• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1595-1606
• /
• 2018

Recently, there has been an increase in the number of social engineering techniques that indirectly attack the target system administrators or organizational weaknesses rather than the traditional technical cyber attacks that directly attacked the target systems. Accordingly, the type analysis and case study of social engineering techniques are being actively conducted. There has been, however, little effort to derive an analysis model that systematically analyzes social engineering based cyberspace operations. Therefore, this paper aims at building a Social Engineering Based Cyberspace Operations Analysis Model, which can be used as a reference framework for a case study or attack scenario generation of social engineering based cyberspace operations.

• International Journal of Computer Science & Network Security
• /
• v.23 no.11
• /
• pp.59-66
• /
• 2023

Text mining (TM) is most widely used to find patterns from various text documents. Cyber-bullying is the term that is used to abuse a person online or offline platform. Nowadays cyber-bullying becomes more dangerous to people who are using social networking sites (SNS). Cyber-bullying is of many types such as text messaging, morphed images, morphed videos, etc. It is a very difficult task to prevent this type of abuse of the person in online SNS. Finding accurate text mining patterns gives better results in detecting cyber-bullying on any platform. Cyber-bullying is developed with the online SNS to send defamatory statements or orally bully other persons or by using the online platform to abuse in front of SNS users. Deep Learning (DL) is one of the significant domains which are used to extract and learn the quality features dynamically from the low-level text inclusions. In this scenario, Convolutional neural networks (CNN) are used for training the text data, images, and videos. CNN is a very powerful approach to training on these types of data and achieved better text classification. In this paper, an Ensemble model is introduced with the integration of Term Frequency (TF)-Inverse document frequency (IDF) and Deep Neural Network (DNN) with advanced feature-extracting techniques to classify the bullying text, images, and videos. The proposed approach also focused on reducing the training time and memory usage which helps the classification improvement.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.8 no.9
• /
• pp.1313-1318
• /
• 2013

In order to actively respond to cyber attacks, not only the security systems such as IDS, IPS, and Firewalls, but also ESM, a system that detects cyber attacks by analyzing various log data, are preferably deployed. However, as the attacks be come more elaborate and advanced, existing signature-based detection methods start to face their limitations. In response to that, researches upon symptom detection technology based on attack modeling by employing big-data analysis technology are actively on-going. This symptom detection technology is effective when it can accurately extract features of attacks and manipulate them to successfully execute the attack modeling. We propose the ways to extract attack features which can play a role as the basis of the modeling and detect intelligent threats by carrying out scenario-based modeling.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.11a
• /
• pp.208-209
• /
• 2023

IT(Information Technology) 기술이 고도화됨에 따라 금융 분야에서는 스마트 컨트랙트에 기반하여 자산을 거래할 수 있는 DeFi(Decentralized Finance)가 발전하고 있다. 또한, 다양한 IoT(Internet of Things) 기기들로 구성된 융합환경이 상호 연결되며 IoBE(Internet of Blended Environment)가 조성되고 있다. IoBE의 구성요소 중 의료융합환경인 디지털 헬스케어는 스마트 의료 기기를 통해 진료서비스를 제공한다. 최근에는 디지털 헬스케어 내 자산 거래 수단으로 DeFi를 활용하기 위한 연구가 진행되고 있다. 그러나, 디지털 헬스케어 서비스에 DeFi가 활용될 수 있음에 따라 DeFi 내 보안 위협이 전파될 수 있다. 전파된 보안 위협은 DeFi에서의 디지털 화폐 탈취뿐만 아니라, 디지털 헬스케어 내민감 정보 탈취, 서비스 거부 공격 등 복합 위협으로 이어질 수 있다. 따라서, 본 논문에서는 DeFi의 취약점을 분석하고 이를 기반으로 디지털 헬스케어에서 발생 가능한 공격 시나리오를 도출한다.

