• 전기전자학회논문지
• /
• 제26권3호
• /
• pp.389-395
• /
• 2022

기술의 진화와 함께, 사이버 물리 시스템(Cyber Physical System)은 향상되고 있고 이에 따라 새로운 유형의 사이버 공격도 발견되고 있다. 사이버 공격에는 여러 가지 형태가 있으며 모든 사이버 공격은 대상 시스템을 조작하기 위해 이루어진다. 사이버 물리시스템 중 대표적인 시스템이 사이버 물리 전력 시스템, 즉 스마트 그리드이다. 스마트 그리드는 신뢰할 수 있고 안전하며 효율적인 에너지 전송 및 분배를 제공하는 새로운 유형의 전력망이다. 본 논문에서는 스마트 그리드의 상태 추정과 에너지 분배를 타깃으로 하는 허위 데이터 주입 공격(False Data Injection Attack)으로 잘 알려진 특정 유형의 사이버 공격 구성 방법과 이러한 공격의 방어를 위한 보호 전략과 탐지를 위한 동적 모니터링 기법을 소개한다.

• 정보보호학회논문지
• /
• 제31권6호
• /
• pp.1279-1290
• /
• 2021

차량 기술이 성장하면서 운전자의 개입이 필요 없는 자율주행까지 발전하였고, 이에 따라 차량 내부 네트워크인 CAN 보안도 중요해졌다. CAN은 해킹 공격에 취약점을 보이는데, 이러한 공격을 탐지하기 위해 기계학습 기반 IDS가 도입된다. 하지만 기계학습은 높은 정확도에도 불구하고 적대적 예제에 취약한 모습을 보여주었다. 본 논문에서는 IDS를 회피할 수 있도록 feature에 잡음을 추가하고 또한 실제 차량의 physical attack을 위한 feature 선택 및 패킷화를 진행하여 IDS를 회피하고 실제 차량에도 공격할 수 있도록 적대적 CAN frame 생성방법을 제안한다. 모든 feature 변조 실험부터 feature 선택 후 변조 실험, 패킷화 이후 전처리하여 IDS 회피실험을 진행하여 생성한 적대적 CAN frame이 IDS를 얼마나 회피하는지 확인한다.

• 정보보호학회논문지
• /
• 제31권3호
• /
• pp.411-422
• /
• 2021

무인이동체에 탑재되는 자율주행 시스템은 여러 센서를 통해 외부 환경을 인식하고 이를 통해 최적의 제어값을 도출한다. 무인이동체의 자율주행 시스템은 최근들어 사이버공격의 타겟이 되고 있다. 예를 들어, 무인이동체의 센서를 대상으로 신호오류 주입공격을 수행함으로써 센서 데이터를 악의적으로 조작하는 PHY 레벨 (Physical level) 공격과 관련한 연구 결과들이 발표되고 있다. PHY 레벨에서 수행되는 신호오류 주입공격은 주변 환경에 물리적 조작을 가하여 센서가 잘못된 데이터를 측정하게 하므로 소프트웨어 레벨에서 공격을 탐지하기 어렵다는 특징을 갖고 있다. 신호오류 주입공격을 탐지하기 위해서는 센서가 측정하는 데이터의 신뢰성을 검증하는 과정이 필요하다. 현재까지 자율주행 시스템에 탑재되는 센서들을 대상으로 PHY 레벨 공격을 시도하는 다양한 방법이 제시되었으나 이를 탐지하고 방어하는 연구는 아직까지는 부족한 상황이다. 본 논문에서는 무인이동체 환경에서 널리 쓰이고 있는 MEMS 방식의 센서를 대상으로 신호오류 주입공격을 재연하고, 이러한 공격을 탐지하는 방법을 제안한다. 제안하는 방법의 정확도를 분석하기 위해서 신호오류 주입 탐지 모델을 구축하였으며, 실험실 환경에서 유효성을 검증하였다.

• 대한임베디드공학회논문지
• /
• 제14권5호
• /
• pp.269-275
• /
• 2019

This paper addresses the control problem of cyber-physical systems under controller attack. A novel discontinuous Lyapunov functionals are employed to fully utilize sampled-data pattern which characteristic is commonly appeared in cyber-physical systems. By considering the limited resource of networks, cyber-attacks on the controller are considered randomly occurring and are described as an attack function which is nonlinear but assumed to be satisfying Lipschitz condition. Novel criteria for designing controller with robustness for cyber-attacks are developed in terms of linear matrix inequality (LMI). Finally, a numerical example is given to prove the usefulness of the proposed method.

