• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.1
• /
• pp.103-113
• /
• 2017

Cyber attacks can be classified by type of cyber war, terrorism and crime etc., depending on the purpose and intent. Those are mobilized the various means and tactics which are like hacking, DDoS, propaganda. The damage caused by cyber attacks can be calculated by a variety of categories. We may identify cyber attackers to pursue trace-back based facts including digital forensics etc. However, recent cyber attacks are trying to induce confusion and deception through the manipulation of digital information or even conceal the attack. Therefore, we need to do the harm-based analysis. In this paper, we analyze the damage caused during cyber attacks from economic and political point of view and by inferring the attack intent could classify types of cyber attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.401-415
• /
• 2019

Recently, there has been a lot of studies and efforts to strengthen the stability of critical infrastructures against increasing cyber attacks to critical infrastructures. In this thesis, I defined what cyber threats are, after showing you various definitions about what cyber threats are and what the types are. After studying about significant cyber threats from China, I showed you the realities of cyber threats with the analysis about starting points, types of cyber threats, ratios of attacks and so on. At last, I defined guidelines about unnecessary oversea IP range blocking. Also, I proposed unnecessary oversea IP range blocking methodologies with per information system and per network system. Furthermore, I proposed blocking characteristics per security equipment and security operation improvement and blocking effects and service process to normal oversea users.

• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 2005.10a
• /
• pp.165-174
• /
• 2005

본 논문에서는 2개의 오프라인 기반의 사이버대학과 2개의 순수 온라인 기반의 사이버대학을 대상으로, 각 대학의 이동성매체 도입의 차이점과 해당 대학의 학습자와, 교수자의 이동성매체를 통한 서비스 요구사항들이 정보제공자와 어떠한 격차를 보이는지에 대한 요구격차분석을 수행하였다. 이를 통해서, 이동성매체 도입에 따른 서비스 요구를 범주화하고 사이버대학의 이동성매체 도입 유형모델을 제시 하였다. 심층면담에 근거한 질적 연구 방법을 통해서, 사이버대학의 이동성매체 도입에 대한 교수-학습자와 정보제공자 간의 서비스 요구를 9가지 범주(컨텐츠 품질, 적시적 인포메이션 서비스, 교수학습자간 커뮤니케이션, 저작권 문제, 서비스 접근성, 서비스이해도, 서비스 선호도, 서비스 표준화, 교수-학습자와 정보제공자간의 컨센서스)로 도출하였다. 또한 인터뷰 결과의 분석을 통해서, 4개의 사이버대학이 중요시 하는 서비스 요구의 범주가 상이한 것을 확인할 수 있었다. 이를 토대로 사이버대학의 이동성매체 도입의 유형을 '요구적극 반영형', '신중도입 검토형', '경쟁적 도입 반영형', '요구소극적 반영형'으로 분석하였다.

• Convergence Security Journal
• /
• v.24 no.3
• /
• pp.187-193
• /
• 2024

With the advancement of AI and IoT, cybersecurity threats have increased dramatically. As the methods and objectives of cyber-attacks evolve, universities, like all major industries, are facing serious cybersecurity issues. Universities hold vast amounts of sensitive information such as students' personal data, research data, and intellectual property, making them prime targets for cyber threats. Therefore, this paper aims to present cybersecurity strategies from both institutional and technical perspectives to help university leaders and policymakers enhance their cybersecurity posture. The study reviews current trends through the flow of cyber-attacks and proposes governance, policy development, risk management, and the establishment of FIDO and AI-based security systems to respond to the increase in sophisticated threats such as ransomware and AI-based malware.

• Journal of The Korean Association of Information Education
• /
• v.13 no.2
• /
• pp.193-204
• /
• 2009

This study examines the effects of cyber learning counseling based on self-reflective activities on learning motivation and habits of elementary students. From the above processes, following findings could be drawn: First, the cyber learning counseling based on self-reflective activities turned out to have positive effects on promoting the motivation of elementary students for learning. Positive impacts were found in 4 sub-factors of motivation for learning, that are, attention, relevance, conviction and satisfaction that were enhanced after cyber counseling for learning was given. Second, the cyber learning counseling based on self-reflective activities were found to have positive effects on changing elementary students' habit of learning. After cyber learning counseling was carried out, Positive impacts were visible in sub-factors of learning habit which are the behavioral indexes of applying learning skill and student-initiated behavior.

