• Convergence Security Journal
• /
• v.21 no.4
• /
• pp.77-85
• /
• 2021

Cyber protection is an activity that protects the information systems we operate from cyber attacks and threats. To know the level of protection of the currently operating cyber protection system, it is necessary to update the current state of attack technology by reflecting the constantly evolving cyber threats and to analyze whether it is possible to respond with the protection function. Therefore, in this paper, we analyze the relationship between the attack procedures and defense types of the cyber kill chain with the defense technology(Mitigation ID) of MITRE and present the cyber protection level for each military unit type with a focus on defensive cyber activities. In the future, it is expected that the level of cyber protection will be improved through real-time analysis of the response capabilities of cyber protection systems operating in the defense sector to visualize the level of protection for each unit, investigate unknown cyber threats, and actively complement vulnerabilities.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.4C
• /
• pp.441-447
• /
• 2004

Information security simulator is required for the study on the cyber intrusion and defense as information security has been increasingly popular Until now, the main purposes of information security simulation are security estimation of small network as well as performance analysis of information protection systems. However, network simulators that can simulate attacks in a huge network are in needs since large scale internet attacks are very common in these days. In this paper we proposed a simulator design and its implementation details. Our simulator is implemented by expanding the SSFNet program to the client-sewer architecture. A cyber attack scenario used in our simulator is composed by the advanced attack tree model. We analyzed the simulation results to show the correctness of our network defense simulator.

• Journal of Internet Computing and Services
• /
• v.22 no.1
• /
• pp.41-50
• /
• 2021

Cyber Kill Chain is derived from Kill chain of traditional military terms. Kill chain means "a continuous and cyclical process from detection to destruction of military targets requiring destruction, or dividing it into several distinct actions." The kill chain has evolved the existing operational procedures to effectively deal with time-limited emergency targets that require immediate response due to changes in location and increased risk, such as nuclear weapons and missiles. It began with the military concept of incapacitating the attacker's intended purpose by preventing it from functioning at any one stage of the process of reaching it. Thus the basic concept of the cyber kill chain is that the attack performed by a cyber attacker consists of each stage, and the cyber attacker can achieve the attack goal only when each stage is successfully performed, and from a defense point of view, each stage is detailed. It is believed that if a response procedure is prepared and responded, the chain of attacks is broken, and the attack of the attacker can be neutralized or delayed. Also, from the point of view of an attack, if a specific response procedure is prepared at each stage, the chain of attacks can be successful and the target of the attack can be neutralized. The cyber command and control system is a system that is applied to both defense and attack, and should present defensive countermeasures and offensive countermeasures to neutralize the enemy's kill chain during defense, and each step-by-step procedure to neutralize the enemy when attacking. Therefore, thist paper proposed a cyber kill chain model from the perspective of defense and attack of the cyber command and control system, and also researched and presented the threat classification/analysis/prediction framework of the cyber command and control system from the defense aspect

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.71-80
• /
• 2023

Cyberspace has emerged as the fifth domain of warfare, alongside land, sea, air, and space. It has become a crucial focus for offensive and defensive military operations. Governments worldwide have demonstrated their intent to engage in offensive cyber operations within this domain. This paper proposes an innovative offensive cyber kill chain model that integrates the existing defensive strategy, the cyber kill chain model, with the joint air tasking order (ATO) mission execution cycle and joint target processing procedure. By combining physical and cyber operations within a joint framework, this model aims to enhance national cyber operations capabilities at a strategic level. The integration of these elements seeks to address the evolving challenges in cyberspace and contribute to more effective jointness in conducting cyber operations.

• Nuclear industry
• /
• v.35 no.6
• /
• pp.56-58
• /
• 2015

원전에 대한 사이버 공격이 날로 늘어나고 있는 현 상황에서 원전업계가 스스로 이를 방어해 낼 수 있는 방법은 무엇인가? 한 조직이 혼자서 자기의 사이버 영역에 대한 공격에 대비할 수는 없다. 그런 식으로는 언제나 사이버 공격보다 한 발 늦을 뿐이다. 이 싸움은 일종의 군비 경쟁 같은 것이기 때문에 서로 간의 협력을 통해 우리를 위협하는 사이버 공격자들보다 유리한 고지를 선점하고 있어야 하는 것이다.

• The Science & Technology
• /
• s.528
• /
• pp.46-51
• /
• 2013

• Nuclear industry
• /
• v.36 no.11
• /
• pp.45-52
• /
• 2016

사이버 공격으로부터 원자력 시설을 보호하기 위해 동원되는 갖가지 안전 대책을 다루고 있는 문건은 상당히 많다. 스파이 소설에 나오는 것 같은 사이버 보안상의 공격과 그 방어 전략에 대한 관련 기관들의 검토도 끊임없이 지속되고 있다. 그러나 이제는 원전사업체들도 발생이 가능한 모든 복합적인 위협은 물론 직접적인 사이버 공격을 고려해서 자체적인 대비책을 강구할 필요가 있다.

• Journal of Korean Home Economics Education Association
• /
• v.28 no.4
• /
• pp.79-95
• /
• 2016

This study aims to explore the reality of middle school students witnessing cyberbullying and their types of behaviors after witnessing and to examine the role of empathy affecting the behaviors of bystanders of cyberbullying. For this purpose, we collected the survey data from 595 middle school students in the Gyeong-Gi region. Results show that 61.2% of the respondents report the witness of cyberbullying, Among which cyber slander is the most common, followed by spreading false information, outcast, sexual harassment, and extortion. The behaviors of bystanders who witnessed cyberbullying are categorized into spectating, defending, agreeing, or doing nothing. When it comes to the role of the students' empathy, findings show that the 'empathic concern' and 'personal pain' -, parts of emotional empathic abilities, can significantly influence behaviors of cyberbullying bystanders. These findings not only call the attention to the seriousness of cyberbullying among middle school students, but they also suggest the implication that emotion empathy education is required along with emotion control education.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1247-1258
• /
• 2018

The Cyber Kill Chain originally proposed by Lockheed Martin defines the standard procedure of general cyber attacks and suggests tailored defensive actions per each step, eventually neutralizing the intent of the attackers. Defenders can effectively deal with Advanced Persistent Threat(APT)s which are difficult to be handled by other defensive mechanisms under the Cyber Kill Chain. Recently, however, social engineering techniques that exploits the vulnerabilities of humans who manage the target systems are prevail rather than the technical attacks directly attacking the target systems themselves. Under the circumstance, the Cyber Kill Chain model should evolve to encompass social engineering attacks for the improved effectiveness. Therefore, this paper aims to establish a definite concept of Cyber Kill Chain for social engineering based cyber attacks, called Social Engineering Cyber Kill Chain, helping future researchers in this literature.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.11
• /
• pp.2199-2205
• /
• 2017

The development of modern ICT technology constitutes cyber world by using infrastructure in country and society. There is no border in cyber world. Countries around the world are carrying out cyber attacks for their own benefit. A cyber killer strategy is needed to defend cyber attacks. In order to defend the cyber attack or to determine the responsibility of attack, it is important to grasp the attacker origin point. Strategic cyber kill chains are needed to strike against the attacker origin. In this paper, we study the analysis of attacker origin. And analyze the cyber kill chain for attacker origin point strike. Study the efficient and customized cyber kill chain strategy for attacking the origin point. The cyber kill chain strategy will be a practical strategy to replace the power of nuclear and missiles with asymmetric power.