• Journal of Internet Computing and Services
• /
• v.16 no.5
• /
• pp.1-9
• /
• 2015

As attacks in cyber space become advanced and complex, monotonous defense approach of one-one matching manner between attack and defense may be limited to defend them. More efficient defense method is required. This paper proposes multi layers security scheme that can support to defend assets against diverse cyber attacks in systematical and adaptive. We model multi layers security scheme based on Defense Zone including several defense layers and also discuss essential technical elements necessary to realize multi layers security scheme such as cyber threats analysis and automated assignment of defense techniques. Also effects of multi layers security scheme and its applicability are explained. In future, for embodiment of multi layers security scheme, researches about detailed architecture design for Defense Zone, automated method to select the best defense technique against attack and modeling normal state of asset for attack detection are needed.

• Convergence Security Journal
• /
• v.21 no.4
• /
• pp.41-48
• /
• 2021

Recently, the aspect of war is evolving due to the 4th industrial revolution technology. Among them, AI technology is changing the way of war as it is applied to advanced weapon systems and decision-making systems. Mosaic Warfare, presented by the U.S. DARPA, is shifting military warfare from attrition-centric warfare to decision-centric warfare by combining Internet of Things, cloud computing, big data, mobile, and artificial intelligence technologies. In addition, it is a method to perform operations quickly so that the most offensive effect can be achieved by appropriately combining the distributed and deployed forces according to the battlefield context. In other words, military operations are not carried out through a uniform combat process, but various forces are operated through a distributed system depending on the battlefield context. In cyber warfare, as artificial intelligence is applied to cyber attack technology, there is a limit to responding with the same procedural response method as the existing cyber kill chain. Therefore, in this paper, the execution method of mosaic warfare is applied to perform context-resilient cyber operations that can operate a response system according to the attack and cyberspace context.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.6
• /
• pp.165-171
• /
• 2009

From the late 20th century, rapidly progressing information communication technology and spreading Internet all over the world cause many reverse functions when there is a conversion into the new information society. One of them is cyber terrorism as cyber crime. Cyber terrorism gradually has had a serious problem in the national security as well as the domestic aspects. Therefore, this study looked into the present condition of cyber terrorism, discussed its prospect, and sought the efficient national countermeasure methods against cyber terrorism by comparing other countries' countermeasure systems currently.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.5
• /
• pp.875-884
• /
• 2024

The proliferation of IoT networks has led to an increase in cyber attacks, highlighting the importance of Network Intrusion Detection Systems (NIDS). To overcome the limitations of traditional NIDS and cope with more sophisticated cyber attacks, there is a trend towards integrating artificial intelligence models into NIDS. However, AI-based NIDS are vulnerable to adversarial attacks, which exploit the weaknesses of algorithm. Model Type Inference Attack is one of the types of attacks that infer information inside the model. This paper proposes an optimized framework for Model Type Inference attacks against NIDS models, applying more realistic assumptions. The proposed method successfully trained an attack model to infer the type of NIDS models with an accuracy of approximately 0.92, presenting a new security threat to AI-based NIDS and emphasizing the importance of developing defence method against such attacks.

• The Journal of the Convergence on Culture Technology
• /
• v.5 no.1
• /
• pp.51-58
• /
• 2019

This study focused on violent act, such as verbal offensive and other acts of violence such as cyber bullying, personal information infringement. Online bullying is seriously taking place online, as juvenile violence is seriously debated due to recent school violence. In particular, it is necessary to seek countermeasures by considering the nature of cyber violence in cyberspace, particularly when stalking victims in cyberspace have died from stalking. The study examines the problem of defamation and defamation of character and tries to identify problems. Measures were taken to enact cyber defamation laws. To this end, the Commission analyzed cases of defamation and defamation of character and considered legal precedents. The study intends to study cyber defamation and defamation of character. First, I want to differentiate between cyber libel and defamation of character. Second, I intend to raise the need for cyber defamation of cybercrime and consider the offence of contempt for the criminal justice system. Third, seek ways to protect against cyber defamation and defamation of character.

