• 인터넷정보학회논문지
• /
• 제18권5호
• /
• pp.113-121
• /
• 2017

Company A's core competency is IT internet security services. The Web diagnosis team analyzes the vulnerability of customer's internet web servers and provides remedy reports. Traditionally, Company A management has utilized a simple table format report for resource planning. But these reports do not notify the timing of human resource commitment. So, upper management asked its team leader to organize a task team and design a visual dashboard for decision making with the help of outside professional. The Task team selected the web security diagnosis practice process as a pilot and designed a dashboard for performance evaluation. A structural design process was implemented during the heuristic working process. Some KPI (key performance indicators) for checking the productivity of internet web security vulnerability reporting are recommended with the calculation logics. This paper will contribute for security service management to plan and address KPI design policy, target process selection, and KPI calculation logics with actual sample data.

• 정보보호학회논문지
• /
• 제26권2호
• /
• pp.425-433
• /
• 2016

지능형 전력망에서 전력 서비스의 효율성 및 상호운용성 확보를 위한 지능형 전력망과 외부망 연계로 인해 전력 제어시스템을 대상으로 한 공격 위협이 증가하고 사이버테러의 주요 목표가 되고 있어 이에 따른 안전한 시스템 설계가 중요한 화두로 등장하고 있다. 일반적으로 SSDLC를 적용하여 설계 단계에서부터 위험에 대한 관리를 하고 있으나 전력 제어 시스템의 특성을 고려한 사항은 부족한 실정이다. 따라서, 전력 제어시스템의 진단 모형 및 평가 프로세스 설계가 가능하고 정보보안 방향성 및 관련 지표를 제공하기 위해, IEC 62351 TC 57에서 제시한 운영보안통제 사항 및 표준 아키텍처에 전사적 위험관리 프레임워크를 응용한 전력 제어시스템 위험관리 프레임워크를 제안하고자 한다.

• 한국시뮬레이션학회논문지
• /
• 제21권3호
• /
• pp.17-24
• /
• 2012

본 논문은 시뮬레이션을 이용한 DDoS공격 대응기술의 효과성을 평가하기 위한 방법을 제시한다. 미국 국가표준기술연구소(NIST: National Institute of Standards and Technology)에서 제시한 보안목표에 따라 효과성평가모형을 계층적으로 표현하였다. 보안목표, 보안통제, 성과지표에 해당하는 요인들의 가중치 계산을 위해 계층적 분석(AHP: Analytic Hierarchy Process)을 적용하고, 최하위계층인 성과지표의 기능점수계산을 위해 Arena시뮬레이션모델을 구현하였다. 탐지 및 차단 알고리즘은 네트워크 L4, L7계층 공격에 대한 임계치설정, 시그니쳐기반탐지, 행동(통계)기반탐지 기술을 복합적으로 검증하였다. 제안된 효과성평가모형은 조직마다 상이한 보안목표와 위협에 따라 다르게 설계될 수 있으므로 새로운 보안위협에 대한 대응방안이나 대응기술의 효과성을 평가할 수 있는 방법으로 활용될 수 있다.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2017년도 춘계학술발표대회
• /
• pp.291-294
• /
• 2017

최근 국내에서 신 변종 공격이 대량으로 발생함에 따라, 한정적인 보안전문 인력과 기존의 장비로 분석 및 대응하는데 어려움이 있다. 본 논문에서는, 대량으로 발생하는 침해사고에 대해 분석 우선순위를 확인하고자, 침해사고에 활용된 침해지표들의 위협을 분석하고 이를 정량적인 값인 침해지표 위협수준(TL_IoC, Threat Level of IoC)로 도출하는 방안을 제안한다. 이를 통해, 침해지표의 위협수준을 직관적으로 확인함으로써 침해사고의 대응수준을 신속하게 판단하고, 위협수준이 높은 침해사고에 대해 능동적으로 빠르게 분석함으로써 대량의 침해사고를 효율적으로 대응할 수 있다.

• 한국컴퓨터정보학회논문지
• /
• 제23권11호
• /
• pp.75-84
• /
• 2018

Social engineering attack means to get information of Social engineering attack means to get information of opponent without technical attack or to induce opponent to provide information directly. In particular, social engineering does not approach opponents through technical attacks, so it is difficult to prevent all attacks with high-tech security equipment. Each company plans employee education and social training as a countermeasure to prevent social engineering. However, it is difficult for a security officer to obtain a practical education(training) effect, and it is also difficult to measure it visually. Therefore, to measure the social engineering threat, we use the results of social engineering training result to calculate the risk by system asset and propose a attack graph based probability. The security officer uses the results of social engineering training to analyze the security threats by asset and suggests a framework for quick security response. Through the framework presented in this paper, we measure the qualitative social engineering threats, collect system asset information, and calculate the asset risk to generate probability based attack graphs. As a result, the security officer can graphically monitor the degree of vulnerability of the asset's authority system, asset information and preferences along with social engineering training results. It aims to make it practical for companies to utilize as a key indicator for establishing a systematic security strategy in the enterprise.

