• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.3
• /
• pp.428-434
• /
• 2020

Recently, due to the development of ICT technology, changes to the convergence service platform of information systems are accelerating. Convergence services expanded to cyber systems with 5G communication, IoT, AI, and cloud are being reflected in the real world. However, the field of cybersecurity audit for responding to cyber attacks and security threats and strengthening security technology is insufficient. In this paper, we analyze the international standard analysis of information security management system, security audit analysis and security of related systems according to the expansion of 5G communication, IoT, AI, Cloud based information system security. In addition, we design and study cybersecurity audit checklists and contents for expanding security according to cyber attack and security threat of information system. This study will be used as the basic data for audit methods and audit contents for coping with cyber attacks and security threats by expanding convergence services of 5G, IoT, AI, and Cloud based systems.

• Review of KIISC
• /
• v.33 no.6
• /
• pp.55-63
• /
• 2023

현대 해양선박은 PLC 등 기존의 OT 시스템과 선박자동식별시스템 등 IT 시스템의 접목으로 스마트선박, 자율운항선박으로 진화되고 있다. 하지만 이러한 기술 통합은 공격이 가능한 접점이 늘어나며, 이는 사이버보안 위협을 증가시키고 있다. 선박은 대부분 항만으로부터 고립된 환경에서 운영되기 때문에 사이버공격이 발생 시 외부의 기술 지원이나 긴급대응이 어려워진다. 이러한 배경으로 해양선박을 대상으로 하는 사이버 복원력은 해양선박 환경에서 중요한 개념으로 자리잡고 있다. 본 논문은 해양선박 환경 표준 통신 네트워크인 SAN을 분석하고, 사이버 복원력을 소개한 후, NIST의 사이버 복원력 모델을 기반으로 해양선박 대상 사이버 복원력 연구를 분석한다.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2004.05a
• /
• pp.495-498
• /
• 2004

기존의 정보보호 방식은 시스템 설계 단계부터 반영된 것이 아니기 때문에 서비스 제공 이후에 발생 가능한 다양한 취약점 공격에 대한 효과적인 대응에 태생적 한계를 지니고 있다. 따라서 사이버 공격에 대한 기존의 수동적인 대응에서 벗어나 능동적이고 공격적인 대응을 할 수 있는 기술들이 필요하게 되었다. 본 논문에서는 우선 기존의 망에 적용한 역추적 시스템을 분석한 다음, 정보통신망 자체를 사이버 공격으로부터 보호하며, 정보통신망의 보안 취약점을 없애 해킹이나 정보유출을 원천적으로 차단할 수 있는 능동형 보안 관리 기술인 역추적 시스템을 분석하여 액티브 네트워크 기반의 역추적 시스템을 분석하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.4
• /
• pp.673-689
• /
• 2022

We propose an APT attack scoring method as a part of the process for detecting and responding to APT attacks. First, unlike previous work that considered inconsistent and subjective factors determined by cyber security experts in the process of scoring cyber attacks, we identify quantifiable factors from components of MITRE ATT&CK^Ⓡ techniques and propose a method of quantifying each identified factor. Then, we propose a method of calculating the score of the unit attack technique from the quantified factors, and the score of the entire APT attack composed of one or more multiple attack techniques. We present the possibility of quantification to determine the threat level and urgency of cyber attacks by applying the proposed scoring method to the APT attack reports, which contains the hundreds of APT attack cases occurred worldwide. Using our work, it will be possible to determine whether actual cyber attacks have occurred in the process of detecting APT attacks, and respond to more urgent and important cyber attacks by estimating the priority of APT attacks.

• Review of KIISC
• /
• v.22 no.5
• /
• pp.73-78
• /
• 2012

스마트그리드는 기존 전력망에 IT 기술을 융합한 차세대 전력망이다. 전력망에 IT 기술을 도입함으로써 운영효율이 증가하고 다양한 부가서비스가 창출되지만 반대로 사이버 보안위협은 증가하게 된다. 사이버 보안위협의 기술적 증가요인으로는 신재생에너지의 보급으로 인한 전력망 연결 접점 증가와 실시간 양방향 통신으로 인한 스마트그리드 기기 공격, 양방향 통신 프로토콜 공격 가능성 존재 등이 있다. 또한, 환경적 증가요인으로는 스마트그리드는 전력망 특성상 사고 발생시 피해 규모가 크므로, 상대국 및 테러집단에 의한 주요 공격대상이 되고 있다는 점이다. 본 논문에서는 이러한 스마트 그리드 사이버 보안위협을 사전에 차단하기 위해, 스마트그리드의 핵심 기술이라 할 수 있는 AMI의 보안 취약점을 발견할 수 있는 현실적인 취약점 점검 항목을 제시한다.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2022.11a
• /
• pp.271-273
• /
• 2022

