• Electronics and Telecommunications Trends
• /
• v.30 no.4
• /
• pp.120-128
• /
• 2015

최근 인터넷의 거대화와 더불어 기본적으로 ISP의 오버헤드를 최소화하는 요구사항을 만족시켜 줄 수 있는 역추적기술 보장에 큰 비중을 두고 있으며, 현재 또는 차세대 인터넷에서 적용 가능한 역추적기술이 필요하다. 본 논문은 사이버 표적공격(Advanced Persistent Threats: APT)에 적용 가능한 역추적(Traceback)기술에 대한 동향을 살펴본다. 특히 기존 IP 및 TCP Connection 기반 역추적방법 중 Network 기반 Connection 추적기술인 Timing-based Approach에 대해서 상세히 살펴보며 아울러 본 논문에서 제안하는 Netflow 기반의 ON-OFF 모델 확장을 통한 Timing-based Connection Traceback Approach의 기술적 적용을 통하여 공격 시스템의 위치와 실제 해킹을 시도하는 해커의 위치가 서로 다르다 하더라도 실제 해커의 위치인 공격 근원지를 추적할 수 있는 기술적 가능성 및 전망을 소개한다.

• Convergence Security Journal
• /
• v.16 no.5
• /
• pp.11-16
• /
• 2016

In modern society, the development of Information and Communication Technology has given people a lot of opportunities. But on the other side cyber attack also gives enormous damage to people. Recently Korea has become the target of cyber attack. The threat of it is growing. Especially North Korea has committed hostile actions against South Korea. North Korea has recently attacked the computer networks of South Korea's important national facilities. The types of North Korea's cyber attacks include the followings. First, if we see it with the viewpoint of software, it tries to destroy or control the Internet, infects the networks with viruses, worms, Trojan Horse and Distributed Denial of Service. I suggest the following to solve the problem. First, South Korea should unify the organizations to respond to the attacks of North Korea, as North Korea has a unified organization for the cyber attack. Second, they should think about the establishment of "Cyber Terrorism Prevention Act" to systematically respond to the software attacks.

• Annual Conference of KIPS
• /
• 2017.04a
• /
• pp.198-200
• /
• 2017

정보통신 기술이 발달하여 삶의 질을 높여주는 반면 미흡한 보안정책과 다양하고 강력한 해킹 기술들로 인한 피해가 늘어나는 추세이다. 이러한 해킹 피해 규모는 점차 커지게 되어 국가기반시설까지 영향을 미치고 있다. 본 논문은 어떠한 시스템에 사이버 공격이 행해졌을 때, 디지털 포렌식 기술과 공격트리를 융합하여 그 공격의 방법과 경로를 밝혀주는 기술에 대한 내용이다. 제안하는 기술은 각 기관의 특성에 맞게 해킹의 경로나 방법을 사용자에게 알리는 기능을 갖추었기 때문에 기관의 시스템 및 네트워크의 피해를 평가하는데 도움이 되며 그에 따른 솔루션들이 빠르게 결정될 것으로 기대된다.

• Electronics and Telecommunications Trends
• /
• v.28 no.6
• /
• pp.28-36
• /
• 2013

사이버 테러의 급증으로 인해 사이버 공간에서의 네트워크 역할이 중요해 지고 있다. 이러한 사이버 공격, 정보 유출 등에 의한 국가적 차원의 사이버 안보 위협에 적극적으로 대처하고자 세이프 네트워크기술 개발을 추진 중이다. 본고에서는 (1) IP 주소 은닉기반 라우팅 기술, (2) 전역적 제어 관리 시스템 기술 (3) 폐쇄망용 프로텍티드 WiFi시스템기술, (4) 보안을 강화한 네트워크 SW 기술을 주축으로 하는 세이프 네트워크의 핵심기술 및 주요 시스템의 기술개발 동향에 대해 알아본다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1595-1606
• /
• 2018

Recently, there has been an increase in the number of social engineering techniques that indirectly attack the target system administrators or organizational weaknesses rather than the traditional technical cyber attacks that directly attacked the target systems. Accordingly, the type analysis and case study of social engineering techniques are being actively conducted. There has been, however, little effort to derive an analysis model that systematically analyzes social engineering based cyberspace operations. Therefore, this paper aims at building a Social Engineering Based Cyberspace Operations Analysis Model, which can be used as a reference framework for a case study or attack scenario generation of social engineering based cyberspace operations.

