• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.11a
• /
• pp.442-445
• /
• 2020

최근, 딥러닝 기술을 활용하여 암호 알고리즘 식별, 평문 복구, 이론적 암호분석을 향상시키는 방법 등이 제안되고 있다. 이 중, 2019년에 Xiao 등이 암호학적 특성을 고려되지 않고 2-라운드 DES의 평문복구 공격에 딥러닝을 적용하는 방법을 제안하였다. 본 논문에서는 이러한 기법을 향상하여 암호문과 평문의 선형 연관성을 고려한 평문 복구 공격을 딥러닝을 통해 수행하는 방법을 제안한다. 이를 활용하여, PRESENT의 평문 복구 공격을 5-라운드까지 가능함을 보인다.

• Electronics and Telecommunications Trends
• /
• v.38 no.4
• /
• pp.58-69
• /
• 2023

Cyberspace is emerging as a critical domain requiring national-level governance and international cooperation owing to its potential financial and societal impacts. This research aims to investigate the cybersecurity policies from major countries for understanding with comprehensive perspectives. Global trends emphasize a comprehensive command-centered approach, with top leadership directing cybersecurity policies. Key policy areas include security across technology ecosystems, protection of critical infrastructure, and software supply chain security. Investment is being focused on zero-trust architectures, software bills, and new technologies like artificial intelligence. For countries like Korea, immediate response and adaptation to these trends are crucial to develop and enforce national cybersecurity policies.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.11a
• /
• pp.151-153
• /
• 2023

Federated learning (FL)-based network intrusion detection techniques have enormous potential for securing the Industrial Internet of Things (IIoT) cybersecurity. The openness and connection of systems in smart industrial facilities can be targeted and manipulated by malicious actors, which emphasizes the significance of cybersecurity. The conventional centralized technique's drawbacks, including excessive latency, a congested network, and privacy leaks, are all addressed by the FL method. In addition, the rich data enables the training of models while combining private data from numerous participants. This research aims to create an FL-based architecture to improve cybersecurity and intrusion detection in IoT networks. In order to assess the effectiveness of the suggested approach, we have utilized well-known cybersecurity datasets along with centralized and federated machine learning models.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1167-1187
• /
• 2020

We are facing the situation where cyber threats such as hacking, malware, data leakage, and theft, become an important issue in the perspective of personal daily life, business, and national security. Although various efforts are being made to response to the cyber threats in the national and industrial sectors, the problems such as the industry-academia skill-gap, shortage of cybersecurity professionals are still serious. Thus, in order to overcome the skill-gap and shortage problems, we propose a Cybersecurity technical response Job Competency(CtrJC) framework by adopting the concept of cybersecurity personnel's job competency. As a sample use-case study, we implement the CtrJC against to personals who are charged in realtime cybersecurity response, which is an important job at the national and organization level, and verify the our framework's effects. We implement a sample model, which is a CtrJC against to realtime cyber threats (We call it as CtrJC-R), and study the verification and validation of the implemented model.

• The Journal of the Convergence on Culture Technology
• /
• v.7 no.1
• /
• pp.674-681
• /
• 2021

Cyber attacks targeting critical infrastructure are on the rise. Critical infrastructure is defined as core infrastructures within a country with a high degree of interdependence between the different structures; therefore, it is difficult to sufficiently protect it using outdated cybersecurity techniques. In particular, the distinction between the physical and logical risks of critical infrastructure is becoming ambiguous; therefore, risk management from a comprehensive perspective must be implemented. Accordingly, as a means of further actively protecting critical infrastructure, major countries have begun to apply their security and cybersecurity systems by design, as a more expanded concept is now being considered. This proactive security approach (CSbD, Cybersecurity by Design) includes not only securing the stability of software (SW) safety design and management, but also physical politics and device (HW) safety, precautionary and blocking measures, and overall resilience. It involves a comprehensive security system. Therefore, this study compares and analyzes security by design measures towards critical infrastructure that are leading the way in the US, Europe, and Singapore. It reflects the results of an analysis of optimal cybersecurity solutions for critical infrastructure. I would like to present a plan for applying by Design.