자율운항선박의 안전한 운항을 위해서는 선박과 선박, 육상과 선박 간의 통신이 무척 중요하다. 또한 자율운항을 위하여 육상과 선박 간, 선박 내 시스템 간의 빈번한 통신 및 데이터 교환으로 인하여 사이버 공격에 취약해지기 때문에 이를 방어하기 위한 사이버보안 기술의 개발 역시 필요하였다. 이에 자율운항선박 기술 개발 사업 중 통신 기술 및 사이버보안 기술 개발 현황에 소개하고자 한다.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.3
• /
• pp.65-72
• /
• 2020

With the development of information technology and the growth of the scale of system and network, cyber threats and crimes continue to increase. To cope with these threats, cybersecurity training based on actual attacks and defenses is required. However, cybersecurity training requires expert analysis and attack performance, which is inefficient in terms of cost and time. In this paper, we propose a cyber attack simulator that automatically executes attack techniques. This simulator generates attack scenarios by combining attack techniques modeled to be implemented and executes the attack by sequentially executing the derived scenarios. In order to verify the effectiveness of the proposed attack simulator, we experimented by setting an example attack goal and scenarios in a real environment. The attack simulator successfully performed five attack techniques to gain administrator privileges.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.8 no.4
• /
• pp.285-296
• /
• 2018

Among many hacking attempts carried out in the past few years, the cyber-attacks that could have caused a national-level disaster were the attacks against nuclear facilities including nuclear power plants. The most typical one was the Stuxnet attack against Iranian nuclear facility and the cyber threat targeting one of the facilities operated by Korea Hydro and Nuclear Power Co., Ltd (Republic of Korea; ROK). Although the latter was just a threat, it made many Korean people anxious while the former showed that the operation of nuclear plant can be actually stopped by direct cyber-attacks. After these incidents, the possibility of cyber-attacks against industrial control systems has become a reality and the security for these systems has been tightened based on the idea that the operations by network-isolated systems are no longer safe from the cyber terrorism. The ROK government has established a realistic control systems defense concept and in the US, the relevant authorities have set up several security frameworks to prepare for the threats. This paper presented various cyber security attack cases and their scenarios against control systems, along with the analysis of countermeasures for them. Though this task, we attempt to identify the items that need to be considered when designing a domestic security framework to improve security and secure stability.

• Journal of Korea Multimedia Society
• /
• v.15 no.2
• /
• pp.226-233
• /
• 2012

Recently, Like we saw with 3.4 DDoS Cyber Terror, a behavior of cyber terror becomes increasingly more complicated, sophisticated and larger, and there has been largely damage on industry, the general economy. For responding cyber terrors which occur in the future, we should recognize security holes of system which isn't exposed yet before attacker in advance as we anticipate and implement new technique of cyber attack which not exist hitherto. We design and implement a new technique of cyber attack; it seems to us that a server denies agent' service by altering value of registry in windows system. Network connections of agent are restricted to the new technique we suggest as the a value of registry is changed to a less value than a necessary value and there has happened packet loss by attacker.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.8
• /
• pp.1052-1057
• /
• 2020

With the development of new ICT technology, smart keys for vehicles are terminals with ICT technology. Therefore, when the vehicle and the smart key communicate with RF, a cyber hacking attack is possible. Cyber-attacks on smart keys can pose a threat to vehicle theft and vehicle control. Therefore, it is necessary to study hacking attacks and vulnerabilities of smart keys for autonomous vehicles. In this paper, we analyze the cyber attack case of RF communication for vehicles and smart keys. In addition, a real RF cyber attack on the smart key is performed, and the vulnerability of radio wave replication in the same frequency band is found. In this paper, we analyze the vulnerability of RF communication between vehicles and smart keys, and propose a countermeasure against cyber security. In the future, plans to strengthen cyber attacks and security through the popularization of autonomous vehicles will become basic data to protect human and vehicle safety.