• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.9
• /
• pp.3451-3457
• /
• 2010

Cyber security assessment is the process of determining how effectively an entity being assessed meets specific cyber security objectives. Cyber security assessment helps to measure the degree of confidence one has and to identify that the managerial, technical and operational measures work as intended to protect the I&C systems and the information it processes. Recently, needs for cyber security on digitalized nuclear I&C systems are increased. However the overall cyber security program, including cyber security assessment, is not established on those systems. This paper presents the methodology of cyber security assessment which is appropriate for nuclear I&C systems. This methodology provides the qualitative assessments that may formulate recommendations to bridge the security risk gap through the incorporated criteria. This methodology may be useful to the nuclear organizations for assessing the weakness and strength of cyber security on nuclear I&C systems. It may be useful as an index to the developers, auditors, and regulators for reviewing the managerial, operational and technical cyber security controls, also.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.4
• /
• pp.489-493
• /
• 2020

The technological development of the Fourth Industrial Revolution is accelerating the development of the world and society. Fourth industrial technology is connected to Cyber World to develop national and social infrastructure. The application of the fourth industrial technology can create Cyber-city and Cyber-life systems. In the ICT business industry that connects Cyber with the real world, we need to connect Cyber with real-life work. It is to use AR business cards as one of the ways to connect Cyber business with real business. When an AR business card is recognized as a smartphone, a 3D character appears to introduce the main character of the business card. In addition, AR business cards are reflected in AR for product and service of business operators, enabling promotion of products, services, etc. Using connected wired and wireless 5G communication, real-time e-commerce is also possible. In this paper, AR business card will be produced with Source Coding and AR business card platform will be designed.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.249-252
• /
• 2013

The recent cyber attacks paralyzed several major banking services, broadcasters, and affected the services of a telecommunications provider. Media outlets classified the attack as cyber terror and named it an Advanced Persistant Threat. Although the attack significantly disrupted these services for at least one day, various components used in the attack were not new. Previous major cyber attacks towards targets in South Korea employed more advanced techniques thus causing greater damage. This paper studies the anatomy of the recent 2013.3.20 attack, studies the technical sophistication of the malware and attack vectors used compared with previous attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.5685-5700
• /
• 2018

Cyber intelligence, surveillance, and reconnaissance (ISR) has become more important than traditional military ISR. An agent used in cyber ISR resides in an enemy's networks and continually collects valuable information. Thus, this agent should be able to determine what is, and is not, useful in a short amount of time. Moreover, the agent should maintain a classification rate that is high enough to select useful data from the enemy's network. Traditional feature selection algorithms cannot comply with these requirements. Consequently, in this paper, we propose an effective hybrid feature selection method derived from the filter and wrapper methods. We illustrate the design of the proposed model and the experimental results of the performance comparison between the proposed model and the existing model.

• Journal of Information Technology Applications and Management
• /
• v.23 no.2
• /
• pp.225-238
• /
• 2016

The purpose of this study is to develop cyber class contents on website and to verify the effectiveness of the program to reinforce a career education. The participants of the experiment in this study are from Namseoul University who took the cyber class 'Self management and creation of vision.' of the second semester in 2015. They took the class fifty-sixty minutes a week. The control group also includes the students who took the classes 'Theory and practice of school violence prevention' and 'Youth Education theory.' To verify the effectiveness of career education, the data processing in performing this study utilized t-test for homogeneity with the effective variable of career identity and career decision and the result was proved by using paired t-test. The result suggests that the experiment group significantly shows improvement compared with the control group in the view of career identity and career decision level. Therefore we recognize that the web based cyber course has its effect on content development and career education and we anticipate the continuous development and activation of effective cyber education on website for university students in future.

