• International Commerce and Information Review
• /
• v.7 no.3
• /
• pp.27-51
• /
• 2005

Todays, computers in business world are potent facilitators that most companies could not without them, while they are only tools. They offer extremely efficient means of communication, particularly when connected to Internet. What I stress in this article is the risks accompanied by e-commerce rather than the advantages of Internet or e-commerce. The management of e-commerce companies, therefore, should keep in mind that the benefit of e-commerce through the Internet are accompanied by enhanced and new risks, cyber risks or e-commerce risks. For example, companies are exposed to computer system breakdown and business interruption risks owing to traditional and physical risks such as theft and fire etc, computer programming errors and defect softwares and outsider's attack such as hacking and virus. E-commerce companies are also exposed to tort liabilities owing to defamation, the infringement of intellectual property such as copyright, trademark and patent right, negligent misrepresent and breach of confidential information or privacy infringement. In this article, I would like to suggest e-commerce insurance or cyber liability insurance as a means of risk management rather than some technical devices, because there is not technically perfect defence against cyber risks. But e-commerce insurance has some gaps between risks confronted by companies and coverage needed by them, because it is at most 6 or 7 years since it has been introduced to market. Nevertheless, in my opinion, e-commerce insurance has offered the most perfect defence against cyber risks to e-commerce companies up to now.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.2
• /
• pp.857-880
• /
• 2016

Due to an increasing number of cyberattacks globally, cybersecurity has become a crucial part of national security in many countries. In particular, the Digital Pearl Harbor has become a real and aggressive security threat, and is considered to be a global issue that can introduce instability to the dynamics of international security. Against this context, the cyberattacks that targeted nuclear power plants (NPPs) in the Republic of Korea triggered concerns regarding the potential effects of cyber terror on critical infrastructure protection (CIP), making it a new security threat to society. Thus, in an attempt to establish measures that strengthen CIP from a cybersecurity perspective, we perform a case study on the cyber-terror attacks that targeted the Korea Hydro & Nuclear Power Co., Ltd. In order to fully appreciate the actual effects of cyber threats on critical infrastructure (CI), and to determine the challenges faced when responding to these threats, we examine factual relationships between the cyberattacks and their responses, and we perform analyses of the characteristics of the cyberattack under consideration. Moreover, we examine the significance of the event considering international norms, while applying the Tallinn Manual. Based on our analyses, we discuss implications for the cybersecurity of CI in South Korea, after which we propose a framework for strengthening cybersecurity in order to protect CI. Then, we discuss the direction of national policies.

• Journal of the Society of Disaster Information
• /
• v.6 no.1
• /
• pp.122-137
• /
• 2010

The purpose of this study is to find the exact state of cyberbullying and the countermeasure for it. cyberbullying is characterized by having the wideness, the anonymity and the intellectualization unlike the harassment of off-line. The result of this study, the cyberbullying is increased through the e-mail, cellular phone, and website around the teenagers. In particular, the cyberbullying has appeared mainly among the same age friends, it is proved that injurers inflict the harassment mainly at their own place and the ratio of the harassment by one self is higher than many. In addition, it is quite probable that the injurer-student who inflicts the harassment in off-line also can do it in on-line and to attack the cyberbullying is easy to find by the student who is indulged himself in internet use. Therefore, it is presented that the countermeasure in educational side and systematic side on this study. First on the educational side, there are presented the practice of the preventive education against the cyberbullying, expansion of the preventive schools for the cyber ethics and cyber crime and strengthening of the guideline for students in cyberspace. Second on the systematic side, there are presented the appointment of various committee, to strengthen the protection of damaged students, preparation of laws for cyberbullying, expansion of information office for internet addiction, improvement of the system for the school custodian and to extend the operating for cyber clearness school.

• International Journal of Computer Science & Network Security
• /
• v.23 no.11
• /
• pp.190-194
• /
• 2023

By looking the importance of communication, data delivery and access in various sectors including governmental, business and individual for any kind of data, it becomes mandatory to identify faults and flaws during cyber communication. To protect personal, governmental and business data from being misused from numerous advanced attacks, there is the need of cyber security. The information security provides massive protection to both the host machine as well as network. The learning methods are used for analyzing as well as preventing various attacks. Machine learning is one of the branch of Artificial Intelligence that plays a potential learning techniques to detect the cyber-attacks. In the proposed methodology, the Decision Tree (DT) which is also a kind of supervised learning model, is combined with the different cross-validation method to determine the accuracy and the execution time to identify the cyber-attacks from a very recent dataset of different network attack activities of network traffic in the UNSW-NB15 dataset. It is a hybrid method in which different types of attributes including Gini Index and Entropy of DT model has been implemented separately to identify the most accurate procedure to detect intrusion with respect to the execution time. The different DT methodologies including DT using Gini Index, DT using train-split method and DT using information entropy along with their respective subdivision such as using K-Fold validation, using Stratified K-Fold validation are implemented.

