• Korean Security Journal
• /
• no.59
• /
• pp.9-35
• /
• 2019

Until now, a lot of research on cyber security have been tried, but there have been few studies on overall relationships, including internal factors and external factors. Therefore, this study examined cyber security management considering not only internal elements of SMEs but also corporate management environment. The first qualitative analysis and the second quantitative analysis were conducted through mixed method research. Qualitative analysis was conducted through a semi-structured interview method, and three themes were found: insufficient cyber security management system, internal noncooperation for cyber security, and problems derived from decision-making system. In the quantitative analysis, multiple regression analysis was conducted on the data obtained through the questionnaire. The perception of cyber threats and internal support among independent variables positively influenced the cyber security management system or the dependent variable. Through this study, internal variables had a causal impact on the cyber security management system rather than external environment variables. This implies that the variables related to the organizational culture such as employees' perception are important. These results are expected to provide practical significance for enhancing the cyber security management system in SMEs.

• Convergence Security Journal
• /
• v.23 no.3
• /
• pp.21-28
• /
• 2023

The development of information and communication technology in the 21st century has increased operational efficiency by providing hyper-connectivity and hyper-intelligence in the control systems of major infrastructure, but is also increasing security vulnerabilities, exposing it to hacking threats. Among them, the electric power system that supplies electric power essential for daily life has become a major target of cyber-attacks as a national critical infrastructure system. Recently, in order to protect these power systems, various security systems have been developed and the stability of the power systems has been maintained through practical cyber battle training. However, as cyber-attacks are combined with advanced ICT technologies such as artificial intelligence and big data, it is not easy to defend cyber-attacks that are becoming more intelligent with existing security systems. In order to defend against such intelligent cyber-attacks, it is necessary to know the types and aspects of intelligent cyber-attacks in advance. In this study, we analyzed the evolution of cyber attacks combined with advanced ICT technology.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.24 no.8
• /
• pp.781-790
• /
• 2013

Nowadays, national critical infrastructures have been known to be highly vulnerable to the EMP threats which are internationally growing. But their realistic solutions have been not made by the lack of detailed rules and regulations in current laws, however, which cover most of cyber threats. This paper takes a look at the domestic and overseas trends on the EMP protections, and proposes the revision directives of relevant laws and the contents included into the proposed legislation. Among them, the amendment of the current "Information Infrastructure Protection Act" is considered to be the most effective, including provisions on protected informations, industrial promotions, R&D supports, education, etc. Anyway, this paper is expected to be helpful for introducing an effective legal scheme on the CIP against EMP threats. domestic rule.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1027-1037
• /
• 2012

With response to the critical issue of global warming, Smart Grid system has been extensively investigated as next efficient power grid system. Domestically, Korean is trying to expand the usage of Electric Vehicles (EVs) and the charging infrastructure in order to replace the current transportation using fossil fuels holding 20% of overall CO2 emission. The EVs charging infrastructures are combined with IT technologies to build intelligent environments but have considerable number of cyber security issues because of its inherent nature of the technologies. This work not only provides logical architecture of EV charging infrastructures with security threats based on them but also analyses security requirements against security threats in order to overcome the adversarial activities to Smart Grid.

• International Journal of Internet, Broadcasting and Communication
• /
• v.16 no.2
• /
• pp.1-9
• /
• 2024

As the Internet of Things (IoT) continues to permeate every facet of modern life, the imperative to secure this vast and dynamic frontier becomes increasingly paramount. This presents a comprehensive exploration of the challenges and opportunities inherent in safeguarding the interconnected web of IoT devices. The research critically examines the limitations of current cybersecurity measures through an extensive review of diverse topics, including IoT network performance, smart grid security, and the escalating cyber threats against critical infrastructures. A meticulous analysis of research findings underscores the need for enhanced infrastructure and ongoing research to fortify the cybersecurity mechanisms surrounding IoT objects. We underline the imperative of relentless research efforts to parry the advancing threats and leverage the promise of nascent technologies. Our findings affirm the pivotal influence of robust cybersecurity measures in crafting a resiliently connected ecosystem. The paper underscores the importance of ongoing research to address evolving threats and harness the potential of emerging technologies, reaffirming the central role of cybersecurity in shaping a secure interconnected world. In conclusion, the study emphasizes the dynamic and ever-evolving nature of cybersecurity on the IoT frontier. It unveils a complex landscape of challenges, ranging from network performance intricacies to the security concerns of critical infrastructures.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.805-821
• /
• 2020

