• Journal of Internet Computing and Services
• /
• v.19 no.1
• /
• pp.1-10
• /
• 2018

Network threats such as Internet worms and computer viruses have been significantly increasing. In particular, APTs(Advanced Persistent Threats) and ransomwares become clever and complex. IDSes(Intrusion Detection Systems) have performed a key role as information security solutions during last few decades. To use an IDS effectively, IDS rules must be written properly. An IDS rule includes a key signature and is incorporated into an IDS. If so, the network threat containing the signature can be detected by the IDS while it is passing through the IDS. However, it is challenging to find a key signature for a specific network threat. We first need to analyze a network threat rigorously, and write a proper IDS rule based on the analysis result. If we use a signature that is common to benign and/or normal network traffic, we will observe a lot of false alarms. In this paper, we propose a scheme that analyzes a network threat and extracts key signatures corresponding to the threat. Specifically, our proposed scheme quantifies the degree of correspondence between a network threat and a signature using the LDA(Latent Dirichlet Allocation) algorithm. Obviously, a signature that has significant correspondence to the network threat can be utilized as an IDS rule for detection of the threat.

• Asia pacific journal of information systems
• /
• v.23 no.2
• /
• pp.87-109
• /
• 2013

While many surveys show very positive attitudes on the part of consumers towards eco-friendly products, the market share actually reflecting green IT purchases remains low in most countries. The motivations behind green IT purchase behavior are still obscure. Several studies have addressed the question of green IT diffusion from economic and normative viewpoints in an attempt to interpret IT adoption behavior. This study comes at the question from a different angle, namely negative frame, examining threat and coping behaviors using the Ordered Protection Motivation (OPM) model and threat appraisal theory. The results show that attitudes toward fairness and positive change, which are precedents of threat appraisal, play an important role in determining threat appraisal. Perceived threats in the green IT arena include habit change and ecological change. Appraisal for coping with these threats directly affects initial adoption behaviors regarding available green IT, and then indirectly encourages the purchase of new green IT products.

• Journal of Internet Computing and Services
• /
• v.13 no.5
• /
• pp.21-31
• /
• 2012

Threat Evaluation(TE) which has air intelligence attained by identifying friend or foe evaluates the target's threat degree, so it provides information to Weapon Assignment(WA) step. Most of TE data are passed by sensor measured values, but existing techniques(fuzzy, bayesian network, and so on) have many weaknesses that erroneous linkages and missing data may fall into confusion in decision making. Therefore we need to efficient Threat Evaluation system that can refine various sensor data's linkages and calculate reliable threat values under unpredictable war situations. In this paper, we suggest new threat evaluation system based on information fusion JDL model, and it is principle that combine fuzzy which is favorable to refine ambiguous relationships with bayesian network useful to inference battled situation having insufficient evidence and to use learning algorithm. Finally, the system's performance by getting threat evaluation on an air defense scenario is presented.

• Convergence Security Journal
• /
• v.17 no.2
• /
• pp.53-68
• /
• 2017

Today, information sharing is recognized as a means to effectively prevent cyber attacks, which are becoming more intelligent and advanced, so that many countries such as U.S., EU, UK, Japan, etc. are establishing cyber threat information sharing system at national level. In particular, the United States has enacted the "Cyber Threat Information Sharing Act (CISA)" in December 2015, and has been promoting the establishment of a legal and institutional basis for sharing threat information and the implementation of the system. Korea is sharing cyber threat information in public and private sectors mainly through the National Cyber Security Center(NCSC) and the Korea Internet & Security Agency(KISA). In addition, Korean government is attempting to strengthen and make legal basis for unified cyber threat information sharing system through establishing policies. However, there are also concerns about issues such as leakage of sensitive information of companies or individuals including personal identifiable information that may produced during the cyber threat information sharing process, reliability and efficiency issues of the main agents who gather and manage information. In this paper, we try to derive improvement plans and implications by comparing and analyzing cyber threat information sharing status between U.S. and Korea.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.873-883
• /
• 2013

Security vulnerability quantification is the method that identify potential vulnerabilities by scoring vulnerabilities themselves and their countermeasures. However, due to the structural feature of smart grid system, it is difficult to apply existing security threat evaluation schemes. In this paper, we propose a network model to evaluate smartgrid security threat for AMI and derive attack scenarios. Additionally, we show that the result of security threat evaluation for proposed network model and attack scenario by applying MTTC scheme.