• International Journal of Computer Science & Network Security
• /
• 제21권4호
• /
• pp.264-271
• /
• 2021

From an information security perspective, protecting sensitive data requires utilizing algorithms which resist theoretical attacks. However, treating an algorithm in a purely mathematical fashion or in other words abstracting away from its physical (hardware or software) implementation opens the door to various real-world security threats. In the modern age of electronics, cryptanalysis attempts to reveal secret information based on cryptosystem physical properties, rather than exploiting the theoretical weaknesses in the implemented cryptographic algorithm. The correlation power attack (CPA) is a Side-Channel Analysis attack used to reveal sensitive information based on the power leakages of a device. In this paper, we present a power Hacking technique to demonstrate how a power analysis can be exploited to reveal the secret information in AES crypto-core. In the proposed case study, we explain the main techniques that can break the security of the considered crypto-core by using CPA attack. Using two cryptographic devices, FPGA and 8051 microcontrollers, the experimental attack procedure shows that the AES hardware implementation has better resistance against power attack compared to the software one. On the other hand, we remark that the efficiency of CPA attack depends statistically on the implementation and the power model used for the power prediction.

• IEIE Transactions on Smart Processing and Computing
• /
• 제3권2호
• /
• pp.65-73
• /
• 2014

An overall responding security-centered framework is necessary required for infringement accidents, failures, and cyber threats. On the other hand, the correspondence structures of existing administrative, technical, physical security have weakness in a system responding to complex attacks because each step is performed independently. This study will recognize all internal and external users as a potentially threatening element. To perform connectivity analysis regarding an action, an intelligent convergence security framework and road map is suggested. A suggested convergence security framework was constructed to be independent of an automatic framework, such as the conventional single solution for the priority defense system of APT of the latest attack type, which makes continuous reputational attacks to achieve its goals. This study suggested the next generation convergence security framework to have preemptive responses, possibly against an APT attack, consisting of the following five hierarchical layers: domain security, domain connection, action visibility, action control, and convergence correspondence. In the domain, the connection layer suggests a security instruction and direction in the domains of administrative, physical and technical security. The domain security layer has consistency of status information among the security domain. A visibility layer of an intelligent attack action consists of data gathering, comparison and decision cycle. The action control layer is a layer that controls the visibility action. Finally, the convergence corresponding layer suggests a corresponding system of before and after an APT attack. The administrative security domain had a security design based on organization, rule, process, and paper information. The physical security domain is designed to separate into a control layer and facility according to the threats of the control impossible and control possible. Each domain action executes visible and control steps, and is designed to have flexibility regarding security environmental changes. In this study, the framework to address an APT attack and load map will be used as an infrastructure corresponding to the next generation security.

• 대한한방내과학회지
• /
• 제20권1호
• /
• pp.244-260
• /
• 1999

This study was to investigate diagnosis of shoulder pain on cerebrovascular attack patients and treatment effects by using physical treatment and orienatal diagnosis aparatus, as oriental diagnosis equipments, these were used thermography, maegzin and yangdorag machine. as physical treatment equipments, these were used Hot pack, TENS (Transcutaneous electrical nerve stimulation), ICT(Interferential current therapy) the results were followed 1. In Sex and Age distribution on cerebrovascular attack patients with shoulder pain, male(51.7%)had many than female(48.3%) and 60s were the top, next 70s 50s 40s. 2. In the reason of cerebrovascular attack and the type of motor paresis, cerebrovascular infarction(73.3%) had many than hemorrhage(26.7%) 3. In hospitalizied period of cerebrovascular attack patients with shoulder pain, the period from 11 to 60 days had almost occupied. 4. Oriental medical diagnositic propriety of shoulder pain by using maegzin and yangdorag machine were not recognized. 5. In measuring passive range of motion of pre and post treatment, improvement effect on Hot pack was not showed, but effects on TENS, ICT were showed. 6. In measuring temperature of painful shouler joint of pre and post treatment by using thermography, the effect of Hot pack was not recognized but the effects of TENS, ICT were recognized.

