• Convergence Security Journal
• /
• v.16 no.2
• /
• pp.63-70
• /
• 2016

With the development of information and communication technologies like internet, the environment where people are able to access internet at any time and at any place has been established. As a result, cyber threats have been tried through various routes. Of cyber threats, DDoS is on the constant rise. For DDoS prediction modeling, this study drew a DDoS security index prediction formula on the basis of event data by using a statistical technique, and quantified the drawn security index. It is expected that by using the proposed security index and coming up with a countermeasure against DDoS threats, it is possible to minimize damage and thereby the prediction model will become objective and efficient.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.390-399
• /
• 2022

Cyber security and resilience are phrases that describe safeguards of ICTs (information and communication technologies) from cyber-attacks or mitigations of cyber event impacts. The sole purpose of Risk models are detections, analyses, and handling by considering all relevant perceptions of risks. The current research effort has resulted in the development of a new paradigm for safeguarding services offered online which can be utilized by both service providers and users. customers. However, rather of relying on detailed studies, this approach emphasizes task selection and execution that leads to successful risk treatment outcomes. Modelling intelligent CSGs (Cyber Security Games) using MLTs (machine learning techniques) was the focus of this research. By limiting mission risk, CSGs maximize ability of systems to operate unhindered in cyber environments. The suggested framework's main components are the Threat and Risk models. These models are tailored to meet the special characteristics of online services as well as the cyberspace environment. A risk management procedure is included in the framework. Risk scores are computed by combining probabilities of successful attacks with findings of impact models that predict cyber catastrophe consequences. To assess successful attacks, models emulating defense against threats can be used in topologies. CSGs consider widespread interconnectivity of cyber systems which forces defending all multi-step attack paths. In contrast, attackers just need one of the paths to succeed. CSGs are game-theoretic methods for identifying defense measures and reducing risks for systems and probe for maximum cyber risks using game formulations (MiniMax). To detect the impacts, the attacker player creates an attack tree for each state of the game using a modified Extreme Gradient Boosting Decision Tree (that sees numerous compromises ahead). Based on the findings, the proposed model has a high level of security for the web sources used in the experiment.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2022.11a
• /
• pp.137-139
• /
• 2022

As cyber threats in the maritime industry increase due to the digital transformation, the needs for cyber security training for ship's crew and port engineers has increased. The training of seafarers is related to the IMO's STCW convention, so cyber security training also managed and certified, and it is necessary to develop a cybersecurity training system that reflects the characteristics of the OT systemof ships and ports. In this paper, with the goal of developing a training model based on the IMO cyber risk management guideline, developing a cyber security training model based on the characteristics of maritime industry threats, and improving the effectiveness of cyber security training using AR/VR and metaverse, A method for developing a system for nurturing cyber security experts is presented.

• Convergence Security Journal
• /
• v.8 no.4
• /
• pp.173-181
• /
• 2008

Recently, Worm epidemic models have been developed in response to the cyber threats posed by worms in order to analyze their propagation and predict their spread. Some of the most important ones involve mathematical model techniques such as Epidemic(SI), KM (Kermack-MeKendrick), Two-Factor and AAWP(Analytical Active Worm Propagation). However, most models have several inherent limitations. For instance, they target worms that employ random scanning in the network such as CodeRed worm and it was able to be applied to the specified threats. Therefore, we propose the probabilistic of worm propagation based on the Markov Chain, which can be applied to cyber threats such as Mass SQL Injection worm. Using the proposed method in this paper, we can predict the occurrence probability and occurrence frequency for each threats in the entire system.

• Convergence Security Journal
• /
• v.11 no.6
• /
• pp.53-58
• /
• 2011

There is increasing use of common commercial operation system and standard PCs to control industrial production systems, and cyber security threat for industrial facilities have emerged as a serious problem. Now these network connected ICS(Industrial Control Systems) stand vulnerable to the same threats that the enterprise information systems have faced and they are exposed to malicious attacks. In particular Stuxnet is a computer worm targeting a specific industrial control system, such as a gas pipeline or power plant and in theory, being able to cause physical damage. In this paper we present an overview of the general configuration and cyber security threats of a SCADA and investigate the attack tree analysis to identify and assess security vulnerabilities in SCADA for the purpose of response to cyber attacks in advance.

