• Journal of Korea Technology Innovation Society
• /
• v.2 no.1
• /
• pp.44-57
• /
• 1999

KIPS is a net-world, cyberspace for scholars in Public Administration and Policy Sciences in WWW. All knowledge-intensive work has its core the publishing and debating of document. We have created a cyber forum for that work KIPS Cyber Forum has adapted ‘D3E’, the web-tool kit for non-technical users to easily debate and publish documents that exploit to the full networked interactive web media. And, for real-time communication, we added it the voice conferencing system. KIPS has opened Cyber Forum service in November 1998. The visitors on KWS Cyber Forum are increasingly growing, but the participants on the debate are a few. This means that the problems of Cyber Forum Service are not technical, but participation. The result imply that, at now, high participation of scholars on the debate is needed, at first, by the detailed guides for internet, www and relevant technical information. After that more expertly designed interface is to be important.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 1999.06a
• /
• pp.11-14
• /
• 1999

The forthcoming century will be the "era of cyber society" . In a virtual environment, a cyber character plays the role of an agent for the human being. In this paper, we introduce active researches of industries, universities, and research institutes in Korea. After Adam Soft Inc. presented a cyber singer,“Adam”, a few cyber characters have succeeded commercially through Internet, TV, CF, movies and etc. Some universities had their own characters to make fundamental researches in the fields of modeling, motion control, and VR. Research institutes have been funded recently to a cyber character related researches. This paper briefly reviews the recent research works, and future trends in Korea. in Korea.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.04a
• /
• pp.449-451
• /
• 2015

When cyber attacks are discovered in nuclear facilities, licensees are required to notify regulatory organizations for quick action. This also helps regulatory organizations to strengthen regulatory capabilities for cyber security. Currently the U.S. issued the final draft rule for Cyber Security Event Notifications. Domestic regulatory activities being at an early stage for cyber security need to implement law for Cyber Security Event Notifications. Since the current laws are focused on the aspect of safety, they are in need of more specific laws for cyber security.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.9
• /
• pp.3451-3457
• /
• 2010

Cyber security assessment is the process of determining how effectively an entity being assessed meets specific cyber security objectives. Cyber security assessment helps to measure the degree of confidence one has and to identify that the managerial, technical and operational measures work as intended to protect the I&C systems and the information it processes. Recently, needs for cyber security on digitalized nuclear I&C systems are increased. However the overall cyber security program, including cyber security assessment, is not established on those systems. This paper presents the methodology of cyber security assessment which is appropriate for nuclear I&C systems. This methodology provides the qualitative assessments that may formulate recommendations to bridge the security risk gap through the incorporated criteria. This methodology may be useful to the nuclear organizations for assessing the weakness and strength of cyber security on nuclear I&C systems. It may be useful as an index to the developers, auditors, and regulators for reviewing the managerial, operational and technical cyber security controls, also.

• Journal of Information Processing Systems
• /
• v.15 no.4
• /
• pp.865-889
• /
• 2019

The need for cyber resilience is increasingly important in our technology-dependent society where computing devices and data have been, and will continue to be, the target of cyber-attackers, particularly advanced persistent threat (APT) and nation-state/sponsored actors. APT and nation-state/sponsored actors tend to be more sophisticated, having access to significantly more resources and time to facilitate their attacks, which in most cases are not financially driven (unlike typical cyber-criminals). For example, such threat actors often utilize a broad range of attack vectors, cyber and/or physical, and constantly evolve their attack tactics. Thus, having up-to-date and detailed information of APT's tactics, techniques, and procedures (TTPs) facilitates the design of effective defense strategies as the focus of this paper. Specifically, we posit the importance of taxonomies in categorizing cyber-attacks. Note, however, that existing information about APT attack campaigns is fragmented across practitioner, government (including intelligence/classified), and academic publications, and existing taxonomies generally have a narrow scope (e.g., to a limited number of APT campaigns). Therefore, in this paper, we leverage the Cyber Kill Chain (CKC) model to "decompose" any complex attack and identify the relevant characteristics of such attacks. We then comprehensively analyze more than 40 APT campaigns disclosed before 2018 to build our taxonomy. Such taxonomy can facilitate incident response and cyber threat hunting by aiding in understanding of the potential attacks to organizations as well as which attacks may surface. In addition, the taxonomy can allow national security and intelligence agencies and businesses to share their analysis of ongoing, sensitive APT campaigns without the need to disclose detailed information about the campaigns. It can also notify future security policies and mitigation strategy formulation.

• Journal of Information Technology Services
• /
• v.20 no.5
• /
• pp.119-136
• /
• 2021