• Review of KIISC
• /
• v.30 no.2
• /
• pp.59-63
• /
• 2020

국내 원자력발전소는 1978년 웨스팅하우스 노형의 고리1호기부터 2019년 APR-1400 노형의 신고리3호기 준공까지 많은 기술의 발전을 이룩하였다. 과거와 비교하여 현재의 원자력발전소는 단순히 발전용량만 증가한 것이 아니라, 안전에 대한 요구가 반영되어 발전하였다. 첫째, 미국 TMI 사고, 우크라이나 체르노빌 사고, 일본 후쿠시마 사고를 겪으며 자연재해, 인적실수 등에 관한 강화된 대책이 적용되었다. 둘째 미국 Browns Ferry 원전 정지, Hatch 원전 정지, 이란 핵시설 스턱스넷 공격 등을 겪으며, 사이버위협에 대응하기 위한 사이버보안 규제요건이 원자력발전소에 적용되었다. 그러나 사이버보안 규제요건과 원자력발전소 설계요건이 상충하는 부분이 일부 존재한다. 본 논문에서는 원자력발전소 사이버보안 규제요건과 상충하는 설계요건(Code&Standard)을 분석하여, 사이버 보안관점에서 요구되는 보안 조치사항을 도출하였다.

• Annual Conference of KIPS
• /
• 2017.04a
• /
• pp.343-345
• /
• 2017

통신 기술이 발달하고, 네트워크 환경 또한 다양해짐에 따라 통신 사용자들에 대한 사이버 위협 또한 다양해졌다. 패턴인식 기술과 기계학습에 기반한 침입탐지 기술은 새롭게 보고되는 수많은 사이버 공격들에 대응하기 위해 등장하였다. 기계학습 기반의 IDS는 낮은 오탐률과 높은 효율성을 요구하며, 이러한 특징은 데이터셋을 구성하는 방법론에 큰 영향을 받는다. 본 논문에서는 패턴인식 기반 트래픽 분석을 수행하기 위한 데이터셋을 구성할 때 고려해야할 주안점에 대해 논하며, 현실의 사이버 위협 상황을 잘 반영할 수 있는 데이터셋을 도출하는 방법을 모색한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.447-463
• /
• 2022

Artificial Intelligence (AI) technology is a major technology that develops smart ships into autonomous ships in the marine industry. Autonomous ships recognize a situation with the information collected without human judgment which allow them to operate on their own. Existing ship systems, like control systems on land, are not designed for security against cyberattacks. As a result, there are infringements on numerous data collected inside and outside the ship and potential cyber threats to AI technology to be applied to the ship. For the safety of autonomous ships, it is necessary to focus not only on the cybersecurity of the ship system, but also on the cybersecurity of AI technology. In this paper, we analyzed potential cyber threats that could arise in AI technologies to be applied to existing ship systems and autonomous ships, and derived categories that require security risks and the security of autonomous ships. Based on the derived results, it presents future directions for cybersecurity research on autonomous ships and contributes to improving cybersecurity.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.507-522
• /
• 2014

Domestic CERTs are carrying out monitoring and response against cyber attacks using security devices(e.g., IDS, TMS, etc) based on signatures. Particularly, in case of public and research institutes, about 30 security monitoring and response centers are being operated under National Cyber Security Center(NCSC) of National Intelligence Service(NIS). They are mainly using Threat Management System(TMS) for providing security monitoring and response service. Since TMS raises a large amount of security events and most of them are not related to real cyber attacks, security analyst who carries out the security monitoring and response suffers from analyzing all the TMS events and finding out real cyber attacks from them. Also, since the security monitoring and response tasks depend on security analyst's know-how, there is a fatal problem in that they tend to focus on analyzing specific security events, so that it is unable to analyze and respond unknown cyber attacks. Therefore, we propose automated verification method of security events based on their empirical analysis to improve performance of security monitoring and response.

• Review of KIISC
• /
• v.19 no.6
• /
• pp.22-31
• /
• 2009

최근의 컴퓨터 통신 기술은 인터넷 기반으로 이루어지고 있으며 정치 경제 문화 등 사회 전 분야에 있어서 주요 기반 인프라를 구축하는데 없어서는 안 되는 핵심 요소 기술로 자리 잡았다. 이러한 인터넷상에서 기존의 악성코드와는 차별화되는 외부 공격자의 명령 제어를 받는 악성 네트워크인 봇넷이 인터넷 서비스의 보안 위협으로 등장하게 되었다. 최근의 봇넷은 매우 빠르게 진화하고 있으며 봇넷을 이용한 스팸 메일, 개인 정보 탈취, 금품 갈취형 분산 서비스 거부 공격 등은 사이버상의 공격을 주도하는 주요 이슈로 부상하였다. 본 연구에서는 이러한 봇넷의 악성 행위 동향과 함께 이에 대응할 수 있는 기술에 대해서 방향을 제시하고자 한다.