• Nuclear Engineering and Technology
• /
• v.53 no.3
• /
• pp.879-887
• /
• 2021

The nuclear supply chain attack surface is a large, complex network of interconnected stakeholders and activities. The global economy has widened and deepened the supply chain, resulting in larger numbers of geographically dispersed locations and increased difficulty ensuring the authenticity and security of critical digital assets. Although the nuclear industry has made significant strides in securing facilities from cyber-attacks, the supply chain remains vulnerable. This paper discusses supply chain threats and vulnerabilities that are often overlooked in nuclear cyber supply chain risk analysis. A novel supply chain cyber-attack surface diagram is provided to assist with enumeration of risks and to examine the complex issues surrounding the requirements for securing hardware, firmware, software, and system information throughout the entire supply chain lifecycle. This supply chain cyber-attack surface diagram provides a dashboard that security practitioners and researchers can use to identify gaps in current cyber supply chain practices and develop new risk-informed, cyber supply chain tools and processes.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.251-257
• /
• 2004

Todays, the more information technologies(IT) like internet is developed, the more main facilities of individuals and social organizations get deeply involved in IT. Also, the trend of cyber threats such as internet worms and viruses is moving from local pc attacks to IT infrastructure attacks by exploiting inherent vulnerabilities of IT. Social organizations has a limit to response these attacks individually, and so the systematic coordinate center for social organizations is necessary. To analyze and share cyber threat information is performed prior to the construction of the coordinate center. In this paper, we survey domestic alert systems for cyber threats of related organizations and companies, and then classify them into two categories by the range of threat assessment: global alert systems for global If infrastructure and individual alert systems for each threat. Next, we identify problems of domestic alert systems and suggest approaches to resolve them.

• Convergence Security Journal
• /
• v.6 no.3
• /
• pp.21-28
• /
• 2006

Beginning flag security it was limited in Firewall but currently many information security solutions like Anti-virus, IDS, Firewall are come to be many. For efficiently managing different kinds of information security products ESM (Enterprise Security management) are developed and operated. Recently over the integrated security management system, TMS (Threat Management System) is rising in new area of interest. It follows in change of like this information security product and also collection information is being turning out diversification. For managing cyber threats, we have to analysis qualitative information (like vulnerabilities and malware codes, security news) as well as the quantity event logs which are from information security products of past. Information Threats and Vulnerability Auto Collector raises the accuracy of cyber threat judgement and can be utilized to respond the cyber threat which does not occur still by gathering qualitative information as well as quantity information.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.215-223
• /
• 2019

The recent trend of cyber attack threat is mainly APT (Advanced Persistent Threat) attack. This attack is a combination of hacking techniques to try to steal important information assets of a corporation or individual, and social engineering hacking techniques aimed at human psychological factors. Spear phishing attacks, one of the most commonly used APT hacking techniques, are known to be easy to use and powerful hacking techniques, with more than 90% of the attacks being a key component of APT hacking attacks. The existing research for cyber security threat defense is mainly focused on the technical and policy aspects. However, in order to preemptively respond to intelligent hacking attacks, it is necessary to study different aspects from the viewpoint of social engineering. In this study, we analyze the correlation between human personality type (DISC) and cyber security threats, focusing on spear phishing attacks, and present countermeasures against security threats from a new perspective breaking existing frameworks.

• Journal of Digital Convergence
• /
• v.17 no.8
• /
• pp.221-228
• /
• 2019

The importance of security for virtualization products has been increased with the activation policy of cloud computing and it is necessary to analyze cyber security threats and develop security requirements for virtualization products to provide with more secure cloud environments. This paper is a preliminary study with the purpose of developing security functional requirements through analyzing security features and cyber security threats as well as comparison of foreign countries' cases for virtualization products. To do this, the paper compares evaluation schemes for virtualization products in US and UK foreign countries, and analyzes the cyber security threats, security objectives and security requirements in both countries. Furthermore, it proposes the essential checking items and processes for developing security functional requirements about security features of virtualization products to contribute to its more secure development and the establishment of related security evaluation standards.