• Journal of Internet Computing and Services
• /
• v.21 no.1
• /
• pp.201-210
• /
• 2020

This paper proposes a framework for the battle damage assessment (BDA) of electronic warfare linked to cyber warfare. Thanks to the rapid development of information and communication technology, the importance of cyber warfare and electronic warfare in cyberspace is increasing. Therefore, the BDA for cyber warfare and its associated electronic warfare in cyberspace is an important factor that affects the success or failure of military operations. In this paper, we propose a method to calculate measure of performance and measure of effectiveness by classifying the electronic warfare system into large / medium / small classes according to the type of electronic warfare. By setting up a hypothetical scenario, we show the effectiveness of the proposed framework.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.527-535
• /
• 2023

To develop experts capable of responding to cyber security incidents, numerous institutions have established cyber training facilities to cultivate security professionals equipped with effective defense strategies. However, these challenges such as limited resources, scenario-based content development, and cost constraints. To address these issues, this paper proposes a virtual infrastructure variation generation framework. It provides customized, diverse IT infrastructure environments for each organization, allowing cyber defense trainers to accumulate a wide range of experiences. By leveraging Infrastructure-as-Code (IaC) containers and employing Word2Vec, a natural language processing model, mutable code elements are extracted and trained, enabling the generation of new code and presenting novel container environments.

• Journal of the Korea Safety Management & Science
• /
• v.25 no.4
• /
• pp.95-104
• /
• 2023

The purpose of this study is to propose measures to increase evacuation safety by calculating the habitable time using a fire and evacuation simulation program for the Room-escape cafe currently in operation, and comparing and analyzing it with the evacuation required time. Assuming a fire due to overheating of electric heaters in use in front of the warehouse, the habitable time was calculated through fire simulation, and the occupant's evacuation time calculated through evacuation simulation according installation of safety facilities, etc. was compared and analyzed with the habitable time. In the case of escape room cafes with safety facilities installed, evacuation safety was satisfied, but in escape room cafes without safety facilities, the evacuation safety was not secure. As a result of analyzing evacuation safety for each scenario based on the ASET analyzed in the fire simulation, it was found that in scenario 1, evacuation safety was secured and everyone successfully evacuated, while in scenario 2, no one succeeded in evacuation. These results can be said to confirm that the installation of safety facilities is very important in business establishments such as escape room cafes, which become enclosed structures when games are started.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2014.07a
• /
• pp.379-380
• /
• 2014

최근에 가장 대표적인 사이버 공격 방법이 악성코드를 사용한 공격 형태이며, 이에 대한 피해사례도 지속적으로 급증하고 있는 실정이다. 본 논문에서는 악성코드를 이용한 사이버 공격에 대한 피해를 줄이기 위해서 기존 탐지방법의 한계점을 분석하여 개선할 수 있는 증상 기반의 탐지방법과 상태 전이 개념을 도입한 시나리오 기반의 공격징후 탐지 알고리즘을 제안한다.

• Proceedings of the Korean Radioactive Waste Society Conference
• /
• 2005.06a
• /
• pp.311-318
• /
• 2005

Transparency on the Total System Performance Assessment (TSPA) is the key issue to enhance the public acceptance for a permanent high level radioactive repository. To approve it, all performances on TSPA through Quality Assurance is necessary. The integrated Cyber R&D Platform is developed by KAERI using the T2R3 principles applicable for five major steps in R&D's. The proposed system is implemented in the web-based system so that all participants in TSPA are able to access the system. It is composed of FEAS (FEp to Assessment through Scenario development) showing systematic approach from the FEPs to Assessment methods flow chart, PAID (Performance Assessment Input Databases) showing PA(Performance Assessment) input data set in web based system and QA system receding those data. All information is integrated into Cyber R&D Platform so that every data in the system can be checked whenever necessary. For more user-friendly system, system upgrade included input data & documentation package is under development. Throughout the next phase R&D, Cyber R&D Platform will be connected with the assessment tool for TSPA so that it will be expected to search the whole information in one unified system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.101-106
• /
• 2004

Recently, a network defense simulator becomes essential in studying cyber incidents because the cyber terror become more and more interesting. The network defense simulator is a tool to estimate damages and an effectiveness of a defense mechanism by modeling network intrusions and defense mechanisms. Using this tool, users can find efficient ways of preventing a cyber terror and recovering from the damage. Previous simulators start the simulation after entire scenario has made and been loaded to simulation engine. However, in this way it can't model human judgement and behavior, and it can't simulate the real cyber terror very well. In this paper, we have added a dynamic simulation component to our previous network security simulator. This component improved accurate modeling of network intrusions and defense behaviors. We have also proposed new modified architecture of the simulation system. Finally we have verified correct simulation results from stammer worn simulation.