• Journal of the Semiconductor & Display Technology
• /
• v.20 no.3
• /
• pp.65-70
• /
• 2021

According to the trend of increasingly sophisticated cyber threats, the need for technology research that can be applied to cyber security personnel management and training systems is constantly being raised not only overseas but also in Korea. Previously, the US and UK have already recognized the need and have been steadily conducting related research from the past. In the United States, by encouraging applications based on related research (NICE Cybersecurity Workforce Framework) and disclosing successful use cases to the outside, it is laying the groundwork for profiling cyber security experts. However in Korea, research on cyber security expert training and profiling is insufficient compared to other countries. Therefore, in this study, in order to create a system suitable for the domestic situation, research and analysis of cases in the United States and the United Kingdom were conducted over the past few years, and based on this, a prototype was produced for the study of profiling technology for domestic cyber security experts.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2020.07a
• /
• pp.97-98
• /
• 2020

코로나19의 확산은 기업의 근무환경에 변화를 가져오고 있다. 최신 IT기술을 활용한 재택근무, 이동원격근무, 원격근무센터와 같은 원격근무가 대표적인 사례이다. 하지만 원격근무는 특성상 기업의 보안정책의 적용범위를 벗어나 사이버위협에 상대적으로 더 많은 노출을 동반한다. 본 논문에서는 최근 국제사회에 대규모 확산이 일어나고 있는 코로나19와 같은 감염병 확산의 영향 또는 조직의 필요에 의해 정보통신기술을 기반으로 원격근무로의 근무형태로 전환하려는 기업이나 기관 등에서 보다 안전한 근무환경을 구추하기 위한 방법의 하나로 원격근무에 대한 위협 및 위험을 분석한다. 분석결과를 활용하여 조직의 보안담당자는 안전한 보안체계를 구축하기 위한 솔루션 선택에 도움을 줄 수 있을 것으로 기대한다.

• The Research Journal of the Costume Culture
• /
• v.16 no.5
• /
• pp.955-962
• /
• 2008

This article is about the naming method for fashion product in cyber shopping mall. For two months, the name of fashion product is listed and analyzed, from BEST 100 category in cyber shopping mall. SPSS ver.10.0 is used and frequency, spearman raw test and t-test are done. The fashion product names are arranged in naming method. There are four kinds of methods for fashion product naming; describing, associating, bundling and style numbering. Describing is most used method both cyber shopping mall. Between marketplace cyber shopping mall and merchant, there is significant difference in composition of naming. Bundling naming method is more used in marketplace cyber shopping mall, and describing and style numbering method is used often in merchant. The words which are composed the name of fashion product are divided in a single word and arranged. The words for describing are classified in noun and adjective. Noun is used for depicting textile and construction and adjective is for touch and image. There is no difference for using words between marketplace and merchant.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.1021-1030
• /
• 2021

This paper proposes S-CAFG(Stage-based Cyber Attack Flow Graph), a model for effectively describing training scenarios that simulate modern complex cyber attacks. On top of existing graph and tree models, we add a stage node to model more complex scenarios. In order to evaluate the proposed model, we create a complicated scenario and compare how the previous models and S-CAFG express the scenario. As a result, we confirm that S-CAFG can effectively describe various attack scenarios such as simultaneous attacks, additional attacks, and bypass path selection.

• Hwankyungkyoyuk
• /
• v.21 no.2
• /
• pp.25-39
• /
• 2008

The purpose of the study was to develop cyber in-service training contents regarding environmental literacy for entry-level environmental public servants. The blended type of contents were developed, through literature review, contents analysis of other programs, and expert conferences. The validity of the contents developed was ensured experts in environment. Major research findings were as followings: First, there is a lack of time for entry-level environmental public servants to participate in the environmental in-service training programs. Therefore, cyber training can be a good solution to the problems with environmental training courses. It improves access to educational opportunities as it overcomes the limitations of time and space and provides hands-on experiences through multimedia materials that reflect the real world. Second, directions for developing cyber environmental education contents were represented in three parts; 1) strategies for developing cyber environmental education contents, 2) Models for developing cyber environmental education contents, 3) Contents selection for developing cyber environmental education contents Third, the developed contents for entry-level environmental officers consist of 4 domains: (1) the introduction to environment; (2) the natural scientific understanding of environment; (3) the humanistic understanding of environment; and (4) the social scientific understanding of environment. Fourth, the program developed was evaluated by 7 environmental education experts according to 10 evaluation items of total contents and contents development structure. In result, the validity of the program was ensured. Based on the results, some recommendations were suggested.