• Journal of the Korea Convergence Society
• /
• v.10 no.3
• /
• pp.135-140
• /
• 2019

This study is aimed at analyzing cyber motion sickness factors focus on virtual environment-based VR and real-world VR. First literature study of cyber motion sickness, 3D animations and documentaries were conducted. As a measurement tool for the degree of motion sickness, the symptom values were measured in a standardized SSQ (Simulator Sickness Questnire) questionnaire. Following the measurement, an in-depth interview was conducted based on the SSQ questionnaire. The results are as follows, First, actual environment based VR caused bigger cyber motion sickness, second, values of strong saturation of VR contents cause cyber motion sickness. This study is expected to be used as design guidelines for configuring VR early contents and to be used for cyber motion sickness research.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.115-123
• /
• 2020

Cyber Attack have evolved more and more in recent years. One of the best countermeasure to counter this advanced and sophisticated cyber threat is to predict cyber attacks in advance. It requires a lot of information and effort to predict cyber threats. If we use Open Source Intelligence(OSINT), the core of recent information acquisition, we can predict cyber threats more accurately. In order to predict cyber threats using OSINT, it is necessary to establish a Database(DB) for cyber attacks from OSINT and to select factors that can evaluate cyber threats from the established DB. We are based on previous researches that built a cyber attack DB using data mining and analyzed the importance of core factors among accumulated DG factors by AHP technique. In this research, we present a method for quantifying cyber threats and propose a cyber threats prediction model based on artificial neural networks.

• Journal of Platform Technology
• /
• v.12 no.1
• /
• pp.91-105
• /
• 2024

As the number of cases of applying IT systems to the existing isolated ICS (Industrial Control System) network environment continues to increase, security threats in the ICS environment have rapidly increased. Security threat scenarios help to design security strategies in cybersecurity training, including analysis, prediction, and response to cyberattacks. For successful cybersecurity training, research is needed to develop valid and reliable security threat scenarios for meaningful training. Therefore, this paper proposes a case-based security threat scenario development methodology for cybersecurity training in the ICS environment. To this end, we develop a methodology consisting of five steps based on analyzing actual cybersecurity incident cases targeting ICS. Threat techniques are standardized in the same form using objective data based on the MITER ATT&CK framework, and then a list of CVEs and CWEs corresponding to the threat technique is identified. Additionally, it analyzes and identifies vulnerable functions in programming used in CWE and ICS assets. Based on the data generated up to the previous stage, develop security threat scenarios for cybersecurity training for new ICS. As a result of verification through a comparative analysis between the proposed methodology and existing research confirmed that the proposed method was more effective than the existing method regarding scenario validity, appropriateness of evidence, and development of various scenarios.

• Review of KIISC
• /
• v.29 no.3
• /
• pp.51-65
• /
• 2019

미국의 사이버보안 관련 법률은 1987년 컴퓨터보안법이 제정되는 시점이 본격적인 시작이라고 할 수 있다. 1990년대에는 컴퓨터 및 인터넷의 발전으로 정보보안의 중요성이 대두되었으며 법률은 데이터 보호 및 프라이버시 중심으로 제정되었다. 2002년 국토안보부 설립을 위한 국토안보법의 제정을 통해 본격적인 국가 사이버보안 정책을 시작할 수 있는 토대를 마련하였다. 전자정부법(2002) 부속법률인 연방정보보안관리법(FISMA 2002)은 연방기관들의 사이버보안 관련 임무를 구체화하여 국가차원의 사이버위협 대응을 체계적으로 할 수 있었다. 2014년 연방정보현대화법(FISMA 2014)으로 개정되어 지난 10여년간의 시행착오를 바로잡는 노력을 진행하고 있다. 2015년 사이버보안법(Cybersecurity Act 2015), 2018년 사이버보안 및 기반구조보안기관법(CISA 2018)을 제정하여 국가 사이버보안 체계를 획기적으로 발전한 미국의 사이버보안 법률의 추진 현황을 살펴봄으로써 우리나라의 법체계의 발전방향에 대해 고찰해 보도록 한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.10b
• /
• pp.577-579
• /
• 2001

인터넷이 발전함에 따라 교육의 형태가 오프라인 서비스에서 온라인 학습 서비스로 확장되어 있는 추세이다. 따라서 인터넷에서의 교육이 하나의 교육의 형태로 자리 잡게 되었다. 사이버 학습을 통한 교육은 방대한 학습 자료를 학습자의 학습정도나 일정에 맞는 맞춤형태의 서비스가 중요하다. 이러한 학습 컨텐츠 기반의 인터넷 사이버 학습은 기존치 오프라인에서 사용한 컨텐츠를 유기적으로 통합하여 온라인에서 제공하는 것이 큰 관건이 되어지고 있다. 이를 위해 본 논문은 XML을 이용하여 기존의 인터넷 가상학습을 XML을 기반으로 하여 오프라인에서의 컨텐츠를 온라인에 적용하여 학습자에 학습 환경을 보다 폭 널게 제공하였다. 또한 학습자의 학습 정도를 유지하고 파악할 수 있게 학습자의 학습 현황정보를 유지하여 맞춤형 사이버학습을 구현하였다.