• International Journal of Computer Science & Network Security
• /
• 제21권9호
• /
• pp.239-246
• /
• 2021

This article substantiates the scientific provisions for modelling the level of Ukraine's public financial security taking into account the impact of budget policy, in the process of which identified indicators of budget policy that significantly affect the public financial security and the factors of budget policy based on regression analysis do not interact closely with each other. A seven-factor regression equation is constructed, which is statistically significant, reliable, economically logical, and devoid of autocorrelation. The objective function of maximizing the level of public financial security is constructed and strategic guidelines of budget policy in the context of Ukraine's public financial security are developed, in particular: optimization of the structure of budget revenues through the expansion of the resource base; reduction of the budget deficit while ensuring faster growth rates of state and local budget revenues compared to their expenditures; optimization of debt serviced from the budget through raising funds from the sale of domestic government bonds, mainly on a long-term basis; minimization of budgetary risks and existing threats to the public financial security by ensuring long-term stability of budgets etc.

• International Journal of Aeronautical and Space Sciences
• /
• 제9권1호
• /
• pp.59-65
• /
• 2008

• 한국전자통신학회논문지
• /
• 제3권4호
• /
• pp.210-220
• /
• 2008

본 연구는 최근의 내부 보안위협 추세를 고려하여 인원보안 관리 수준을 효과적으로 측정할 수 있는 인원보안 관리 지표를 개발하는 목적으로 수행되었으며 이론적인 고찰과 기존의 보안관리 체계와 연구 자료를 분석하여 문제점을 도출하고 개선방향을 설정하였다. 연구할 관리항목 지표는 보안 전문가들의 예비 조사를 거쳐 연구 관리지표를 선정하고, 타당성 검증을 위하여 설문조사를 실시하였다. 도출된 관리항목 지표는 인원 보증(Personnel Assurance), 개인 역량(Personnel Competence), 보안 환경(Security Environment)으로 분류하였으며, 지표별 타당성, 중요성, 보안위험 수준에 대한 설문 조사결과를 분석하였다. 조사 결과, 대부분의 관리 지표들이 바람직한 것으로 나타났다. 향후 관련 항목 간의 요인분석 등을 통하여 보다 발전된 인원 보안 관리의 계량화 연구가 필요하다.

• International Journal of Computer Science & Network Security
• /
• 제21권8호
• /
• pp.119-126
• /
• 2021

The study develops methodological aspects for modeling the determining impact of modernization on the enterprise's economic security in development competitive conditions using the model of speed, stability and spaciousness of modernization. Modeling the determining impact of modernization on the enterprise's economic security in a competitive conditions involves: firstly, the formation of estimated modeling indicators in accordance with the speed, stability and spaciousness of the enterprise's modernization; secondly, establishing the weight of indicators in the assessment system using the tools of cognitive judgment; thirdly, the establishment of reference values of sound evaluation indicators; fourthly, the calculations of the integrated impact assessment of the modernization's determining impact modeling on the enterprise's ensuring economic security in a competitive conditions; fifthly, conducting calculations and analytical summarization of the results. To determine a comprehensive integrated indicator of the modernization changes impact on the competitiveness and economic security of enterprises, we use the correlation method of the calculated value with the reference value, as well as use weights for groups of calculations. Approbation of modeling of determining influence of modernization on maintenance of economic safety of the enterprise in competitive conditions of development by authors was carried out concerning such enterprises, as: JSC "Ukrzaliznytsia", SE "Ukraerorukh", SE IA "Boryspil", SE "Ukrposhta", KP "Kyivpastrans".

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권1호
• /
• pp.260-280
• /
• 2020

Cyber-attacks emerge in a more intelligent way, and various security technologies are applied to respond to such attacks. Still, more and more people agree that individual response to each intelligent infringement attack has a fundamental limit. Accordingly, the cyber threat intelligence analysis technology is drawing attention in analyzing the attacker group, interpreting the attack trend, and obtaining decision making information by collecting a large quantity of cyber-attack information and performing relation analysis. In this study, we proposed relation analysis factors and developed a system for establishing cyber threat intelligence, based on malicious code as a key means of cyber-attacks. As a result of collecting more than 36 million kinds of infringement information and conducting relation analysis, various implications that cannot be obtained by simple searches were derived. We expect actionable intelligence to be established in the true sense of the word if relation analysis logic is developed later.