Since the global spread of COVID-19, social distancing and untact service implementation have spread rapidly. With the transition to a non-face-to-face environment such as telework and remote classes, cyber security threats have increased, and a lot of cyber compromises have also occurred. In this study, cyber-attacks and response cases related to COVID-19 are summarized in four aspects: cyber fraud, cyber-attacks on companies related to COVID-19 and healthcare sector, cyber-attacks on untact services such as telework, and preparation of untact services security for post-covid 19. After the outbreak of the COVID-19 pandemic, related events such as vaccination information and payment of national disaster aid continued to be used as bait for smishing and phishing. In the aspect of cyber-attacks on companies related to COVID-19 and healthcare sector, we can see that the damage was rapidly increasing as state-supported hackers attack those companies to obtain research results related to the COVID-19, and hackers chose medical institutions as targets with an efficient ransomware attack approach by changing 'spray and pray' strategy to 'big-game hunting'. Companies using untact services such as telework are experiencing cyber breaches due to insufficient security settings, non-installation of security patches, and vulnerabilities in systems constituting untact services such as VPN. In response to these cyber incidents, as a case of cyber fraud countermeasures, security notices to preventing cyber fraud damage to the public was announced, and security guidelines and ransomware countermeasures were provided to organizations related to COVID-19 and medical institutions. In addition, for companies that use and provide untact services, security vulnerability finding and system development environment security inspection service were provided by Government funding programs. We also looked at the differences in the role of the government and the target of security notices between domestic and overseas response cases. Lastly, considering the development of untact services by industry in preparation for post-COVID-19, supply chain security, cloud security, development security, and IoT security were suggested as common security reinforcement measures.

• Korean Management Science Review
• /
• v.17 no.3
• /
• pp.131-145
• /
• 2000

With the explosion of internet users, there are many enterprises and organizations that regard the internet as the great marketing superhighway. Although fascination and speculation surrounds the impact of the cyber shopping mall on consumer shopping behavior, there is little empirical evidence underlying all this speculation. This article reports on the critical issues that consumers found salient as they browsed through cyber shopping malls. We gathered consumers’reactions via open-ended survey. We relate the reactions to the factors of tangibility, assurance, responsibility, empathy, and reliability which we had identified from the existing literature on service quality. Two additional questionnaires were administered to translate these factors to the cyber shopping mall context and to explore their relative salience. We also evaluated SERVQUAL and SERVPERF as service quality measures for cyber shopping malls. The results show that SERVPERF seems more promising than SERVQUAL. The results also suggest that cyber shopping mall merchants need to think more about how they perform on the issues known to affect customers’decision making for purchasing. We offer advice for enhancing the design of cyber shopping mall.

• Asia pacific journal of information systems
• /
• v.14 no.2
• /
• pp.21-36
• /
• 2004

Since IT industry has changed very rapidly in technology, market environments, the cyber communities raise new social space. In spite of such growth of cyber communities, academic discussion is relatively limited. This Paper suggested several factors that affect the level of participator's loyalty on cyber communities. Participator's loyalty was classified into two categories, the psychological loyalty, which measure the psychological responses, and the behavior loyalty, which measure the absorption of time, the volume and frequency of visit to cyber communities. Consequently, this research has showed social awareness about cyber community culture and suggested the strategy directions for customer-oriented cyber Community Company.

• Nuclear Engineering and Technology
• /
• v.53 no.3
• /
• pp.879-887
• /
• 2021

The nuclear supply chain attack surface is a large, complex network of interconnected stakeholders and activities. The global economy has widened and deepened the supply chain, resulting in larger numbers of geographically dispersed locations and increased difficulty ensuring the authenticity and security of critical digital assets. Although the nuclear industry has made significant strides in securing facilities from cyber-attacks, the supply chain remains vulnerable. This paper discusses supply chain threats and vulnerabilities that are often overlooked in nuclear cyber supply chain risk analysis. A novel supply chain cyber-attack surface diagram is provided to assist with enumeration of risks and to examine the complex issues surrounding the requirements for securing hardware, firmware, software, and system information throughout the entire supply chain lifecycle. This supply chain cyber-attack surface diagram provides a dashboard that security practitioners and researchers can use to identify gaps in current cyber supply chain practices and develop new risk-informed, cyber supply chain tools and processes.

• The Journal of the Convergence on Culture Technology
• /
• v.7 no.1
• /
• pp.397-405
• /
• 2021

With the recent phenomenon of the Intelligence Information Society, the cyber security paradigm has begun to change. In particular, the increase of the interconnectedness of the hyperlinked society has extended the scope of damage that can be caused by cyber threats to the real world. In addition to that, it can also be a risk to any given individual who could accompany a crisis that has to do with public safety or national security. Adolescents who are digital natives are more likely to be exposed to cyber threats, which is mainly due to the fact that they are significantly more involved in cyber activities and they also possess insufficient security comprehension and safety awareness. Therefore, it is necessary to strengthen cyber security capabilities of every young individual, so that they can effectively protect themselves against cyber threats and better manage their cyber activities. It examines the changes of the security paradigm and the necessity for cyber security education, which is in direct accordance to the characteristics of a connected society that further suggests directions and a basic system of cyber security education, through a detailed analysis of the current state of Domestic and Overseas Cyber Security Education. The purpose of this study was to define cybersecurity competencies that are necessary within an intelligent information society, and to propose a regular curriculum for strengthening cybersecurity competencies, through the comparison and meticulous analysis of both domestic and overseas educational systems that are pertinent to cybersecurity competencies. Accordingly, a cybersecurity competency system was constructed, by reflecting C3-Matrix, which is a cyber competency system model of digital citizens. The cybersecurity competency system consists of cyber ethics awareness, cyber ethics behavior, cyber security and cyber safety. In addition to this, based on the basic framework of the cybersecurity competency system, the relevant education that is currently being implemented in the United States, Australia, Japan and Korea were all compared and analyzed. From the insight gained through the analysis, the domestic curriculum was finally presented. The main objective of this new unified understanding, was to create a comprehensive and effective cyber security competency curriculum.