• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.7
• /
• pp.2425-2458
• /
• 2022

The continuous evolution and proliferation of computer technology and our increasing dependence on computer technology have created a new class of threats: "cyber threats." These threats can be defined as activities that can undermine a society's ability to maintain internal or external order while using information technology. Cyber threats can be mainly divided into two categories, namely cyber-terrorism and cyber-warfare. A variety of malware programs are often used as a primary weapon in these cyber threats. A significant amount of research work has been published covering different aspects of cyber threats, their countermeasures, and the policy-making for cyber laws. This article aims to review the research conducted in various important aspects of cyber threats and provides synthesized information regarding the fundamentals of cyber threats; discusses the countermeasures for such threats; provides relevant details of high-profile cyber-attacks; discusses the developments in global policy-making for cyber laws, and lastly presents promising future directions in this area.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.14 no.5
• /
• pp.239-247
• /
• 2019

Recently, successful attacks on cyber-physical systems have been reported. As existing network security solutions are limited in preventing the system from malicious attacks, appropriate countermeasures are required from the perspective of the control. In this paper, the cyber and physical attacks are interpreted in terms of actuator and sensor attacks. Based on the interpretation, we suggest a strategy for designing Kalman filters to secure the resilience and safety of the system. Such a strategy is implemented in details to be applied for the lateral control of autonomous driving vehicle. A set of simulation results verify the performance of the proposed Kalman filters.

• Convergence Security Journal
• /
• v.22 no.3
• /
• pp.87-99
• /
• 2022

Cyber attacks have become more difficult to detect and track as sophisticated and advanced APT attacks increase. System providence graphs provide analysts of cyber security with techniques to determine the origin of attacks. Various system provenance graph techniques have been studied to reveal the origin of penetration against cyber attacks. In this study, we investigated various system provenance graph techniques and described about data collection and analysis techniques. In addition, based on the results of our survey, we presented some future research directions.

• Journal of information and communication convergence engineering
• /
• v.9 no.4
• /
• pp.353-357
• /
• 2011

U.S. Obama government is submit a motion to consider cyber attacks on State as a war. 7.7DDoS attack in Korea in 2009 and 3.4 DDoS attacks 2011, the country can be considered about cyber attacks. China hackers access a third country, bypassing South Korea IP by hacking the e-commerce sites with fake account, that incident was damaging finance. In this paper, for WiBro service, DDoS attacks, hackers, security incidents and vulnerabilities to the analysis. From hacker's attack, WiBro service's prognostic relevance by analyzing symptoms and attacks, in real time, Divide Red, Orange, Yellow, Green belonging to the risk rating. For hackers to create a blacklist, to defend against attacks in real-time air-conditioning system is the study of security. WiBro networks for incident tracking and detection after the packets through the national incident response should contribute to the development of technology.

• Nuclear Engineering and Technology
• /
• v.52 no.5
• /
• pp.995-1001
• /
• 2020

With the development of digital instrumentation and control (I&C) devices, cyber security at nuclear power plants (NPPs) has become a hot issue. The Stuxnet, which destroyed Iran's uranium enrichment facility in 2010, suggests that NPPs could even lead to an accident involving the release of radioactive materials cyber-attacks. However, cyber security research on industrial control systems (ICSs) and supervisory control and data acquisition (SCADA) systems is relatively inadequate compared to information technology (IT) and further it is difficult to study cyber-attack taxonomy for NPPs considering the characteristics of ICSs. The advanced research of cyber-attack taxonomy does not reflect the architectural and inherent characteristics of NPPs and lacks a systematic countermeasure strategy. Therefore, it is necessary to more systematically check the consistency of operators and regulators related to cyber security, as in regulatory guide 5.71 (RG.5.71) and regulatory standard 015 (RS.015). For this reason, this paper attempts to suggest a template for cyber-attack taxonomy based on the characteristics of NPPs and exemplifies a specific cyber-attack case in the template. In addition, this paper proposes a systematic countermeasure strategy by matching the countermeasure with critical digital assets (CDAs). The cyber-attack cases investigated using the proposed cyber-attack taxonomy can be used as data for evaluation and validation of cyber security conformance for digital devices to be applied, and as effective prevention and mitigation for cyber-attacks of NPPs.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.301-304
• /
• 2016

