• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.20 no.12
• /
• pp.1333-1339
• /
• 2009

A MWR(Missile Warning Radar) of GVES(Ground Vehicle Equipment System) has to effectively decide the threat for a detected target. Linear Approximation Fitting(LAF) and Weighted Linear Approximation Fitting(WLAF) algorithm is proposed as algorithm for a threat decision method. The target is classified into a threat or non-threat using a boundary condition of the angular rate, and the boundary condition is determined using probability model simulation. This paper confirms the performance of proposed threat decision algorithm using measurement.

• Asia pacific journal of information systems
• /
• v.23 no.2
• /
• pp.87-109
• /
• 2013

While many surveys show very positive attitudes on the part of consumers towards eco-friendly products, the market share actually reflecting green IT purchases remains low in most countries. The motivations behind green IT purchase behavior are still obscure. Several studies have addressed the question of green IT diffusion from economic and normative viewpoints in an attempt to interpret IT adoption behavior. This study comes at the question from a different angle, namely negative frame, examining threat and coping behaviors using the Ordered Protection Motivation (OPM) model and threat appraisal theory. The results show that attitudes toward fairness and positive change, which are precedents of threat appraisal, play an important role in determining threat appraisal. Perceived threats in the green IT arena include habit change and ecological change. Appraisal for coping with these threats directly affects initial adoption behaviors regarding available green IT, and then indirectly encourages the purchase of new green IT products.

• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.1-11
• /
• 2006

The exponential increase of malicious and criminal activities in cyber space is posing serious threat which could destabilize the foundation of modem information society. In particular, unexpected network paralysis or break-down created by the spread of malicious traffic could cause confusion and disorder in a nationwide scale, and unless effective countermeasures against such unexpected attacks are formulated in time, this could develop into a catastrophic condition. As a result, there has been vigorous effort and search to develop a functional state-level cyber-threat early-warning system however, the efforts have not yielded satisfying results or created plausible alternatives to date, due to the insufficiency of the existing system and technical difficulties. The existing cyber-threat forecasting and early-warning depend on the individual experience and ability of security manager whose decision is based on the limited security data collected from ESM (Enterprise Security Management) and TMS (Threat Management System). Consequently, this could result in a disastrous warning failure against a variety of unknown and unpredictable attacks. It is, therefore, the aim of this research to offer a conceptual design for "Knowledge-based Real-Time Cyber-Threat Early-Warning System" in order to counter increasinf threat of malicious and criminal activities in cyber suace, and promote further academic researches into developing a comprehensive real-time cyber-threat early-warning system to counter a variety of potential present and future cyber-attacks.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.7
• /
• pp.47-57
• /
• 2014

In order to publicly notify the information security (Internet or Cyber) threat level, the security companies have developed the Threat Meters. As the physical security devices are getting more intelligent and can be monitored and managed through networks, we propose a physical security threat meter (PSTM) to determine the current threat level of physical security; that is a very similar compared with the one of information security. For this purpose, we investigate and prioritize the physical security events, and consider the impact of temporal correlation among multiple security events. We also present how to determine the threshold values of threat levels, and then propose a practical PSTM using the threshold based decision. In particular, we show that the proposed scheme is fully implementable through showing the block diagram in detail and the whole implementation processes with the access controller and CCTV+video analyzer system. Finally the simulation results show that the proposed PSTM works perfectly under some test scenarios.

• Journal of Internet Computing and Services
• /
• v.22 no.3
• /
• pp.53-58
• /
• 2021

There is little research on actual business activities in the field of security control. Therefore, in this paper, we intend to present a practical research methodology that can contribute to the calculation of the size of the appropriate input personnel through the modeling of the threat information detection response time of the security control and to analyze the effectiveness of the latest security solutions. The total threat information detection response time performed by the security control center is defined as TIDRT (Total Intelligence Detection & Response Time). The total threat information detection response time (TIDRT) is composed of the sum of the internal intelligence detection & response time (IIDRT) and the external intelligence detection & response time (EIDRT). The internal threat information detection response time (IIDRT) can be calculated as the sum of the five steps required. The ultimate goal of this study is to model the major business activities of the security control center with an equation to calculate the cyber threat information detection response time calculation formula of the security control center. In Chapter 2, previous studies are examined, and in Chapter 3, the calculation formula of the total threat information detection response time is modeled. Chapter 4 concludes with a conclusion.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.21 no.4
• /
• pp.15-23
• /
• 2021

