• Journal of the Korea Society of Computer and Information
• /
• v.24 no.11
• /
• pp.99-107
• /
• 2019

The "Risk management" and "Security monitoring" activities for cyber security are deeply correlated in that they prepare for future security threats and minimize security incidents. In addition, it is effective to apply a pattern model that visually demonstrates to an administrator the threat to that information asset in both the risk management and the security system areas. Validated pattern models have long-standing "control chart" models in the traditional quality control sector, but lack the use of information systems in cyber risk management and security systems. In this paper, a cyber Security Risk Monitoring (SRM) system that integrates risk management and a security system was designed. The SRM presents a strategy for applying 'security control' using the pattern of 'control charts'. The security measures were integrated with the existing set of standardized security measures, ISMS, NIST SP 800-53 and CC. Using this information, we analyzed the warning trends of the cyber crisis in Korea for four years from 2014 to 2018 and this enables us to establish more flexible security measures in the future.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.657-673
• /
• 2019

As various IT and OT systems such as Electronic Chart Display and Information System and Automatic Identification System are used for ships, security elements that take into account even the ship's construction and navigation environment are required. However, cyber security research on the ship and shipbuilding ICT equipment industries is still lacking, and there is a lack of systematic methodologies through threat modeling. In this paper, the Data Flow Diagram was established in consideration of stakeholders approaching the ship system. Based on the Attack Library, which collects the security vulnerabilities and cases of ship systems, STRIDE methodologies and threat modeling using the Attack Tree are designed to identify possible threats from ships and to present ship cyber security measures.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.27 no.3
• /
• pp.429-438
• /
• 2021

The mandatory installation of the ECDIS (Electronic Chart Display and Information System) became an important navigational equipment for navigation officer. In addition, ECDIS is a key component of the ship's digitalization in conjunction with various navigational equipment. Meanwhile, cyber-attacks emerge as a new threat along with digitalization. Damage caused by cyber-attacks is also reported in the shipping sector, and IMO recommends that cybersecurity guidelines be developed and included in International Security Management (ISM). This study analyzed the cybersecurity hazards of ECDIS, where various navigational equipment are connected. To this end, Importance-Performance Analysis (IPA) was conducted on navigation officer using ECDIS. As a result, the development of technologies for cyber-attack detection and prevention should be priority. In addition, policies related to 'Hardware and Software upgrade', 'network access control', and 'data backup and recovery' were analyzed as contents to be maintained. This paper is significant in deriving risk factors from the perspective of ECDIS users and analyzing their priorities, and it is necessary to analyze various cyber-attacks that may occur on ships in the future.

• Journal of Internet Computing and Services
• /
• v.23 no.5
• /
• pp.135-143
• /
• 2022

As the world has implemented social distancing and telecommuting due to the spread of COVID-19, real-time streaming sessions based on routing protocols have increased dependence on the Internet due to the activation of video and voice-related content services and cloud computing. BGP is the most widely used routing protocol, and although many studies continue to improve security, there is a lack of visual analysis to determine the real-time nature of analysis and the mis-detection of algorithms. In this paper, we analyze BGP data, which are powdered as normal and abnormal, on a real-world basis, using an anomaly detection algorithm that combines statistical and post-processing statistical techniques with Rule-based techniques. In addition, we present an interactive spatio-temporal analysis plan as an intuitive visualization plan and analysis result of the algorithm with a map and Sankey Chart-based visualization technique.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2022.11a
• /
• pp.369-370
• /
• 2022

최근 자율 운항 선박에 대한 관심이 높아지고 있다. 특히, MUNIN (Maritime Unmanned Navigation through Intelligence in Networks) 프로젝트를 계기로 자율 운항 선박에 대한 개발과 연구가 활발히 진행되고 있다. 또한 국제해사기구 IMO는 자율 운항 선박 시대에 대응하기 위해 자율 선박을 MASS (Maritime Autonomous Surface Ship)라 정의하고 선박 자율화 정도에 따라 4단계 등급을 제시하고 있다. 완전한 자율 운항 선박에 대한 요구조건을 만족하기 위해서는 항로 결정과 제어기술이 필수적이다. 본 연구에서는 여러 가지 기술 중 선박의 최적경로를 생성하는 기법을 다룬다. 기존에 최적항로를 생성하기 위한 방법으로는 A^*, Dijkstra와 같은 알고리즘들이 주로 사용되었다. 그러나 이와 같은 알고리즘은 섬이나 육지에 대한 충돌 회피는 고려하고 있지만 수심 및 연안 선박에 대한 규정들은 고려하지 않고 있어 실제로 적용하기에는 한계점이 있다. 따라서 본 연구에서는 안전을 위해 선박의 선저 여유 수심과, 해도에 규정되어 있는 선박 운항에 대한 여러 규정들을 반영하여 최적 항로를 생성하고자 한다. 최적 항로를 생성하기 위한 알고리즘으로는 강화학습 기반의 Q-learning 알고리즘을 적용하였다.