Cyber world constitute the infrastructure of the country and its people and control. Cyber attacks and leakage of personal information are being threatened damage to the national economy and national security. December 2014 had been cyber hacking attacks on Korea Hydro & Nuclear Power Nuclear cooling system design drawings of a spill, and Cheong Wa Dae website hacked, KBS stations occurred in cyber hacking accidents. As a result, ICT-based Protection Act, Promotion of Information and Communications Network Utilization and Information Act on Protection, etc., privacy laws are being enforced, personal information in the form of requirements from leading high-tech eoryeowoona is to prevent the attacks of armed hackers Internet information society It proposes positive measures to keep your personal information officer and laws.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.27 no.3
• /
• pp.429-438
• /
• 2021

The mandatory installation of the ECDIS (Electronic Chart Display and Information System) became an important navigational equipment for navigation officer. In addition, ECDIS is a key component of the ship's digitalization in conjunction with various navigational equipment. Meanwhile, cyber-attacks emerge as a new threat along with digitalization. Damage caused by cyber-attacks is also reported in the shipping sector, and IMO recommends that cybersecurity guidelines be developed and included in International Security Management (ISM). This study analyzed the cybersecurity hazards of ECDIS, where various navigational equipment are connected. To this end, Importance-Performance Analysis (IPA) was conducted on navigation officer using ECDIS. As a result, the development of technologies for cyber-attack detection and prevention should be priority. In addition, policies related to 'Hardware and Software upgrade', 'network access control', and 'data backup and recovery' were analyzed as contents to be maintained. This paper is significant in deriving risk factors from the perspective of ECDIS users and analyzing their priorities, and it is necessary to analyze various cyber-attacks that may occur on ships in the future.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.103-111
• /
• 2009

Recently, cyber attacks against public communications networks are getting more complicated and varied. Moreover, in some cases, one country could make systematic attacks at a national level against another country to steal its confidential information and intellectual property. Therefore, the issue of cyber attacks is now regarded as a new major threat to national security. The conventional way of operating individual information security systems such as IDS and IPS may not be sufficient to cope with those attacks committed by highly-motivated attackers with significant resources. As a result, the monitoring and control of cyber security, which enables attack detection, analysis and response on a real-time basis has become of paramount importance. This paper discusses how to improve efficiency and effectiveness of national cyber security monitoring and control services. It first reviews major threats to the public communications network and how the responses to these threats are made and then it proposes a new approach to improve the national cyber security monitoring and control services.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.10a
• /
• pp.438-441
• /
• 2018

In this paper, we propose a finite impulse response (FIR) filter under malicious cyber attacks. The FIR filter shows the robust performance against the malicious cyber attacks. The Kalman filter (KF), one of the widely used filters, is introduced as a comparison of robust performance of the proposed method. The robust performance of the proposed method under malicious cyber attacks is demonstrated through experimental results.

• Journal of KIISE:Computing Practices and Letters
• /
• v.8 no.4
• /
• pp.457-467
• /
• 2002

In order to simulate cyber attacks and predict network behavior by attacks, we should represent attributes of network components in the simulation model, and should express characteristics of systems that carry out various cyber attacks and defend from these attacks. To simulate how network load may change under the cyber attacks, we extended SSF[9, 10] that is process-based event-oriented simulation system. We added a firewall class and a packet manipulator into the SSFNet that is a component of SSF. The firewall class, which is related to the security, is to simulate cyber attacks, and the packet manipulator is a set of functions to write attack programs for the simulation. The extended SSFNet enables to simulate a network with the security systems and provides advantages that make easy to port already exsiting attack programs and apply them to the simulation evironment. We made a vitual network model to verify operations of the added classes, and simulated a smurf attack that is a representative denial of sevive attack, and observed the network behavior under the smurf attack. The results showed that the firewall class and packet manipulator developed in this paper worked normaly.