• Journal of Legislation Research
• /
• no.54
• /
• pp.155-192
• /
• 2018

As the 'hyper-connected society' has emerged through the 'Fourth Industrial Revolution, public interests as well as social dangers have increased. Above all, the risk of infringement of information, including confidential personal information, is dramatically increasing. As the hyper-connected society has been realized, even if only one of the internet devices is hacked, there would be a danger that the ripple effect of such a hacking spreads to the whole network. Therefore, the necessity and importance of information security, including cybersecurity, has been increasing. In other words, the stability of cyberspace and internet space is becoming more important. As a result, the Korean government is seeking to build a legal system related to information security, which would be able to cope with the information infringement problem in the hyper-connected society. However, it seems that the government is still struggling with the direction of building such a legal system. In this context, a comparative review examining the legal systems of advanced foreign countries will provide meaningful implications as to what kinds of legal policies we should devise and implement for information security. In particular, the U.S. legislative act that actively responds to the cybersecurity violations is worthy of reference. For this reason, this article systematically analyzes the current status of the U.S. cybersecurity laws. Especially, this article focuses on the "Cybersecurity Information Sharing Act of 2015"(hereinafter "CISA"), that was recently enacted by the U.S. congress. The CISA prescribes the systemic and detailed information-sharing between national and private entities. The CISA, that actively promotes information-sharing, is full of suggestions for us, in that information-sharing is an effective way to properly realize information security in today's hyper-connected society.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.1011-1020
• /
• 2021

Throughout the years, cybersecurity incidents related to the shipbuilding and maritime industries are occurring more frequently as the IT industry develops. Accordingly, expertise in the information protection industry is necessary, and effective education contents on information protection are needed for this purpose. Recently, there have been more and more cases of increasing user experience by applying Metaverse technology to the educational field. Therefore, this study analyzes the existing information protection education and training and the information protection education contents in the maritime industries and proposes four directions for content development (i.e., online education and seminars, cybersecurity threat learning of virtual ships, accident reproduction, and maritime cybersecurity exhibition operation).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.417-437
• /
• 2022

The quality of the fuzzing seed file is one of the important factors to discover vulnerabilities faster. Although the prior seed generation paradigm, using dynamic taint analysis and symbolic execution techniques, enhanced fuzzing efficiency, the yare not extensively applied owing to their high complexity and need for expertise. This study proposed the DDRFuzz system, which creates seed files based on sequence-to-sequence models. We evaluated DDRFuzz on five open-source applications that used multimedia input files. Following experimental results, DDRFuzz showed the best performance compared with the state-of-the-art studies in terms of fuzzing efficiency.

• ETRI Journal
• /
• v.44 no.6
• /
• pp.991-1003
• /
• 2022

Industrial control systems (ICSs) used to be operated in closed networks, that is, separated physically from the Internet and corporate networks, and independent protocols were used for each manufacturer. Thus, their operation was relatively safe from cyberattacks. However, with advances in recent technologies, such as big data and internet of things, companies have been trying to use data generated from the ICS environment to improve production yield and minimize process downtime. Thus, ICSs are being connected to the internet or corporate networks. These changes have increased the frequency of attacks on ICSs. Despite this increased cybersecurity risk, research on ICS security remains insufficient. In this paper, we analyze threats in detail using STRIDE threat analysis modeling and DREAD evaluation for distributed control systems, a type of ICSs, based on our work experience as cybersecurity specialists at a refinery. Furthermore, we verify the validity of threats identified using STRIDE through case studies of major ICS cybersecurity incidents: Stuxnet, BlackEnergy 3, and Triton. Finally, we present countermeasures and strategies to improve risk assessment of identified threats.

• Journal of Internet Computing and Services
• /
• v.24 no.5
• /
• pp.67-73
• /
• 2023

The Digital Age calls for improvement of information literacy particularly among children and youth who are vulnerable to cybergrooming. Taking an interdisciplinary approach by leveraging our team's expertise including child and adolescent development, data analytics, and cybersecurity, this study proposes an interactive artificial intelligence (AI)-based preventive simulation program that raises youth knowledge and awareness about the risk of cybergrooming as well as increases resilient self-efficacy in their cybersecurity-relevant skills. The primary purpose of this project is to evaluate the effectiveness of the simulation program on preventing cybergrooming. More specifically, this study is designed to examine developmental changes in self-efficacy of cybersecurity-relevant skills among youth participants as a function of the preventive simulation program. Further, this study will identify risk and protective factors that explain interindividual differences in the ability of children and youth either to fall victim to advances from a cyber predator or to recognize and deter such threats. The preliminary data will help improve the effectiveness of the preventive simulation program as well as the methods of implementation to large groups of youth. The findings from the proposed study will contribute to making specific recommendations to parents, educators, practitioners, and policy makers for the prevention of cybergrooming.