• Journal of Platform Technology
• /
• v.12 no.1
• /
• pp.91-105
• /
• 2024

As the number of cases of applying IT systems to the existing isolated ICS (Industrial Control System) network environment continues to increase, security threats in the ICS environment have rapidly increased. Security threat scenarios help to design security strategies in cybersecurity training, including analysis, prediction, and response to cyberattacks. For successful cybersecurity training, research is needed to develop valid and reliable security threat scenarios for meaningful training. Therefore, this paper proposes a case-based security threat scenario development methodology for cybersecurity training in the ICS environment. To this end, we develop a methodology consisting of five steps based on analyzing actual cybersecurity incident cases targeting ICS. Threat techniques are standardized in the same form using objective data based on the MITER ATT&CK framework, and then a list of CVEs and CWEs corresponding to the threat technique is identified. Additionally, it analyzes and identifies vulnerable functions in programming used in CWE and ICS assets. Based on the data generated up to the previous stage, develop security threat scenarios for cybersecurity training for new ICS. As a result of verification through a comparative analysis between the proposed methodology and existing research confirmed that the proposed method was more effective than the existing method regarding scenario validity, appropriateness of evidence, and development of various scenarios.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.437-447
• /
• 2018

Virtual Reality (VR) is becoming a new standard in the game industry. PokeMon GO is a representative example of VR technology. The day after the launch of PokeMon Go in the U.S, It has achieved the highest number of iOS App Store downloads. This is an example of the power of VR. VR comprises gyroscopes, acceleration, tactile sensors, and so on. This allow users could be immersed in the game. As new technologies emerge, new and different threats are created. So we need to research the security of VR technology and game system. In this paper, we conduct a threat analysis for information assurance of VR device (Oculus Rift) and game system (Quake). We systematically analyze the threats (STRIDE, attack library, and attack tree). We propose security measures through DREAD. In addition, we use Visual Code Grepper (VCG) tool to find out logic errors and vulnerable functions in source code, and propose a method to solve them.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.3
• /
• pp.143-158
• /
• 2017

Smart Home Appliance which makes people to operate machines in the home by remote control is service or technology to provide convenience. It is close to home, so it has privacy problem and security problem. If Smart Home Applications is attacked, Scale of damage is anticipated. In case of products from overseas country, various vulnerability has been announced every year. Therefore, It is necessary to identify and to analysis threats of Smart Home Appliance using systematically method for using safe Smart home appliance service. In this paper, we present check list for identifying and analyzing threats using Threat Modeling and then we analyzed the Domestic Smart Home Appliance using check list which we present.

• Proceedings of the KSR Conference
• /
• 2005.11a
• /
• pp.1-6
• /
• 2005

To improve safety management of railway and cope with the factors to threat technical and social safety, we need to establish railway safety management system based on analysis of hazards and assessment of risk for railway system. So we have to conduct PHA(Preliminary Hazard Analysis) first to understand weak points and factors to possibly threat safety using analysis of related data such as past accident/incident data and safety regulation and classification standards of hazards/causes of railway accidents. Therefore in this research, we led types/dangerous events/causes of risks/factors of risks from hazard log developed based on railway accident classification and hazards of railway accident. PHA model for domestic railway system will be used in risk analysis and risk assessment of railway accident.

• Nuclear Engineering and Technology
• /
• v.55 no.6
• /
• pp.2034-2046
• /
• 2023

Industrial control systems in nuclear facilities are facing increasing cyber threats due to the widespread use of information and communication equipment. To implement cyber security programs effectively through the RG 5.71, it is necessary to quantitatively assess cyber risks. However, this can be challenging due to limited historical data on threats and customized Critical Digital Assets (CDAs) in nuclear facilities. Previous works have focused on identifying data flows, the assets where the data is stored and processed, which means that the methods are heavily biased towards information security concerns. Additionally, in nuclear facilities, cyber threats need to be analyzed from a safety perspective. In this study, we use the system theoretic process analysis to identify system-level threat scenarios that could violate safety constraints. Instead of quantifying the likelihood of exploiting vulnerabilities, we quantify Security Control Measures (SCMs) against the identified threat scenarios. We classify the system and CDAs into four consequence-based classes, as presented in NEI 13-10, to analyze the adversary impact on CDAs. This allows for the ranking of identified threat scenarios according to the quantified SCMs. The proposed framework enables stakeholders to more effectively and accurately rank cyber risks, as well as establish security and response strategies.

