• Convergence Security Journal
• /
• v.20 no.2
• /
• pp.29-35
• /
• 2020

The cyber attacks targeting the systems of national and public organizations in the front line of cyber security have been advanced, and the number of cyber attacks has been on the constant rise. In this circumstance, it is necessary to develop the security evaluation technology to prevent cyber attacks to the systems of national and public organizations. Most of the studies of the vulnerability analysis on the information systems of national and public organizations almost focus on automation. In actual security inspection, it is hard to automate some parts. In terms of security policies for threats, many different plans have been designed and applied in the managerial, physical, and technical fields, giving particular answers no matter how they are subjective or situational. These tendencies can be standardized in OCIL(Open Checklist Interactive Language), and partial automation can be achieved. Therefore, this study tries to implement XML Converter in order for OCIL based security level evaluation with typical evaluation questions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.331-346
• /
• 2019

Global cyber threats to industrial control systems are increasing. As a result, related research and cooperation are actively underway. However, we are focusing on strengthening security for physical network separation and perimeter. Internal threats are still vulnerable. This is because the easiest and strongest countermeasure is to enhance border security, and solutions for enhancing internal security are not easy to apply due to system availability problems. In particular, there are many vulnerabilities due to the large number of legacy systems remaining throughout industrial control systems. Unless these vulnerable systems are newly built according to the security framework, it is necessary to respond to these vulnerable systems, and therefore, a security solution considering availability has been verified and suggested. Using Sysmon and ELK, security solutions can detect Cyber-threat that are difficult to detect in unstructured ICS.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.14 no.5
• /
• pp.239-247
• /
• 2019

Recently, successful attacks on cyber-physical systems have been reported. As existing network security solutions are limited in preventing the system from malicious attacks, appropriate countermeasures are required from the perspective of the control. In this paper, the cyber and physical attacks are interpreted in terms of actuator and sensor attacks. Based on the interpretation, we suggest a strategy for designing Kalman filters to secure the resilience and safety of the system. Such a strategy is implemented in details to be applied for the lateral control of autonomous driving vehicle. A set of simulation results verify the performance of the proposed Kalman filters.

• Journal of Korea Multimedia Society
• /
• v.25 no.2
• /
• pp.197-205
• /
• 2022

The Cyber Physical System(CPS) is an important concept in achieving SMSs(Smart Manufacturing Systems). Generally, CPS consists of physical and virtual elements. The former involves manufacturing devices in the field space, whereas the latter includes the technologies such as network, data collection and analysis, security, and monitoring and control technologies in the cyber space. Currently, all these elements are being integrated for achieving SMSs in which we can control and analyze various kinds of producing and diagnostic issues in the cyber space without the need for human intervention. In this study, we focus on implementing a production equipment monitoring system related to building a SMS. First, we describe the development of a fog-based gateway system that links physical manufacturing devices with virtual elements. This system also interacts with the cloud server in a multimedia network environment. Second, we explain the proposed network infrastructure to implement a monitoring system operating on a cloud server. Then, we discuss our monitoring applications, and explain the experience of how to apply the ML(Machine Learning) method for predictive diagnostics.

• Smart Media Journal
• /
• v.6 no.3
• /
• pp.95-102
• /
• 2017

A large volume of research has been devoted to the development of security tools for protecting the Smart Grid systems, however the most of them have not taken the Availability, Integrity, Confidentiality (AIC) security triad model, not like CIA triad model in traditional Information Technology (IT) systems, into account the security measures for the electricity control systems. Thus, this study would propose a novel security framework, an abnormal behavior detection system, to maximize the availability of the control systems by considering a unique set of characteristics of the systems.

• International Journal of Computer Science & Network Security
• /
• v.23 no.2
• /
• pp.31-38
• /
• 2023

In the current Internet system, there are many problems using anonymity of the network communication such as personal information leaks and crimes using the Internet system. This is why TCP/IP protocol used in Internet system does not have the user identification information on the communication data, and it is difficult to supervise the user performing the above acts immediately. As a study for solving the above problem, there is the study of Policy Based Network Management (PBNM). This is the scheme for managing a whole Local Area Network (LAN) through communication control for every user. In this PBNM, two types of schemes exist. As one scheme, we have studied theoretically about the Destination Addressing Control System (DACS) Scheme with affinity with existing internet. By applying this DACS Scheme to Internet system management, we will realize the policy-based Internet system management. In this paper, required functions in the PBNM Scheme for multiple domains as cyber physical system that utilizes data science and AI is examined.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.1
• /
• pp.137-142
• /
• 2014