• The Korean Journal of Pain
• /
• 제36권1호
• /
• pp.137-246
• /
• 2023

Background: To investigate the relationship between cutaneous allodynia (CA) and kinesiophobia, gastrointestinal system (GIS) symptom severity, physical activity, and disability, and to determine whether CA, pain, and disability were influencing factors for kinesiophobia, GIS symptoms, and physical activity in individuals with migraine. Methods: The study included 144 individuals with migraine. CA, kinesiophobia, GIS symptoms, physical activity level, and migraine-related disability were evaluated with the Allodynia Symptom Checklist, the Tampa Kinesiophobia Scale (TKS), the Gastrointestinal Symptom Rating Scale (GSRS), the International Physical Activity Questionnaire-7, and the Migraine Disability Assessment Scale (MIDAS), respectively. Results: The CA severity was only associated with TKS (r = 0.515; P < 0.001), GSRS-total (r = 0.336; P < 0.001), GSRS-abdominal pain (r = 0.323; P < 0.001), GSRS-indigestion (r = 0.257; P = 0.002), GSRS-constipation (r = 0.371; P < 0.001), and MIDAS scores (r = 0.178; P = 0.033). Attack frequency (P = 0.015), attack duration (P = 0.035) and presence of CA (P < 0.001) were risk factors for kinesiophobia. Attack frequency (P = 0.027) and presence of CA (P = 0.004) were risk factors for GIS symptoms. Conclusions: There was a relationship between the CA and kinesiophobia, GIS symptoms, and disability. CA and attack frequency were found to be risk factors for kinesiophobia and GIS symptoms. Migraine patients with CA should be assessed in terms of kinesiophobia, GIS, and disability. Lifestyle changes such as exercise and dietary changes and/or pharmacological treatment options for CA may increase success in migraine management.

• 대한전자공학회논문지TC
• /
• 제42권9호
• /
• pp.85-96
• /
• 2005

"인터넷을 기반으로 하는 VPN(Virt at Private Network)"은 비용과 운용측면에서 효율적이다 하지만 광 대역폭 그리고 신뢰성 있는 서비스에 대한 요구의 증가는 IP/GMPLS over DWDM 기반의 백본 네트워크가 차세대 OVPN (Optical VPN)을 위하여 가장 적합한 백본 네트워크로 간주되게 하였다. 그러나, 높은 데이터 전송율을 가지는 OVPN망에서 광 소자의 일시적인 fault/attack에 의해서 일어나는 서비스 파괴는 순식간에 막대한 트래픽 손실을 야기 할 수 있으며, 비 인가된 physical attack 으로 인하여 물리적인 구성소자를 통해 정보가 도청 될 수 있다 또한 데이터 전송을 관리하는 제어 메시지가 변조되거나 복사되어 조작될 경우 데이터가 전송도중 실패하더라도 망의 생존성을 보장할수가 없게 된다. 따라서, OVPN에서는 생존성 문제 (i.e. fault/attack에 대한 물리적인 구조와 광 소자를 고려한 최적의 복구 매커니즘, 그리고 GMPLS 제어메시지의 보안성 있는 전송) 가 중요한 이슈로 대두되고 있다. 본 논문에서는 fault/attack을 관리하기 위해 광 소자들과 공통된 위험 요소를 포함하는 소자들을 분류하고, SRLG (Shared Risk Link Group)를 고려한 경로 설립 스킴과 GMPLS의 RSVP-TE+(Reservation Protocol-Traffic Engineering Extension)와 LMP(Link Management Protocol)의 보안성 제공 메커 니즘을 제안하여, OVPN에서의 생존성을 보장한다. 끝으로 시뮬레이션 결과를 통하여 제안된 알고리즘이 망 생존성을 위하여 더욱 효율적임을 증명하였다.

• Nuclear Engineering and Technology
• /
• 제54권6호
• /
• pp.2135-2146
• /
• 2022

A nuclear energy facility is one of the most critical facilities to be safely protected during and after operation because the physical destruction of its barriers by an external attack could release radioactivity into the environment and can cause harmful effects. The barrier walls of nuclear energy facilities should be sufficiently robust to protect essential facilities from external attack or sabotage. Physical protection system (PPS) vulnerability assessment of a typical small nuclear research reactor was carried out by simulating an external attack with a tri-nitro toluene (TNT) shaped charge and results are presented. The reinforced concrete (RC) barrier wall of the research reactor located at a distance of 50 m from a TNT-shaped charge was the target of external attack. For the purpose of the impact assessment of the RC barrier wall, a finite element method (FEM) is utilized to simulate the destruction condition. The study results showed that a hole-size of diameter 342 mm at the front side and 364 mm at the back side was created on the RC barrier wall as a result of a 143.35 kg TNT-shaped charge. This aperture would be large enough to let at least one person can pass through at a time. For the purpose of the PPS vulnerability assessment, an Estimate of Adversary Sequence Interruption (EASI) model was used, which enabled the determination of most vulnerable path to the target with a probability of interruption equal to 0.43. The study showed that the RC barrier wall is vulnerable to a TNT-shaped charge impact, which could in turn reduce the effectiveness of the PPS.