• Journal of Internet Computing and Services
• /
• v.22 no.3
• /
• pp.53-58
• /
• 2021

There is little research on actual business activities in the field of security control. Therefore, in this paper, we intend to present a practical research methodology that can contribute to the calculation of the size of the appropriate input personnel through the modeling of the threat information detection response time of the security control and to analyze the effectiveness of the latest security solutions. The total threat information detection response time performed by the security control center is defined as TIDRT (Total Intelligence Detection & Response Time). The total threat information detection response time (TIDRT) is composed of the sum of the internal intelligence detection & response time (IIDRT) and the external intelligence detection & response time (EIDRT). The internal threat information detection response time (IIDRT) can be calculated as the sum of the five steps required. The ultimate goal of this study is to model the major business activities of the security control center with an equation to calculate the cyber threat information detection response time calculation formula of the security control center. In Chapter 2, previous studies are examined, and in Chapter 3, the calculation formula of the total threat information detection response time is modeled. Chapter 4 concludes with a conclusion.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.1
• /
• pp.131-138
• /
• 2024

The ability of Combat Management System(CMS) to respond quickly and accurately to threat to a naval vessel is directly related to the survivability and combat power of the vessel. However, current method for detecting enemy submarine periscope in CMS rely on manual and subjective method that require operators to manually verify and analyze information received from sensor. This delays the response time to the threat, making the vessel less viable. This paper introduces a periscope detection algorithm that classifies the plot information generated by High Resolution Range Profile(HRRP) into probability-based suspicion classes and dramatically reduces threat response time through classified notifications. Algorithm validation showed 133.3791 × 10⁶ times faster and 12.78%p higher detection rate than operator, confirming the potential for reduces threat response time to increase vessel survivability.

• Journal of Korea Multimedia Society
• /
• v.23 no.11
• /
• pp.1396-1405
• /
• 2020

Cyber threats such as forced personal information collection and distribution of malicious codes using malicious URLs continue to occur. In order to cope with such cyber threats, a security technologies that quickly detects malicious URLs and prevents damage are required. In a web environment, malicious URLs have various forms and are created and deleted from time to time, so there is a limit to the response as a method of detecting or filtering by signature matching. Recently, researches on detecting and predicting malicious URLs using machine learning techniques have been actively conducted. Existing studies have proposed various features and machine learning algorithms for predicting malicious URLs, but most of them are only suggesting specialized algorithms by supplementing features and preprocessing, so it is difficult to sufficiently reflect the strengths of various machine learning algorithms. In this paper, a system for predicting malicious URLs using multiple machine learning algorithms was proposed, and an experiment was performed to combine the prediction results of multiple machine learning models to increase the accuracy of predicting malicious URLs. Through experiments, it was proved that the combination of multiple models is useful in improving the prediction performance compared to a single model.

• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.67-73
• /
• 2006

The method which research a standardization from real time cyber threat is finding the suspicious indication above the attack against cyber space include internet worm, virus and hacking using analysis the event of each security system through correlation with the critical point, and draft a general standardization plan through statistical analysis of this evaluation result. It means that becomes the basis which constructs the effective cyber attack response system. Especially at the time of security accident occurrence, It overcomes the problem of existing security system through a definition of the event of security system and traffic volume and a concretize of database input method, and propose the standardization plan which is the cornerstone real time response and early warning system. a general standardization plan of this paper summarizes that put out of threat index, threat rating through adding this index and the package of early warning process, output a basis of cyber threat index calculation.

• Convergence Security Journal
• /
• v.5 no.4
• /
• pp.27-32
• /
• 2005

Recently The social interest regarding is coming to be high about Home Network accordong to intelligence anger of diffusions and the family home appliance machineries and tools of the superhigh speed Internet In the ubiquitous computing socioty, only neither the threat of the private life which is caused by in cyber attack will be able to increase according to the computer environment dependence degree of the individual increases in the ubiquitous computing socioty, only neither the threat of the private life which is caused by in cyber attack will be able to increase according to the computer environment dependence degree of the individual increases Beacaues of Home network is starting point to go ubiquitous computing enviorment, The Increase of Cyber attack through Internet will raise its head with the obstacle to disrupt the activation of the groove network. So there is a possibility of saying that the counter-measure preparation is urgent, In the various environment like this, It means the threat which present time than is complicated will exist. So it will analyze the Home network system environment of present time and observe the Security threat and attack type in the ubiquitous computing enviorment. So it will analyze the Home network system environment of present time and observe the Security threat and attack type in the ubiquitous computing enviorment.

