officers. In this paper, we propose a simulated threat generator that automatically generates cyber threats for cyber defense training. The proposed Simulated Threat Generator is designed with MITRE ATT & CK(Adversarial Tactics, Techniques and Common Knowledge) framework to easily add an evolving cyber threat and select the next threat based on the threat execution result.

• Hwankyungkyoyuk
• /
• v.21 no.2
• /
• pp.25-39
• /
• 2008

The purpose of the study was to develop cyber in-service training contents regarding environmental literacy for entry-level environmental public servants. The blended type of contents were developed, through literature review, contents analysis of other programs, and expert conferences. The validity of the contents developed was ensured experts in environment. Major research findings were as followings: First, there is a lack of time for entry-level environmental public servants to participate in the environmental in-service training programs. Therefore, cyber training can be a good solution to the problems with environmental training courses. It improves access to educational opportunities as it overcomes the limitations of time and space and provides hands-on experiences through multimedia materials that reflect the real world. Second, directions for developing cyber environmental education contents were represented in three parts; 1) strategies for developing cyber environmental education contents, 2) Models for developing cyber environmental education contents, 3) Contents selection for developing cyber environmental education contents Third, the developed contents for entry-level environmental officers consist of 4 domains: (1) the introduction to environment; (2) the natural scientific understanding of environment; (3) the humanistic understanding of environment; and (4) the social scientific understanding of environment. Fourth, the program developed was evaluated by 7 environmental education experts according to 10 evaluation items of total contents and contents development structure. In result, the validity of the program was ensured. Based on the results, some recommendations were suggested.

• Electronics and Telecommunications Trends
• /
• v.37 no.4
• /
• pp.36-45
• /
• 2022

As the interest in achieving an intelligent society grows with the fourth industrial revolution's development, information and communications technologies technologies like artificial intelligence (AI), Internet of Things, virtual reality, information security, and blockchain technology are being actively employed in different fields for achieving an intelligent society. With these modifications, the information security paradigm in industrial and public institutions, like personal sensitive data, is quickly changing, and it is exposed to different cyber threats and breaches. Furthermore, as the number of cyber threats and breaches grows, so does the need for rapid detection and response. This demand can be satisfied by establishing cyber training programs and fostering experts that can improve cyber security abilities. In this study, we explored the domestic and international technology trends in cyber security education and training facilities for developing experts in information security. Additionally, the AI technology application in the cyber training ground, which can be established to respond to and deter cyber threats that are becoming more intelligent, was examined.

• Journal of Internet Computing and Services
• /
• v.21 no.1
• /
• pp.191-199
• /
• 2020

Cyber warfare training is a key factor for boosting cyber warfare competence. In general, cyber warfare training is conducted by scenarios, and the effects of training can be enhanced by including various elements in the scenarios that can improve the quality of training. In this paper, we introduce the training information, network map, traffic generation policy, threat/defense behavior identified as elements to be included in training scenarios, and propose a method of authoring training scenarios by layering and combining them. We also propose a database design for integrated management of each scenario layer. The layered training scenario authoring method has the advantage of increasing convenience of authoring by reusing existing layers and extending training scenarios based on various combinations between the layers.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.11
• /
• pp.2184-2190
• /
• 2017

In the age of knowledge informationization, various educational programs utilizing cyber education were introduced to schools, corporate education, military service, lifelong education facilities as well as public education and training programs. In the case of the national government officials, the education and local government officials, which are organized by cyber center in the national civil service personnel development center, are organized by 15 cities and provincial public service training institutes. In 2008, it became to be mandatory for them to receive education and training over a certain period of a year through the introduction of the regular learning system of public officials, and cyber education got active in the education and training of public officials. The purpose of this study is to suggest the development plan of cyber education based on the results of the analysis of the trainees of the civil servants of Chungcheongnam-do who participated in the cyber education in the viewpoint of the public education and training system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.867-875
• /
• 2019

Security awareness and training are becoming more important as cyber security incidents tend to increase in industrial control systems, including nuclear power plants. For effective cyber security awareness and training for the personnel who manage and operate the target facility, a TEST-BED is required that can analyze the impact of cyber attacks from the sensor level to the operation status of the nuclear power plant. In this paper, we have developed an HIL system for nuclear power plant cyber security training. It includes nuclear power plant status simulations and specific system status simulation together with physical devices. This research result will be used for the specialized cyber security training program for Korean nuclear facilities.