• Convergence Security Journal
• /
• v.20 no.5
• /
• pp.19-26
• /
• 2020

The purpose of this paper is to ccompare and analyze North Korean cyber attacks and our responses by government, from the Roh Moo-hyun administration to the Moon Jae-in administration. The current conflict of interests on the Korean peninsula, such as the United States, China, and Russia, is leading to a conflict for the leadership of a new world order in cyberspace. Cyber attacks are accelerating and threats are rising. Cyber threats exhibit several characteristics. Above all, it is difficult to identify or track the subject of the threat. Also, with the development of information and communication technology, attack technology has become more intelligent, and it is not easy to prepare a means to respond. Therefore, it is necessary to improve continuous and preemptive response capacity for national cybersecurity, and to establish governance among various actors, such as international cooperation between countries or private experts.

• Annual Conference of KIPS
• /
• 2017.11a
• /
• pp.1318-1321
• /
• 2017

스마트 그리드는 노후화된 전력망에 정보통신 기술을 융합하여 지능화시킴으로써, 전력 사용을 가능한 효율적으로 만들기 위한 기술이다. 대표적인 융합 기술이기 때문에, 시스템의 보안 취약점이 많아질 수 밖에 없다. 이러한 이유로 보안 기술에 대한 관심이 많아지고 있으며, 개별 어플리케이션 도메인에서 발생할 수 있는 사이버 보안 실패 시나리오에 대한 분석이 활발히 이루어지고 있다. 본 논문에서는 어플리케이션 도메인내 실패 시나리오의 공격 트리를 분석하여 공통적으로 발생하는 있는 8개의 공격 모델에 대한 공격 트리를 정리하고 이를 도식화한다.

• Convergence Security Journal
• /
• v.24 no.3
• /
• pp.187-193
• /
• 2024

With the advancement of AI and IoT, cybersecurity threats have increased dramatically. As the methods and objectives of cyber-attacks evolve, universities, like all major industries, are facing serious cybersecurity issues. Universities hold vast amounts of sensitive information such as students' personal data, research data, and intellectual property, making them prime targets for cyber threats. Therefore, this paper aims to present cybersecurity strategies from both institutional and technical perspectives to help university leaders and policymakers enhance their cybersecurity posture. The study reviews current trends through the flow of cyber-attacks and proposes governance, policy development, risk management, and the establishment of FIDO and AI-based security systems to respond to the increase in sophisticated threats such as ransomware and AI-based malware.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.10
• /
• pp.353-362
• /
• 2022

The Russian-Ukraine war is accompanied by a military armed conflict and cyberattacks are in progress. As Russia designated Korea as an unfriendly country, there is an urgent need to prepare countermeasures as the risk of cyberattacks on Korea has also increased. Accordingly, impact of 19 cyberattack cases were analyzed by their type, and characteristics and implications were derived by examining them from five perspectives, including resource mobilization and technological progress. Through this, a total of seven measures were suggested as countermeasures for the Korean government, including strengthening multilateral cooperation with value-sharing countries, securing cyberattack capabilities and strengthening defense systems, and preparing plans to connect with foreign security companies. The results of this study can be used to establish the Korean government's cybersecurity policy.

• Smart Media Journal
• /
• v.4 no.4
• /
• pp.80-85
• /
• 2015

As the number of applications using the internet the rapidly increasing incidence of cyber attacks made on the internet has been increasing. In the equipment of L3 DDoS attack detection equipment in the world and incomplete detection of application layer based intelligent. Next-generation networks domestic product in high-performance wired and wireless network threat response techniques to meet the diverse requirements of the security solution is to close one performance is insufficient compared to the situation in terms of functionality foreign products, malicious code detection and signature generation research primarily related to has progressed malware detection and analysis of the research center operating in Window OS. In this paper, we describe the current status survey and analysis of the latest variety of new attack techniques and analytical skills with the latest cyber-attack analysis prejudice the security situation.