• Radiation Oncology Journal
• /
• v.34 no.4
• /
• pp.260-264
• /
• 2016

Purpose: Stereotactic body radiotherapy (SBRT) takes advantage of low ${\alpha}/{\beta}$ ratio of prostate cancer to deliver a large dose in few fractions. We examined clinical outcomes of SBRT using CyberKnife for the treatment of low- and intermediate-risk prostate cancer. Materials and Methods: This study was based on a retrospective analysis of the 33 patients treated with SBRT using CyberKnife for localized prostate cancer (27.3% in low-risk and 72.7% in intermediate-risk). Total dose of 36.25 Gy in 5 fractions of 7.25 Gy were administered. The acute and late toxicities were recorded using the Radiation Therapy Oncology Group scale. Prostate-specific antigen (PSA) response was monitored. Results: Thirty-three patients with a median 51 months (range, 6 to 71 months) follow-up were analyzed. There was no biochemical failure. Median PSA nadir was 0.27 ng/mL at median 33 months and PSA bounce occurred in 30.3% (n = 10) of patients at median at median 10.5 months after SBRT. No grade 3 acute toxicity was noted. The 18.2% of the patients had acute grade 2 genitourinary (GU) toxicities and 21.2% had acute grade 2 gastrointestinal (GI) toxicities. After follow-up of 2 months, most complications had returned to baseline. There was no grade 3 late GU and GI toxicity. Conclusion: Our experience with SBRT using CyberKnife in low- and intermediate-risk prostate cancer demonstrates favorable efficacy and toxicity. Further studies with more patients and longer follow-up duration are required.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.1
• /
• pp.79-92
• /
• 2020

As the number of systems increases and the network size increases, automated attack prediction systems are urgently needed to respond to cyber attacks. In this study, we developed four types of information gathering sensors for collecting asset and vulnerability information, and developed technology to automatically generate attack graphs and predict attack targets. To improve performance, the attack graph generation method is divided into the reachability calculation process and the vulnerability assignment process. It always keeps up to date by starting calculations whenever asset and vulnerability information changes. In order to improve the accuracy of the attack target prediction, the degree of asset risk and the degree of asset reference are reflected. We refer to CVSS(Common Vulnerability Scoring System) for asset risk, and Google's PageRank algorithm for asset reference. The results of attack target prediction is displayed on the web screen and CyCOP(Cyber Common Operation Picture) to help both analysts and decision makers.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.1
• /
• pp.59-67
• /
• 2017

In recent years, cyber terror that break into major institution's information system and destroy and paralyzed important information occurs frequently. Some countries do dangerous acts such as train hackers and order hackers to hack important industrial confidential documents which are core of national competitiveness to reduce the competitiveness of the country and cause social confusion. In this thesis, it will study problems of cyber terror to help people to use Internet in web environment that safe from cyber terror and to avoid the risk from cyber terror such as malware and DDos. This thesis is organized as following. In second chapter, it will look thorough the research that are related to cyber terror. In third chapter, it will study attack types of cyber terror. In fourth chapter, to defend from cyber violence, it will suggest safe solution. In fifth chapter, it will end with conclusion. Finally, to prevent urgent incidents like North Korean Cyber-attack, every Internet user must indicate their recognition on Internet security and it is significant to make a quick response treatment to create the safe online environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.779-791
• /
• 2021

Common web services have been continuously targeted by hackers due to an access control policy that must be allowed to an unspecified number of people. In order to cope with this situation, companies regularly check web vulnerabilities and take measures according to the risk of discovered vulnerabilities. The risk of these web vulnerabilities is calculated through preliminary statistics and self-evaluation of domestic and foreign related organizations. However, unlike static diagnosis such as security setting and source code, web vulnerability check is performed through dynamic diagnosis. Even with the same vulnerability item, various attack results can be derived, and the degree of risk may vary depending on the subject of diagnosis and the environment. In this respect, the predefined risk level may be different from that of the actual vulnerability. In this paper, to improve this point, we present a web vulnerability risk assessment model based on the attack result centering on the cyber kill chain.

• International Journal of Computer Science & Network Security
• /
• v.22 no.10
• /
• pp.282-290
• /
• 2022

A huge budget is spent on technological solutions to protect Information Systems from cyberattacks by organizations. However, it is not enough to invest alone in technology-based protection and to keep humans out of the cyber loop. Humans are considered the weakest link in cybersecurity chain and most of the time unaware that their actions and behaviors have consequences in cyber space. Therefore, humans' aspects cannot be neglected in cyber security field. In this work we carry out a systematic literature review to identify human factors in cybersecurity. A total of 27 papers were selected to be included in the review, which focuses on the human factors in cyber security. The results show that in total of 14 identified human factors, risk perception, lack of awareness, IT skills and gender are considered critical for organization as for as cyber security is concern. Our results presented a further step in understanding human factors that may cause issues for organizations in cyber space and focusing on the need of a customized and inclusive training and awareness programs.

