• Title/Summary/Keyword: 사이버 방어

Search Result 178, Processing Time 0.021 seconds

A Proposal Countermeasure to DDoS attacks targered DNS (DNS을 목표한 DDoS공격에 효과적인 대응 방법 제안)

  • Choi, Ji-Woo;Chun, Myung-Jin;Hong, Do-Won;Seo, Chang-Ho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.4
    • /
    • pp.729-735
    • /
    • 2013
  • The recent issue of distributed denial of service attack paralyze major government and financial institution in internet sites. They threatened to the cyber security. There hasn't been easy defense of now using attack. There seems to be increases in damage. In this paper, The recent continue to evolve of distributed denial of service attack. DNS target of distributed denial of service attack give specific examples. but, DNS target of DDoS attacks about defense is insufficient. The DNS Cyber-shelter system was created based on the Cyber-shelter system for DDoS attack in Kisa.. We proposal DNS Cyber-shelter system.

A Study on the Design and Implementation of Algorithm for Next Generation Cyber Certificate Security (차세대 사이버 인증 보안을 위한 알고리즘의 설계 및 구현에 관한 연구)

  • Lee, Chang-Jo;Kim, Sang-Bok
    • Convergence Security Journal
    • /
    • v.6 no.3
    • /
    • pp.69-78
    • /
    • 2006
  • ID security policy is generally formulated from the input of many members of an organization, including security officials, line managers, and ID resource specialists. However, policy is ultimately approved and issued by the organization's senior management. In environments where employees feel inundated with policies, directives, guidelines and procedures, an ID security policy should be introduced in a manner that ensures that management's unqualified support is clear. This paper will discuss Next Generation Cyber Certificate security policy in terms of the different types program-level and issue-specific, components, and Design and Implementation of Security Algorithm Simulation based on 4GL, PowerBuilder7.0.

  • PDF

The probable use of UAV(Unmanned Aerial Vehicle) in crime, cybercrime, and terrorism and responses (무인기 개발과 범죄, 사이버 범죄, 테러 활용 가능성과 대응방안)

  • Joh, Hyeon-Jin;Yun, Min-Woo
    • Korean Security Journal
    • /
    • no.46
    • /
    • pp.189-216
    • /
    • 2016
  • In March 2015, the North Korean UAVs (Unmanned Aerial Vehicles) were found and countries around the world have actively developed UAVs. UAVs or Drone have become commercialized and more civilians use UAVs for leisure. The positive possibilities of UAV use expand. However, there could be the negative sides of UAV use. The UAVs could be used for the purpose of various crime, cybercrime, and terrorism. For instance, hacking devices attached drone could be infiltrated into the sensitive networks to steal personal informations and public data. This could be a new dimension of cybercrime. As the number of internet users and cyberspace rapidly expands, problems of crimes could be worsened both quantitatively and qualitatively. By contrast, defensive measures against such threats are limited. Especially, the Korean society is vulnerable despite its well-advanced internet and computer network technology. This article investigates the current UAV types and its developments, discusses various possibilites of UAV-related crime, cybercrime, and terrorism, and proposes responses.

  • PDF

A Study on the Problems of Procedural Law Against Cyber Crimes in Korea - On the Trend of Procedural Law Against Cyber Crimes of U.S - (우리 사이버범죄 대응 절차의 문제점에 관한 연구 - 미국의 사이버범죄대응절차법을 중심으로 -)

  • Lim Byoung-Rak;Oh Tae-Kon
    • Journal of the Korea Society of Computer and Information
    • /
    • v.11 no.4 s.42
    • /
    • pp.231-241
    • /
    • 2006
  • When current cyber attacks to information and communication facilities are examined, technologies such as chase evasion technology and defense deviation technology have been rapidly advanced and many weak systems worldwide are often used as passages. And when newly-developed cyber attack instruments are examined, technologies for prefect crimes such as weakness attack, chase evasion and evidence destruction have been developed and distributed in packages. Therefore, there is a limit to simple prevention technology and according to cases, special procedures such as real-time chase are required to overcome cyber crimes. Further, cyber crimes beyond national boundaries require to be treated in international cooperation and relevant procedural arrangements through which the world can fight against them together. However, in current laws, there are only regulations such as substantial laws including simple regulations on Punishment against violation. In procedure, they are treated based on the same procedure as that of general criminal cases which are offline crimes. In respect to international cooperation system, international criminal private law cooperation is applied based on general criminals, which brings many problems. Therefore, this study speculates the procedural law on cyber crimes and presents actual problems of our country and its countermeasures.

  • PDF

A Study on Korea's Countermeasures Through the Analysis of Cyberattack Cases in the Russia-Ukraine War (러시아-우크라이나 전쟁에서의 사이버공격 사례 분석을 통한 한국의 대응 방안에 관한 연구)

  • Lee, Hyungdong;Yoon, Joonhee;Lee, Doeggyu;Shin, Yongtae
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.11 no.10
    • /
    • pp.353-362
    • /
    • 2022
  • The Russian-Ukraine war is accompanied by a military armed conflict and cyberattacks are in progress. As Russia designated Korea as an unfriendly country, there is an urgent need to prepare countermeasures as the risk of cyberattacks on Korea has also increased. Accordingly, impact of 19 cyberattack cases were analyzed by their type, and characteristics and implications were derived by examining them from five perspectives, including resource mobilization and technological progress. Through this, a total of seven measures were suggested as countermeasures for the Korean government, including strengthening multilateral cooperation with value-sharing countries, securing cyberattack capabilities and strengthening defense systems, and preparing plans to connect with foreign security companies. The results of this study can be used to establish the Korean government's cybersecurity policy.