• Journal of the Institute of Convergence Signal Processing
• /
• v.23 no.4
• /
• pp.209-215
• /
• 2022

The International Maritime Organization, which is in charge of the international maritime environment and ship safety, has rapidly promoted cyber systems for international dimension agreement and efficiency improvement and improved nautical efficiency. Nevertheless, maritime cyber system attacks still occur every year, and in particular, the number of international maritime cyber security incidents in 2021 appeared to increase sharply compared to 2020. This paper discusses the areas that should be taken into account in order to reduce the increasing sophistication of maritime cyber security. To this end, we will look at typical cases of cyber attacks that have increased sharply in 2021 and analyze the causes of the continuous occurrence of maritime cyber security incidents. In addition, we present several cyber system proposals regarding the current state of maritime cyber systems and the solutions to the problems they face, as well as the matters to be addressed for future maritime cyber systems that will be advanced.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.8 no.4
• /
• pp.285-296
• /
• 2018

Among many hacking attempts carried out in the past few years, the cyber-attacks that could have caused a national-level disaster were the attacks against nuclear facilities including nuclear power plants. The most typical one was the Stuxnet attack against Iranian nuclear facility and the cyber threat targeting one of the facilities operated by Korea Hydro and Nuclear Power Co., Ltd (Republic of Korea; ROK). Although the latter was just a threat, it made many Korean people anxious while the former showed that the operation of nuclear plant can be actually stopped by direct cyber-attacks. After these incidents, the possibility of cyber-attacks against industrial control systems has become a reality and the security for these systems has been tightened based on the idea that the operations by network-isolated systems are no longer safe from the cyber terrorism. The ROK government has established a realistic control systems defense concept and in the US, the relevant authorities have set up several security frameworks to prepare for the threats. This paper presented various cyber security attack cases and their scenarios against control systems, along with the analysis of countermeasures for them. Though this task, we attempt to identify the items that need to be considered when designing a domestic security framework to improve security and secure stability.

• KIISE Transactions on Computing Practices
• /
• v.23 no.10
• /
• pp.579-587
• /
• 2017

Cyber Mission Impact Assessment is one of the essential tasks which many militaries and industrial major companies should perform to effectively achieve their mission. The unexpected damage to an organization's assets results in damage to the whole system's performance of the organizations. In order to minimize the damage, it is necessary to quantify the available capacity of the mission, which can be achieved only with the remaining assets, and to immediately prepare a new second best plan in a moment. We therefore need to estimate the exact cyber attack's impact to the mission when the unwanted damage occurs by modeling the relationship between the assets and the missions. In this paper, we propose a new model which deals with the dependencies between assets and missions for obtaining the exact impact of a cyber attack. The proposed model distinguishes task management from asset management for an efficient process, and it is implemented to be optimized using a vectorized operation for parallel processing and using a buffer to reduce the computation time.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1447-1461
• /
• 2019

Evaluating battle damage after conducting an attack on selected targets during warfare is essential. However, regarding the assessment of battle damage caused by cyber-attacks, some methods available under limited circumstances have been suggested so far. Accordingly, this paper suggests a militarily applicable, comprehensive, and specific method of battle damage assessment from battle damage assessment methods in combat assessment theories from the understanding of cyberspace. By using cyberspace components, this paper classifies cyber targets, suggests the assessment methods of data damage, social cognitive damage, derived damage, and the existing battle damage assessment methods such as physical damage, functional damage, and target systems, and provides an example to demonstrate that this method is applicable to the actual past cyberattack cases.

• Journal of Software Assessment and Valuation
• /
• v.15 no.2
• /
• pp.121-128
• /
• 2019

Computing systems have various vulnerabilities to cyber attacks. In particular, various cyber attacks that are intelligent in the information society have caused serious social problems and economic losses. Traditional security systems are based on misuse-based technology, which requires the continuous updating of new attack patterns and the real-time analysis of vast amounts of data generated by numerous security devices in order to accurately detect. However, traditional security systems are unable to respond through detection and analysis in real time, which can delay the recognition of intrusions and cause a lot of damage. Therefore, there is a need for a new security system that can quickly detect, analyze, and predict the ever-increasing cyber security threats based on machine learning and big data analysis models. In this paper, we present a IDS model that combines machine learning and big data technology.

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.189-200
• /
• 2024

In recent years, the development of defense technology has become digital with the introduction of advanced assets such as drones equipped with artificial intelligence. These assets are integrated with modern information technologies such as industrial IoT, artificial intelligence, and cloud computing to promote innovation in the defense domain. However, the convergence of the technology is increasing the possibility of transfer of cyber threats, which is emerging as a problem of increasing the vulnerability of defense assets. While the current cybersecurity methodologies focus on the vulnerability of a single asset, interworking of various military assets is necessary to perform the mission. Therefore, this paper recognizes these problems and presents a mission-based asset management and evaluation methodology. It aims to strengthen cyber security in the defense sector by identifying assets that are important for mission execution and analyzing vulnerabilities in terms of cyber security. In this paper, we propose a method of classifying mission dependencies through linkage analysis between functions and assets to perform a mission, and identifying and classifying assets that affect the mission. In addition, a case study of identifying key assets was conducted through an attack scenario.