• The Science & Technology
• /
• s.528
• /
• pp.46-51
• /
• 2013

• The Science & Technology
• /
• s.528
• /
• pp.52-56
• /
• 2013

• The Science & Technology
• /
• s.528
• /
• pp.63-65
• /
• 2013

• Information and Communications Magazine
• /
• v.27 no.4
• /
• pp.23-30
• /
• 2010

스마트그리드는 정보통신 기술과 전력망의 융합으로 탄생한 새로운 형태의 차세대 전력망으로, 전력공급의 중추인 스마트그리가 사이버 공격에 피해를 입으면 국가 전력마비와 같은 큰 피해를 입게 될 것이다. 실제 최근 전력망에 대한 사이버 공격 위협이 증가하고 있고 실제 공격 사례도 지속적으로 보고되는 등 스마트그리드에 대한 사이버 보안 위협은 간과할 수준의 것이 아니다. 이에 본 논문에서는 스마트그리드에 대한 사이버 보안 위협과 스마트그리드 사이버 보안성 강화를 위한 국내 외의 다양한 노력에 대하여 살펴보고, 국내 스마트그리드의 보안성 강화를 위해 향후 서둘러 수행해야 할 사이버 보안 대응 방안을 제시한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1247-1258
• /
• 2018

The Cyber Kill Chain originally proposed by Lockheed Martin defines the standard procedure of general cyber attacks and suggests tailored defensive actions per each step, eventually neutralizing the intent of the attackers. Defenders can effectively deal with Advanced Persistent Threat(APT)s which are difficult to be handled by other defensive mechanisms under the Cyber Kill Chain. Recently, however, social engineering techniques that exploits the vulnerabilities of humans who manage the target systems are prevail rather than the technical attacks directly attacking the target systems themselves. Under the circumstance, the Cyber Kill Chain model should evolve to encompass social engineering attacks for the improved effectiveness. Therefore, this paper aims to establish a definite concept of Cyber Kill Chain for social engineering based cyber attacks, called Social Engineering Cyber Kill Chain, helping future researchers in this literature.

• Annual Conference of KIPS
• /
• 2017.11a
• /
• pp.224-227
• /
• 2017

정보통신 기술이 발전하면서 범국가적으로 사이버 환경은 사람들에게 없어서는 안 될 존재가 되었다. 이러한 사이버 환경은 간혹 악의적인 사이버 공격자로 인해 파괴되거나 손상된다. 본 논문에서는 사이버 공격에 대한 위험 지수를 개발 방안을 제시한다. 위험 지수에 대한 개발이 이루어진 후 위험 지수와 사이버 공격 횟수끼리 계산하여 값을 산출시킨다. 산출된 값은 곧 공격에 대한 중요도 점수로 표현되며, 이 값에 따라 사이버 전투 피해 평가 항목의 우선순위를 알 수 있게 된다.

• Convergence Security Journal
• /
• v.23 no.3
• /
• pp.21-28
• /
• 2023

The development of information and communication technology in the 21st century has increased operational efficiency by providing hyper-connectivity and hyper-intelligence in the control systems of major infrastructure, but is also increasing security vulnerabilities, exposing it to hacking threats. Among them, the electric power system that supplies electric power essential for daily life has become a major target of cyber-attacks as a national critical infrastructure system. Recently, in order to protect these power systems, various security systems have been developed and the stability of the power systems has been maintained through practical cyber battle training. However, as cyber-attacks are combined with advanced ICT technologies such as artificial intelligence and big data, it is not easy to defend cyber-attacks that are becoming more intelligent with existing security systems. In order to defend against such intelligent cyber-attacks, it is necessary to know the types and aspects of intelligent cyber-attacks in advance. In this study, we analyzed the evolution of cyber attacks combined with advanced ICT technology.

• Journal of IKEEE
• /
• v.26 no.3
• /
• pp.389-395
• /
• 2022

With the evolution of technology, cyber physical systems (CPSs) are being upgraded, and new types of cyber attacks are being discovered accordingly. There are many forms of cyber attack, and all cyber attacks are made to manipulate the target systems. A representative system among cyber physical systems is a cyber physical power system (CPPS), that is, a smart grid. Smart grid is a new type of power system that provides reliable, safe, and efficient energy transmission and distribution. In this paper, specific types of cyber attacks well known as false data injection attacks targeting state estimation and energy distribution of smart grid, and protection strategies for defense of these attacks and dynamic monitoring for detection are described.

• The Journal of Korean Association of Computer Education
• /
• v.14 no.6
• /
• pp.65-73
• /
• 2011

As we can see from the recent cyber attack, APT(Advanced Persistent Threat) is trend of hacking attack in the World. Thus, HTTP Get Flooding attack is considered to be one of the most successful attacks in cyber attack method. In this paper, designs and implements new technique for the cyber attack using HTTP get flooding technology. also, I need a defence about DDoS attack through APT Tools.

• Convergence Security Journal
• /
• v.21 no.4
• /
• pp.77-85
• /
• 2021

Cyber protection is an activity that protects the information systems we operate from cyber attacks and threats. To know the level of protection of the currently operating cyber protection system, it is necessary to update the current state of attack technology by reflecting the constantly evolving cyber threats and to analyze whether it is possible to respond with the protection function. Therefore, in this paper, we analyze the relationship between the attack procedures and defense types of the cyber kill chain with the defense technology(Mitigation ID) of MITRE and present the cyber protection level for each military unit type with a focus on defensive cyber activities. In the future, it is expected that the level of cyber protection will be improved through real-time analysis of the response capabilities of cyber protection systems operating in the defense sector to visualize the level of protection for each unit, investigate unknown cyber threats, and actively complement vulnerabilities.