• International Journal of Computer Science & Network Security
• /
• v.24 no.4
• /
• pp.179-191
• /
• 2024

With the advancement of modern technology, cyber-attacks are always rising. Specialized defense systems are needed to protect organizations against these threats. Malicious behavior in the network is discovered using security tools like intrusion detection systems (IDS), firewall, antimalware systems, security information and event management (SIEM). It aids in defending businesses from attacks. Delivering advance threat feeds for precise attack detection in intrusion detection systems is the role of cyber-threat intelligence (CTI) in the study is being presented. In this proposed work CTI feeds are utilized in the detection of assaults accurately in intrusion detection system. The ultimate objective is to identify the attacker behind the attack. Several data sets had been analyzed for attack detection. With the proposed study the ability to identify network attacks has improved by using machine learning algorithms. The proposed model provides 98% accuracy, 97% precision, and 96% recall respectively.

• Journal of National Security and Military Science
• /
• s.1
• /
• pp.361-390
• /
• 2003

In this paper, we analyze the security requirement for a circulation of the classified documents. During the whole document process phases, including phases of drafting, sending/receiving messages, document approval, storing and saving, reading, examining, out-sending and canceling a document, we catch hold of accompanied threat factors and export every threat factors of security. We also propose an appropriate and correspondent approach for security in a well-prepared way. Last, we present the security guidelines for security architecture of the classified documents circulation.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.27-37
• /
• 2022

Virtual private network (VPN) services are used in various environments related to national security, such as defense companies and defense-related institutions where digital communication environment technologies are diversified and access to network use is increasing. However, the number of cyber attacks that target vulnerable points of the VPN has annually increased through technological advancement. Thus, this study identified security requirements by performing STRIDE threat modeling to prevent potential and new vulnerable points that can occur in the VPN. STRIDE threat modeling classifies threats into six categories to systematically identify threats. To apply the proposed security requirements, this study analyzed functions of the VPN and formed a data flow diagram in the VPN service process. Then, it collected threats that can take place in the VPN and analyzed the STRIDE threat model based on data of the collected threats. The data flow diagram in the VPN service process, which was established by this study, included 96 STRIDE threats. This study formed a threat scenario to analyze attack routes of the classified threats and derived 30 security requirements for each element of the VPN based on the formed scenario. This study has significance in that it presented a security guideline for enhancing security stability of the VPN used in facilities that require high-level security, such as the Ministry of National Defense (MND).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.491-498
• /
• 2014

Recently, cyber terror has been occurred frequently based on advanced persistent threat(APT) and it is very difficult to detect these attacks because of new malwares which cannot be detected by anti-virus softwares. This paper proposes and verifies the algorithms to detect the advanced persistent threat previously through real-time network monitoring and combinatorial analysis of big data log. In the future, APT attacks can be detected more easily by enhancing these algorithms and adapting big data platform.

• International Journal of Computer Science & Network Security
• /
• v.21 no.7
• /
• pp.249-256
• /
• 2021

An issue of security and threat is urgent as well as it concerns everyone: a person, community, state, etc. Today, the question of cybersecurity has become especially relevant due to general digitalization and the spread of the cyberculture. In terms of it, the growing popularity of videogames can be observed. Their impact on society differs significantly, therefore, it needs thorough consideration. The purpose of the article is to disclose the role of videogames in cybersecurity. To achieve the stated purpose, such methods as analysis, synthesis, systematization and practical involvement of videogames have been used. As a result, three levels of possible threat of videogames has been distinguished: videogames as a possibly dangerous software, as a tool of propaganda and spread of stereotypes, as a space for the creation of virtual communities. In conclusion, it is stated that videogames can be not only a threat, but also a tool for strengthening the cybersecurity.