• Science of Emotion and Sensibility
• /
• v.25 no.1
• /
• pp.21-28
• /
• 2022

People differ greatly in their capacity to persist in the face of challenges. Despite significant research, relatively little is known about cognitive factors that might be involved in perseverance. Building upon human threat-management mechanism, we predicted that perseverant people would be characterized by reduced sensitivity (i.e., longer detection latency) to threat cues. Our data from 5,898 job applicants showed that highly perseverant individuals required more time to correctly identify anger in faces, regardless of stimulus type (dynamic or static computer-morphed faces). Such individual differences were not observed in response to other facial expressions (happiness, sadness), and the effect was independent of gender, dispositional anxiety, or conscientiousness. Discussions were centered on the potential role of threat sensitivity in effortful pursuit of goals.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.44 no.4
• /
• pp.43-52
• /
• 2021

In weapon assignment studies to defend against threats such as ballistic missiles and long range artillery, threat assessment was partially lacking in analysis of various threat attributes, and considering the threat characteristics of warheads, which are difficult to judge in the early flight stages, it is very important to apply more reliable optimal solutions than approximate solution using LP model, Meta heuristics Genetic Algorithm, Tabu search and Particle swarm optimization etc. Our studies suggest Generic Rule based threat evaluation and weapon assignment algorithm in the basis of various attributes of threats. First job of studies analyzes information on Various attributes such as the type of target, Flight trajectory and flight time, range and intercept altitude of the intercept system, etc. Second job of studies propose Rule based threat evaluation and weapon assignment algorithm were applied to obtain a more reliable solution by reflection the importance of the interception system. It analyzes ballistic missiles and long-range artillery was assigned to multiple intercept system by real time threat assessment reflecting various threat information. The results of this study are provided reliable solution for Weapon Assignment problem as well as considered to be applicable to establishing a missile and long range artillery defense system.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.21 no.4
• /
• pp.15-23
• /
• 2021

In most hacking attacks, hackers intrudes inside for a long period of time and attempts to communicate with the outside using a circumvent connection to achieve purpose. research in response to advanced and intelligent cyber threats has been mainly conducted with signature-based detection and blocking methods, but recently it has been extended to threat hunting methods. attacks from organized hacking groups are advanced persistent attacks over a long period of time, and bypass remote attacks account for the majority. however, even in the intrusion detection system using intelligent recognition technology, it only shows detection performance of the existing intrusion status. therefore, countermeasures against targeted bypass rwjqthrwkemote attacks still have limitations with existing detection methods and threat hunting methods. in this paper, to overcome theses limitations, we propose a model that can detect the targeted circumvent connection remote attack threat of an organized hacking group. this model designed a threat hunting process model that applied the method of verifying the origin IP of the remote circumvent connection, and verified the effectiveness by implementing the proposed method in actual defense information system environment.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.3
• /
• pp.605-612
• /
• 2011

Recently, cyber attacks against public communications networks are getting more complicated and varied. Moreover, in some cases, one country could make systematic attacks at a national level against another country to steal its confidential information and intellectual property. Therefore, the issue of cyber attacks is now regarded as a new major threat to national security. The conventional way of operating individual information security systems such as IDS and IPS may not be sufficient to cope with those attacks committed by highly-motivated attackers with significant resources. In this paper, we discuss the technologies and standard trends about actual cyber threat and response methods, design the collaborative response framework based on the security information sharing in the inter-domain environments. The computation method of network threat level based on the collaborative response framework is proposed. The network threats are be quickly detected and real-time response can be executed using the proposed computation method.

• Journal of the Korea Convergence Society
• /
• v.9 no.7
• /
• pp.55-62
• /
• 2018

Recently, as the threat of cyber crime increases, the importance of security control to cope with cyber attacks on the information systems in the first place such as real-time detection is increasing. In the name of security control center, cyber terror response center and infringement response center, institutional control personnel are making efforts to prevent cyber attacks. Especially, we are detecting infringement accident by using network security equipment or utilizing control system, but it's not enough to prevent infringement accident by just controlling based on device-driven simple patterns. Therefore, the security control system is continuously being upgraded, and the development and research on the detection method are being actively carried out by the prevention activity against the threat of infringement. In this paper, we have defined the method of detecting infringement of major component module in order to improve the problem of existing infringement detection method. Through the performance tests for each module, we propose measures for effective security control and study effective infringement threat detection method by upgrading the control system using Security Information Event Management (SIEM).