• Journal of the Korean Home Economics Association
• /
• v.40 no.6
• /
• pp.69-83
• /
• 2002

This study examined the effects of demographic variables on buying behavior, and investigated buyers'perceived value and risk perception of the internet shopping mall. The sample was collected by a department store in Daegu, and it included 1,732 individuals using the Cyber Mall. Research methods used in this study were simple statistics, t-test and ANOVA. The buyers perceived values through the internet shopping mall were classified into five categories-price, time, convenience, intrinsic attributes, reliability and the risk perception also was classified such as the overall purchasing process, quality of products, exposure of the personal information, delivery system, refund and exchange. The major findings of this study were 1) most important categories affecting their buying behavior were the value of convenience and following values in order were time, price, reliability, intrinsic attributes. 2) the risk perception were overall purchasing behavior, quality of products, exposure of personal information, delivery, and refund & exchange in order. 3) age of buyers, buying experience on the internet shopping mall, and gender were the important factors affecting the buyers'perceived value and risk. 4) the study also, showed that according to the variety of products, buyers perceived the value and risk differently, for example, the price was the most important perceived value in case of food product. The implication of the study is to strategically suggest how to enhance the buyers'perceived value and diminish perceived risk of different products.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.5
• /
• pp.2186-2203
• /
• 2020

Security administrators of companies and organizations need to come up with proper countermeasures against cyber-attacks considering infrastructures and security policies in their possession. In order to develop and verify such countermeasures, the administrators should be able to reenact both cyber-attacks and defenses. Simulations can be useful for the reenactment by overcoming its limitations including high risk and cost. If the administrators are able to design various scenarios of cyber-attacks and to develop simulation models from their viewpoints, they can simulate desired situations and observe the results more easily. It is challenging to simulate cyber-security issues, because there is lack of theoretical basis for modeling a wide range of the security field as well as pre-defined basic components used to model cyber-attacks. In this paper, we propose a modeling method for cyber-security simulations by developing a basic component and a composite model, called Abstracted Cyber-Security Unit Model (ACSUM) and Abstracted Cyber-security SIMulation model (ACSIM), respectively. The proposed models are based on DEVS(Discrete Event systems Specification) formalism, a modeling theory for discrete event simulations. We develop attack scenarios by sequencing attack behaviors using ACSUMs and then model ACSIMs by combining and abstracting the ACSUMs from a security perspective. The concepts of ACSUM and ACSIM enable the security administrators to simulate numerous cyber-security issues from their viewpoints. As a case study, we model a worm scenario using ACSUM and simulate three types of simulation models based on ACSIM from a different security perspective.

• Journal of Distribution Science
• /
• v.16 no.5
• /
• pp.61-70
• /
• 2018

Purpose - These days, an individual user, private entity, hears everyday news of hacking and personal information leakage in the era of a most-connected society. This study investigates cyber attack, cyber insurance and distribution channels for insurance goods in South Korea by analyzing various cases of cyber attacks in domestic and overseas case. Research design, data and methodology - This study adopted various study cases instead of the one large case for deep quality analysis, and focused on various cases of domestic and overseas cyber attacks with insurance. Result - As a result of analyzing the cases that were hacked, types of massive losses and damages arising out of internet blackout due to cyber risks are paralyzation of public and private website and portal, electronic administrative system, public infrastructure, and consequently a normal operation of nation is impossible. These losses and damages however can be coverable under cyber insurance. Conclusions - This paper suggests insurance carriers, as suppliers, should provide multiple channels to sell to the customer and should expand the strategy of advertisement and promotion in order for them to change their mind and compare the price and value of the information of individual users and private entity in view of cost savings.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2019.05a
• /
• pp.296-297
• /
• 2019

An effective crisis management system capable of responding early in the event of a major disaster or cyber crisis is needed not only within the organization but also with the partner organizations and the outside. In this paper, we review the domestic and international countermeasures against major disasters and cyber crises, and discuss the emerging crisis responses and future prospects along with the development of ICT technology.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.279-287
• /
• 2022

With the advancement of cyber threats and the development of hacking technologies, cyber security is being emphasized in various fields such as automobiles and ships. According to this trend, various industrial fields are demanding cybersecurity, and related certifications. In this paper, cybersecurity type approval is compared with the RMF stage under the premise that there are common elements with RMF in that cybersecurity elements must be reflected in the entire system development cycle. For comparison, type approval of maritime cyber security of the Korean Register of Shipping was selected. In conclusion, although type approval of maritime cyber security acquisition procedure is not divided by development stage like the RMF, there are the commonalities in the procedure to apply the cybersecurity element to the System development lifecycle like the RMF. Accordingly, the possibility of determining that the cybersecurity element was applied to the entire development cycle was confirmed.