Cyber defense exercise should require training on the latest cyber attacks and have a similar process to defense cyber attacks. In addition, it is also important to train on cyber resilience that can perform normal tasks or support equivalent tasks regardless of cyber attacks. In this paper, we proposed and developed a cyber range that can strengthen the elements of cyber resilience by performing cyber defense exercise in real time based on the cyber crisis alert issued when a cyber attack occurs in Korea. When BLUE, YELLOW, ORANGE, and RED warnings are issued according to the cyber crisis, our system performs proactive response, real time response, and post response according to the alarm. It can improve trainee's capability to respond to cyber threats by performing cyber defense exercise in a cyber crisis environment similar to the actual situation of Korea.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.135-141
• /
• 2020

The Ministry of National Defense is strengthening the power and capacity of cyber operations as cyber protection training is conducted. However, considering the level of enemy cyber attack capability, the level of cyber defense capability of the ministry of national defense is significantly low and the protection measures and response system for responding to cyber threats to military networks are not clearly designed, falling short of the level of cyber security capabilities of the public and private sectors. Therefore, this paper is to investigate and verify the establishment of a military internal network vulnerability mitigation system that applies the intention of attackers, tactics, techniques and procedures information (ATT&CK Framework), identified military internal network main threat information, and military information system security requirements with military specificity as factors that can establish a defense network vulnerability mitigation system by referring to the domestic and foreign cyber security framework It has the advantage of having.

• Journal of Convergence for Information Technology
• /
• v.9 no.3
• /
• pp.1-7
• /
• 2019

There are various cyber attacks on business PCs. In order to reduce the threat of PC security, we are preventing the vulnerability from being diagnosed beforehand. However, this guideline is difficult to cope with because the domestic vulnerability guide does not update the diagnostic items. In this paper, we examine the cyber infringement cases of PCs and the diagnostic items of foreign technical vulnerabilities in order to cope with security threats. In addition, an improved guide is provided by comparing the differences in the diagnostic items of technical vulnerability from abroad and domestic. Through 41 proposed technical vulnerability improvement items, it was found that various security threats can be coped with. Currently, it is mainly able to respond to only known vulnerabilities, but we hope that applying this guideline will reduce unknown security threats.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.3
• /
• pp.65-72
• /
• 2020

With the development of information technology and the growth of the scale of system and network, cyber threats and crimes continue to increase. To cope with these threats, cybersecurity training based on actual attacks and defenses is required. However, cybersecurity training requires expert analysis and attack performance, which is inefficient in terms of cost and time. In this paper, we propose a cyber attack simulator that automatically executes attack techniques. This simulator generates attack scenarios by combining attack techniques modeled to be implemented and executes the attack by sequentially executing the derived scenarios. In order to verify the effectiveness of the proposed attack simulator, we experimented by setting an example attack goal and scenarios in a real environment. The attack simulator successfully performed five attack techniques to gain administrator privileges.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.501-519
• /
• 2017

With the revolution of IT technology, cyber threats and crimes are also increasing. In the recent years, many large-scale APT attack executed domestically and internationally. Specially, many of the APT incidents were not recognized by internal organizations, were noticed by external entities. With fourth industrial revolution(4IR), advancement of IT technology produce large scale of sensitive data more than ever before; thus, organizations invest a mount of budget for various methods such as encrypting data, access control and even SIEM for analyzing any little sign of risks. However, enhanced intelligent APT it's getting hard to aware or detect. These APT threats are too much burden for SMB, Enterprise and Government Agencies to respond effectively and efficiently. This paper will research what's the limitation and weakness of current defense countermeasure base on Cyber Kill Chain process and will suggest effective and efficient APT defense operation model with considering of organization structure and human resources for operation.