• Journal of Korean Association for Spatial Structures
• /
• v.11 no.4
• /
• pp.89-99
• /
• 2011

As the scope of the target of terrorism is recently extending, the danger of domestic terroristic attacks is increasing constantly, and the form of terrorism is changing from hard targets such as significant facilities of the country into soft target of multi-complex buildings such as skyscrapers. Accordingly this study analyzes the terrorism threat level on skyscrapers by comparing the assessment results of the terrorism threat level on skyscrapers and high-rise buildings with the assessment results of the terrorism threat level on low-rise buildings through fema 455 - Rapid Visual Screening. As a result, skyscrapers and high-rise buildings are relatively higher threat rating than consequences and vulnerability rating. This is caused by the fact that the terrorism threat level on skyscrapers is high due to their residents and their national or regional symbolism and visibility

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.44 no.4
• /
• pp.43-52
• /
• 2021

In weapon assignment studies to defend against threats such as ballistic missiles and long range artillery, threat assessment was partially lacking in analysis of various threat attributes, and considering the threat characteristics of warheads, which are difficult to judge in the early flight stages, it is very important to apply more reliable optimal solutions than approximate solution using LP model, Meta heuristics Genetic Algorithm, Tabu search and Particle swarm optimization etc. Our studies suggest Generic Rule based threat evaluation and weapon assignment algorithm in the basis of various attributes of threats. First job of studies analyzes information on Various attributes such as the type of target, Flight trajectory and flight time, range and intercept altitude of the intercept system, etc. Second job of studies propose Rule based threat evaluation and weapon assignment algorithm were applied to obtain a more reliable solution by reflection the importance of the interception system. It analyzes ballistic missiles and long-range artillery was assigned to multiple intercept system by real time threat assessment reflecting various threat information. The results of this study are provided reliable solution for Weapon Assignment problem as well as considered to be applicable to establishing a missile and long range artillery defense system.

• Journal of Korea Society of Industrial Information Systems
• /
• v.26 no.5
• /
• pp.69-77
• /
• 2021

This study aims to identify security-based threat information for an organization. This is because protecting the threat for IT systems plays an important role for an corporate's intangible assets. Security monitoring systems determine and consequently respond threats by analyzing them in a real time situation, focusing on events and logs generated by security protection programs. The security monitoring task derives priority by dividing threat information into reputation information and analysis information. Reputation information consisted of Hash, URL, IP, and Domain, while, analysis information consisted of E-mail, CMD-Line, CVE, and attack trend information. As a result, the priority of reputation information was relatively high, and it is meaningful to increase accuracy and responsiveness to the threat information.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.22 no.6
• /
• pp.715-721
• /
• 2012

A threat evaluation is the technique which decides order of priority about tracks engaging with enemy by recognizing battlefield situation and making it efficient decision making. That is, in battle situation of multiple target it makes expeditious decision making and then aims at minimizing asset's damage and maximizing attack to targets. Threat value computation used in threat evaluation is calculated by sensor data which generated in battle space. Because Battle situation is unpredictable and there are various possibilities generating potential events, the damage or loss of data can make confuse decision making. Therefore, in this paper we suggest that substantial threat value calculation using learning bayesian network which makes it adapt to the varying battle situation to gain reliable results under given incomplete data and then verify this system's performance.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.7
• /
• pp.3245-3250
• /
• 2011

This study introduces a threat level assessment model adapting Fuzzy theories in order to help make decisions for better covering quantitative factors and qualitative ones together. The threat is classified into three major categories - one resulting from navigational condition, another from target vessel specification and the other from external decision environment. The threat levels by each category are examined by a fuzzy inference, and its corresponding weights are assigned via fuzzy measures. Finally the high level threat measures become integrated via a Choquet Fuzzy Integral method into ultimate threat level indicators.