• ETRI Journal
• /
• v.44 no.6
• /
• pp.991-1003
• /
• 2022

Industrial control systems (ICSs) used to be operated in closed networks, that is, separated physically from the Internet and corporate networks, and independent protocols were used for each manufacturer. Thus, their operation was relatively safe from cyberattacks. However, with advances in recent technologies, such as big data and internet of things, companies have been trying to use data generated from the ICS environment to improve production yield and minimize process downtime. Thus, ICSs are being connected to the internet or corporate networks. These changes have increased the frequency of attacks on ICSs. Despite this increased cybersecurity risk, research on ICS security remains insufficient. In this paper, we analyze threats in detail using STRIDE threat analysis modeling and DREAD evaluation for distributed control systems, a type of ICSs, based on our work experience as cybersecurity specialists at a refinery. Furthermore, we verify the validity of threats identified using STRIDE through case studies of major ICS cybersecurity incidents: Stuxnet, BlackEnergy 3, and Triton. Finally, we present countermeasures and strategies to improve risk assessment of identified threats.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.173-179
• /
• 2023

The 4th Industrial Revolution technology has emerged as a solution to build a hyper-connected, super-intelligent network-oriented operational environment, overcoming the obstacles of reducing troops and defense budgets facing the current military. However, the overall risk management, including the increase in complexity of the latest inform ation technology and the verification of the impact with the existing information system, is insufficient, leading to serious threats to system integrity and availability, or negatively affecting interoperability between systems. It can be inhibited. In this paper, we suggest cyber threat response strategies for our military to prepare for cyber threats by examining information security risk management in the United States in order to protect military information assets from cyber threats that may arise due to the advancement of information technology.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.5
• /
• pp.841-850
• /
• 2015

XaaS (Everything as a Service) provides re-usable, fine-grained software components like software, platform, infra across a network. Then users usually pay a fee to get access to the software components. It is a subset of cloud computing. Since XaaS is provided by centralized service providers, it can be a target of various security attacks. Specially, if XaaS becomes the target of APT (Advanced Persistent Threat) attack, many users utilizing XaaS as well as XaaS system can be exposed to serious danger. So various solutions against APT attack are proposed. However, they do not consider all aspects of security control, synthetically. In this paper, we propose overall security checkup considering technical aspect and policy aspect to securely operate XaaS.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.4
• /
• pp.670-676
• /
• 2008

There is a difficult plane letting a security threat to occur in Internet networks as VoIP service uses technology-based the Internet is inherent, and you protect without adjustment of the existing security solution or changes with real-time service characteristics. It is a voice to single networks The occurrence security threat that it is possible is inherent in IP networks that effort and cost to protect a data network only are complicated relatively as provide service integrated data. This paper about various response way fields to be able to prevent analysis regarding definition regarding VoIP spam and VoIP spam technology and VoIP spam.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.22 no.2
• /
• pp.170-178
• /
• 2019

Classification of radar signals in the field of electronic warfare is a problem of discriminating threat types by analyzing enemy threat radar signals such as aircraft, radar, and missile received through electronic warfare equipment. Recent radar systems have adopted a variety of modulation schemes that are different from those used in conventional systems, and are often difficult to analyze using existing algorithms. Also, it is necessary to design a robust algorithm for the signal received in the real environment due to the environmental influence and the measurement error due to the characteristics of the hardware. In this paper, we propose a radar signal classification method which are not affected by radar signal modulation methods and noise generation by using deep learning techniques.

• Korean Journal of Hydrosciences
• /
• v.10
• /
• pp.47-58
• /
• 1999

Protection of groundwater resources from contamination has been of increasing concern throughout the past decades. In practice, however, groundwater monitoring is performed based on the experience and intuition of experts or on the convenience. In dealing with groundwater contamination, we need to know what contaminants have the potential to threat the water quality and the distribution and concentration of the plumes. Monitoring of the subsurface environment through remote geophysical techniques or direct sampling from wells can provide such information. Once known, the plume can be properly menaged. Evaluation of existing methodologies for groundwater monitoring network design revealed that one should select an appropriate design method based on the purpose of the network and the avaliability of field information. Integer programming approach, one of the general purpose network design tools, and a cost-to-go function evaluation approach for special purpose network design were tested for field applicability. For the same contaminated aquifer, two approaches resulted in different well locations. The amount of information, however, was about the same.

• Convergence Security Journal
• /
• v.17 no.1
• /
• pp.31-38
• /
• 2017

As the cyber-attacks through the networks advance, it is difficult for the intrusion detection system based on the simple rules to detect the novel type of attacks such as Advanced Persistent Threat(APT) attack. At present, many types of research have been focused on the application of machine learning techniques to the intrusion detection system in order to detect previously unknown attacks. In the case of using the machine learning techniques, the performance of the intrusion detection system largely depends on the feature set which is used as an input to the system. Generally, more features increase the accuracy of the intrusion detection system whereas they cause a problem when fast responses are required owing to their large elapsed time. In this paper, we present a network intrusion detection system based on artificial neural network, which adopts a multi-objective genetic algorithm to satisfy the both requirements: accuracy, and fast response. The comparison between the proposing approach and previously proposed other approaches is conducted against NSL_KDD data set for the evaluation of the performance of the proposing approach.

• Journal of Convergence Society for SMB
• /
• v.6 no.3
• /
• pp.29-35
• /
• 2016

This paper presents the design of a user authentication system (DCIAS) using the device constant information. Defined design a new password using the access device constant information to be used for user authentication during system access on the network, and design a new concept the user authentication system so that it can cope with the threat required from passive replay attacks to re-use the password obtained in other applications offer. In addition, by storing a password defined by the design of the encrypted random locations in the server and designed to neutralize the illegal access to the system through the network. Therefore proposed using the present system, even if access to the system through any of the network can not know whether any where the password is stored, and if all right even stored information is not easy to crack's encrypted to neutralize any replay attacks on the network to that has strong security features.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.06a
• /
• pp.773-777
• /
• 2007

Very various infusion by development of systems that is based on network is spread. Therefore, Evaluation Tool has been an active research area to reduce the risk from intrusion. On this thesis, during threat assesment, we have planned possible an equal-weight applied assesment and considering the characteristics of the organization an assesment which security factor's weight is variably applied to, and respective organizations to examine its security by itself in order to support the easy findings of the vulnerabilities on the management point of view, and to show the advices to practice.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.9 no.4
• /
• pp.61-70
• /
• 2006

This paper is to describe LYNX-ESM Simulation System to simulate for EW operating environment analysis and system performance verification of LYNX-ESM system using Discrete Event Simulation(DEVS) Methodology. This system consists of 3 PC with TCP/IP network. Each PC is loaded with Modeling & Simulation program based DEVS. Each connected program conducts EW simulation. As a result, we analyze the operating environment of the maritime EW threat, simulate the EW threat discrimination and geolocation capability, and estimate the LYNX-ESM system effectiveness before real LYNX-ESM system development.