• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2019.05a
• /
• pp.238-239
• /
• 2019

Cyber attacks can be caused by all equipment that perform communication functions, and the link between ship and land due to the development of communication technology means that the ship sector as well as the land sector can be easily exposed to cyber threat vulnerability. In this paper, we analyze cyber threat trend changes to identify cyber security vulnerabilities in the maritime sector and propose measures to enhance cyber security through other industry case studies.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10a
• /
• pp.118-119
• /
• 2007

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.2
• /
• pp.857-880
• /
• 2016

Due to an increasing number of cyberattacks globally, cybersecurity has become a crucial part of national security in many countries. In particular, the Digital Pearl Harbor has become a real and aggressive security threat, and is considered to be a global issue that can introduce instability to the dynamics of international security. Against this context, the cyberattacks that targeted nuclear power plants (NPPs) in the Republic of Korea triggered concerns regarding the potential effects of cyber terror on critical infrastructure protection (CIP), making it a new security threat to society. Thus, in an attempt to establish measures that strengthen CIP from a cybersecurity perspective, we perform a case study on the cyber-terror attacks that targeted the Korea Hydro & Nuclear Power Co., Ltd. In order to fully appreciate the actual effects of cyber threats on critical infrastructure (CI), and to determine the challenges faced when responding to these threats, we examine factual relationships between the cyberattacks and their responses, and we perform analyses of the characteristics of the cyberattack under consideration. Moreover, we examine the significance of the event considering international norms, while applying the Tallinn Manual. Based on our analyses, we discuss implications for the cybersecurity of CI in South Korea, after which we propose a framework for strengthening cybersecurity in order to protect CI. Then, we discuss the direction of national policies.

• The Journal of Society for e-Business Studies
• /
• v.19 no.4
• /
• pp.195-204
• /
• 2014

Recent, Secure the small and medium-sized enterprises from advanced and intelligence cyber threat, 24 hours of prevention, detection and analysis is essential. Small and Medium Business monitoring center is operated by government financial support to protect and prevent these threats. Currently it provides security to about 900 small and medium-sized enterprises. This paper studies abnormal and attack packets from small and medium-sized businesses[enterprises] which is monitored by Small and Medium Business monitoring center and provides improvement of security control for small and medium-sized enterprises.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.4
• /
• pp.61-74
• /
• 2004

Risk analysis model is systematic and structural process that considers internal security problems and threat factors of the information systems to find optimal level of security control. But, the risk analysis model is just only defined conceptually and there are not so many empirical studies. This research used structural equation modeling(SEM) research methodology with rigorously validated research instrument. Based on results of this study, risk analysis methodology was proved to be practically useful in e-commerce environment. Factors like threat and control were significantly related to risk. In conclusion, the results of this study can be applied to general situation or environment of information security for analyzing and managing the risk and providing new approach to comprehend concept of risk in e-commerce environment.

• International Journal of Internet, Broadcasting and Communication
• /
• v.15 no.1
• /
• pp.13-22
• /
• 2023

In the age of Web 3.0, the metaverse is emerging as a new innovative element to replace the Internet. Leading major ICT companies, it is striving to become a metaverse platform or infrastructure-oriented company. Along with the expansion of the VR and AR market, governments of each country are investing large budgets in this field. However, security concerns about metaverse are also growing. In addition to potential damage to infrastructure, platform and services, personal information leakage and privacy damage are expected to increase further. In this study, we investigated and closely analyzed cases of infringement on the infrastructure, platform, and service of Metaverse. We have clearly identified the current state of metaverse security and the characteristics of the risks of greatest concern. The research procedure is composed of a method of determining the metaverse security area for case analysis first and deriving the type of threat by area through the type of infringement. In particular, the results were mapped into Domain, Case, and Threat, and the implications of the results were analyzed. Through these results, researchers want to contribute to finding the right direction of research by clearly understanding the latest metaverse security status.

• Journal of Korea Society of Industrial Information Systems
• /
• v.22 no.2
• /
• pp.15-25
• /
• 2017

A System can be more Dependable from some types of Threats if the Dependability Level Against the Threat on the System is Increased. However, The Dependability-performance Tradeoff should be Considered because the Increased Dependability may Degrade the Performance of the System. Therefore, it is Efficient to Temporally Increase the Dependability Level to High only when an Threat is Predicted on the System in a Short time while Maintaining the Level in Low or mid in Normal Situations. In this Paper, we Present a Threat Prevention Strategy for a Networked Node by Dynamically Changing the Dependability Level According to the Threat Situation on its Logically/physically Neighboring Nodes. As case Studies, we Employ our Strategy to an Internet Server Against TCP SYN Flood Attacks and to a Checkpoint and Rollback System Against Transient Faults. Our Performance Analysis Shows that our Strategy can Effectively Relieve the Damage of the Failure without Serious Performance Degradation.

• IEIE Transactions on Smart Processing and Computing
• /
• v.3 no.2
• /
• pp.65-73
• /
• 2014

An overall responding security-centered framework is necessary required for infringement accidents, failures, and cyber threats. On the other hand, the correspondence structures of existing administrative, technical, physical security have weakness in a system responding to complex attacks because each step is performed independently. This study will recognize all internal and external users as a potentially threatening element. To perform connectivity analysis regarding an action, an intelligent convergence security framework and road map is suggested. A suggested convergence security framework was constructed to be independent of an automatic framework, such as the conventional single solution for the priority defense system of APT of the latest attack type, which makes continuous reputational attacks to achieve its goals. This study suggested the next generation convergence security framework to have preemptive responses, possibly against an APT attack, consisting of the following five hierarchical layers: domain security, domain connection, action visibility, action control, and convergence correspondence. In the domain, the connection layer suggests a security instruction and direction in the domains of administrative, physical and technical security. The domain security layer has consistency of status information among the security domain. A visibility layer of an intelligent attack action consists of data gathering, comparison and decision cycle. The action control layer is a layer that controls the visibility action. Finally, the convergence corresponding layer suggests a corresponding system of before and after an APT attack. The administrative security domain had a security design based on organization, rule, process, and paper information. The physical security domain is designed to separate into a control layer and facility according to the threats of the control impossible and control possible. Each domain action executes visible and control steps, and is designed to have flexibility regarding security environmental changes. In this study, the framework to address an APT attack and load map will be used as an infrastructure corresponding to the next generation security.

• Convergence Security Journal
• /
• v.15 no.6_2
• /
• pp.141-149
• /
• 2015

Modern society is to have an significant impact on the competitiveness of the country in which the economic value is very high occupancy and ensure a state-of-the-art science and technology. The country's core technology or industry security crimes going seized state-of-the-art technology firms can threat of damage to the country's economic security. In particular, the defense industry serious crime that is directly related to national security. The company's core technology and trade secrets leaked once the industrial countries must prevent security breaches and offenses of strict punishment measures because it is impossible to recover. Also, some advanced countries directly has been operating industrial security crime for the country's economy and national security. In recent years, Nation core technology infringement cases are rapidly increasing in the country. In addition, industrial security crime threat to national security. Therefore, the industry security crimes damage to the national security that infringe on the business secrets of core technologies and businesses. It is necessary to identify that industry security crime associated with the visibility of the broad scope of intellectual property protection.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.12
• /
• pp.2280-2286
• /
• 2007

Information system contains various components, and these components can be categorized into some types. When preparing security level management activity, it is most important to define the target of management activity. And after deciding these targets, security level management activity can be started. This paper defines management targets by dividing information system into some parts, and shows these targets can be managed variously according to operation environments and characteristics.