Industrial control system (ICS) is a computer based system which are typically used in nation-wide critical infra-structure facilities such as electrical, gas, water, wastewater, oil and transportation. In addition, ICS is essentially used in industrial application domain to effectively monitor and control the remotely scattered systems. The highly developed information technology (IT) and related network techniques are continually adapted into domains of industrial control system. However, industrial control system is confronted significant side-effects, which ICS is exposed to prevalent cyber threats typically found in IT environments. Therefore, cyber security vulnerabilities and possibilities of cyber incidents are dramatically increased in industrial control system. The vulnerabilities that may be found in typical ICS are grouped into Policy and Procedure, Platform, and Network categories to assist in determining optimal mitigation strategies. The order of these vulnerabilities does not necessarily reflect any priority in terms of likelihood of occurrence or severity of impact. Firstly, corporate security policy can reduce vulnerabilities by mandating conduct such as password usage and maintenance or requirements for connecting modems to ICS. Secondly, platfom vulnerabilities can be mitigated through various security controls, such as OS and application patching, physical access control, and security software. Thirdly, network vulnerabilities can be eliminated or mitigated through various security controls, such as defense-in-depth network design, encrypting network communication, restricting network traffic flows, and providing physical access control for network components.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2023.11a
• /
• pp.64-65
• /
• 2023

The purpose of this study was to assess the current status of cyber security at the Busan Port container terminal and derive strengthening factors through exploratory research. In recent years, the maritime industry has actively adopted Fourth Industrial Revolution technologies, resulting in changes in the form of ports, such as automated and smart terminals. While these changes have brought positive improvements in port efficiency, they have also increased the potential for cyber security incidents and threats, including information leakage through cargo handling equipment and ransomware attacks leading to terminal operations disruption. Especially in the case of ports, cyber security threats can have not only local effects within the port but also physical damage and implications for national security. However, despite the growing cyber security threats within ports, research related to domestic port cyber security remains limited. Therefore, this study aimed to identify factors for enhancing cyber security in ports and derive future enhancement strategies. The study conducted an analysis focusing on the Busan Port container terminal, which is one of the leading ports in South Korea actively adopting Fourth Industrial Revolution technologies, and conducted a survey of stakeholders in the Busan Port container terminal. Subsequently, exploratory factor analysis was used to derive strengthening factors. This study holds significance in providing directions for enhancing cyber security in domestic container ports in the future.

• ETRI Journal
• /
• v.42 no.2
• /
• pp.205-216
• /
• 2020

An arbiter physical unclonable function (APUF) has exponential challenge-response pairs and is easy to implement on field-programmable gate arrays (FPGAs). However, modeling attacks based on machine learning have become a serious threat to APUFs. Although the modeling-attack resistance of an MA-APUF has been improved considerably by architecture modifications, the response generation method of an MA-APUF results in low uniqueness. In this study, we demonstrate three design problems regarding the low uniqueness that APUF-based strong PUFs may exhibit, and we present several foundational principles to improve the uniqueness of APUF-based strong PUFs. In particular, an improved MA-APUF design is implemented in an FPGA and evaluated using a well-established experimental setup. Two types of evaluation metrics are used for evaluation and comparison. Furthermore, evolution strategies, logistic regression, and K-junta functions are used to evaluate the security of our design. The experiment results reveal that the uniqueness of our improved MA-APUF is 81.29% (compared with that of the MA-APUF, 13.12%), and the prediction rate is approximately 56% (compared with that of the MA-APUF (60%-80%).

• Journal of Information Technology Services
• /
• v.12 no.3
• /
• pp.151-163
• /
• 2013

It is no doubt that information technology is the key factor of national safety. Information technology is positively useful for national security such as crime prevention and detection, criminal investigation, disaster management, and national defense. However, it might be a threat to the security as we saw in the examples such as '3.4 DDoS attacks' and 'Nong-hyup Computer Network Failure.' Although the effect that information technology makes upon the national security is immense, the current legal system does not reflect these changes well. National security should be kept during 'prevention-response-recovery' process regardless it is in the online on offline. In addition, public administration for national security should be based on laws. However, the current legal system is lack of legislative basis on cyber and physical disaster, and the laws on the response to disaster might cause confusing. Therefore, this study examines the limitation of the current legal system on national security, and suggests directions for the development of the system based on the new establishment of the legal concept for 'national security'.