In most hacking attacks, hackers intrudes inside for a long period of time and attempts to communicate with the outside using a circumvent connection to achieve purpose. research in response to advanced and intelligent cyber threats has been mainly conducted with signature-based detection and blocking methods, but recently it has been extended to threat hunting methods. attacks from organized hacking groups are advanced persistent attacks over a long period of time, and bypass remote attacks account for the majority. however, even in the intrusion detection system using intelligent recognition technology, it only shows detection performance of the existing intrusion status. therefore, countermeasures against targeted bypass rwjqthrwkemote attacks still have limitations with existing detection methods and threat hunting methods. in this paper, to overcome theses limitations, we propose a model that can detect the targeted circumvent connection remote attack threat of an organized hacking group. this model designed a threat hunting process model that applied the method of verifying the origin IP of the remote circumvent connection, and verified the effectiveness by implementing the proposed method in actual defense information system environment.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.19-27
• /
• 2022

With the innovative development of ICT technology, hacking techniques of hackers are also evolving into sophisticated and intelligent hacking techniques. Threat detection research to counter these cyber threats was mainly conducted in a passive way through hacking damage investigation and analysis, but recently, the importance of cyber threat information collection and analysis is increasing. A bot-type automation program is a rather active method of extracting malicious code by visiting a website to collect threat information or detect threats. However, this method also has a limitation in that it cannot prevent hacking damage because it is a method to identify hacking damage because malicious code has already been distributed or after being hacked. Therefore, to overcome these limitations, we propose a model that detects actual threats by acquiring and analyzing threat information while identifying and managing cyber bases. This model is an active and proactive method of collecting threat information or detecting threats outside the boundary such as a firewall. We designed a model for detecting threats using cyber strongholds and validated them in the defense environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1887-1898
• /
• 2018

In this paper, a method to classify insider threat activity is introduced. The internal threats help detecting anomalous activity in the procedure performed by the user in an organization. When an anomalous value deviating from the overall behavior is displayed, we consider it as an inside threat for classification as an inside intimidator. To solve the situation, Markov Chain Model is employed. The Markov Chain Model shows the next state value through an arbitrary variable affected by the previous event. Similarly, the current activity can also be predicted based on the previous activity for the insider threat activity. A method was studied where the change items for such state are defined by a transition probability, and classified as detection of anomaly of the inside threat through values for a probability variable. We use the properties of the Markov chains to list the behavior of the user over time and to classify which state they belong to. Sequential data sets were generated according to the influence of n occurrences of Markov attribute and classified by machine learning algorithm. In the experiment, only 15% of the Cert: insider threat dataset was applied, and the result was 97% accuracy except for NaiveBayes. As a result of our research, it was confirmed that the Markov Chain Model can classify insider threats and can be fully utilized for user behavior classification.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.2
• /
• pp.1-10
• /
• 2014

In this study, I analyzed the increased threat of cyber warfare and the threat of reality about what is happening around the currently. And to prepare for it, I proposed the fact how main developed countries deal with cyber warfare. Also, I presented North Korea's cyber warfare threat which is equipped with world's top 3 cyber warfare performance and the way how their strategy influence to South Korea's national security. Moreever, I studied the existing North Korea's cyber warfare threat and the way how, how South Korea deal with it and prepare to against expected threat of cyber warfare in future.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.7
• /
• pp.3245-3250
• /
• 2011

This study introduces a threat level assessment model adapting Fuzzy theories in order to help make decisions for better covering quantitative factors and qualitative ones together. The threat is classified into three major categories - one resulting from navigational condition, another from target vessel specification and the other from external decision environment. The threat levels by each category are examined by a fuzzy inference, and its corresponding weights are assigned via fuzzy measures. Finally the high level threat measures become integrated via a Choquet Fuzzy Integral method into ultimate threat level indicators.