Cost-Effective, Real-Time Web Application Software Security Vulnerability Test Based on Risk Management (위험관리 기반의 비용 효율적인 실시간 웹 애플리케이션 소프트웨어 보안취약점 테스팅)

  • Kumi, Sandra;Lim, ChaeHo;Lee, SangGon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.1
    • /
    • pp.59-74
    • /
    • 2020
  • The web space where web applications run is the cyber information warfare of attackers and defenders due to the open HTML. In the cyber attack space, about 84% of worldwide attacks exploit vulnerabilities in web applications and software. It is very difficult to detect web vulnerability attacks with security products such as web firewalls, and high labor costs are required for security verification and assurance of web applications. Therefore, rapid vulnerability detection and response in web space by automated software is a key and effective cyber attack defense strategy. In this paper, we establish a security risk management model by intensively analyzing security threats against web applications and software, and propose a method to effectively diagnose web and application vulnerabilities. The testing results on the commercial service are analyzed to prove that our approach is more effective than the other existing methods.

A Study on Structuring of Information Sharing Platforms Based on Risk Communication Theory (위험커뮤니케이션 이론에 기반을 둔 정보공유 플랫폼 구조화 연구)

  • Yoo, Ji-Yeon;Park, Hyang-Mi
    • Convergence Security Journal
    • /
    • v.19 no.2
    • /
    • pp.59-72
    • /
    • 2019
  • In this day and age physical and cyber boundaries have converged due to the development of new technologies, such as the Internet of Things (IoT) and the Cyber Physical System (CPS). As the relationship between physical system and cyber technology strengthens, more diverse and complex forms of risk emerge. As a result, it is becoming difficult for single organization or government to fully handle this situation alone and cooperation based on information sharing and the strengthening of active defense systems are needed. Shifting to a system in which information suitable for various entities can be shared and automatically responded to is also necessary. Therefore, this study tries to find improvements for the current system of threat information collecting and sharing that can actively and practically maintain cyber defense posture, focusing particularly on the structuring of information sharing platforms. To achieve our objective, we use a risk communication theory from the safety field and propose a new platform by combining an action-oriented security process model.

Attack Surface Expansion through Decoy Trap for Protected Servers in Moving Target Defense

  • Park, Tae-Keun;Park, Kyung-Min;Moon, Dae-Sung
    • Journal of the Korea Society of Computer and Information
    • /
    • v.24 no.10
    • /
    • pp.25-32
    • /
    • 2019
  • In this paper, we propose a method to apply the attack surface expansion through decoy traps to a protected server network. The network consists of a large number of decoys and protected servers. In the network, each protected server dynamically mutates its IP address and port numbers based on Hidden Tunnel Networking that is a network-based moving target defense scheme. The moving target defense is a new approach to cyber security and continuously changes system's attack surface to prevent attacks. And, the attack surface expansion is an approach that uses decoys and decoy groups to protect attacks. The proposed method modifies the NAT table of the protected server with a custom chain and a RETURN target in order to make attackers waste all their time and effort in the decoy traps. We theoretically analyze the attacker success rate for the protected server network before and after applying the proposed method. The proposed method is expected to significantly reduce the probability that a protected server will be identified and compromised by attackers.

Dynamic Simulation on a Network Security Simulator using SSFNet (SSFNet을 이용한 네트워크 보안 시뮬레이터에서 동적 시뮬레이션 방법)

  • 박응기;윤주범;임을규
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.14 no.3
    • /
    • pp.101-106
    • /
    • 2004
  • Recently, a network defense simulator becomes essential in studying cyber incidents because the cyber terror become more and more interesting. The network defense simulator is a tool to estimate damages and an effectiveness of a defense mechanism by modeling network intrusions and defense mechanisms. Using this tool, users can find efficient ways of preventing a cyber terror and recovering from the damage. Previous simulators start the simulation after entire scenario has made and been loaded to simulation engine. However, in this way it can't model human judgement and behavior, and it can't simulate the real cyber terror very well. In this paper, we have added a dynamic simulation component to our previous network security simulator. This component improved accurate modeling of network intrusions and defense behaviors. We have also proposed new modified architecture of the simulation system. Finally we have verified correct simulation results from stammer worn simulation.

Current Trends in the U.S. Cybersecurity Laws (미국 사이버보안법의 최근 동향 - 「사이버보안 정보공유법」을 중심으로 하여 -)

  • Yang, Chun-Soo;Jee, Yu-Mi
    • Journal of Legislation Research
    • /
    • no.54
    • /
    • pp.155-192
    • /
    • 2018
  • As the 'hyper-connected society' has emerged through the 'Fourth Industrial Revolution, public interests as well as social dangers have increased. Above all, the risk of infringement of information, including confidential personal information, is dramatically increasing. As the hyper-connected society has been realized, even if only one of the internet devices is hacked, there would be a danger that the ripple effect of such a hacking spreads to the whole network. Therefore, the necessity and importance of information security, including cybersecurity, has been increasing. In other words, the stability of cyberspace and internet space is becoming more important. As a result, the Korean government is seeking to build a legal system related to information security, which would be able to cope with the information infringement problem in the hyper-connected society. However, it seems that the government is still struggling with the direction of building such a legal system. In this context, a comparative review examining the legal systems of advanced foreign countries will provide meaningful implications as to what kinds of legal policies we should devise and implement for information security. In particular, the U.S. legislative act that actively responds to the cybersecurity violations is worthy of reference. For this reason, this article systematically analyzes the current status of the U.S. cybersecurity laws. Especially, this article focuses on the "Cybersecurity Information Sharing Act of 2015"(hereinafter "CISA"), that was recently enacted by the U.S. congress. The CISA prescribes the systemic and detailed information-sharing between national and private entities. The CISA, that actively promotes information-sharing, is full of suggestions for us, in that information-sharing is an effective way to properly realize information security in today's hyper-connected society.