• Journal of Internet Computing and Services
• /
• v.23 no.5
• /
• pp.87-101
• /
• 2022

Cyber-attacks occur in the blink of an eye in cyberspace, and the damage is increasing all over the world. Therefore, it is necessary to develop a cyber common operational picture that can grasp the various assets belonging to the 3rd layer of cyberspace from various perspectives. By applying the method for grasping battlefield information used by the military, it is possible to achieve optimal cyberspace situational awareness. Therefore, in this study, the visualization screens necessary for the cyber common operational picture are identified and the criteria (response speed, user interface, object symbol, object size) are investigated. After that, the framework is designed by applying the identified and investigated items, and the visualization screens are implemented accordingly. Finally, among the criteria investigated by the visualization screen, an experiment is conducted on the response speed that cannot be recognized by a photograph. As a result, all the implemented visualization screens met the standard for response speed. Such research helps commanders and security officers to build a cyber common operational picture to prepare for cyber-attacks.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.21 no.6
• /
• pp.807-816
• /
• 2018

Threat hunting is defined as a process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions. The main concept of threat hunting is to find out weak points and remedy them before actual cyber threat has occurred. And HMM(Hunting Maturity Matrix) is suggested to evolve hunting processes with five levels, therefore, CSOC(Cyber Security Operations Center) can refer HMM how to make them safer from complicated and organized cyber attacks. We are developing a system for cyber situation awareness system with pro-active threat hunting process called unMazeTM. With this unMaze, it can be upgraded CSOC's HMM level from initial level to basic level. CSOC with unMaze do threat hunting process not only detecting existing cyber equipment post-actively, but also proactively detecting cyber threat by fusing and analyzing cyber asset data and threat intelligence.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2012.01a
• /
• pp.159-162
• /
• 2012

이 연구에서는 사회과 학습부진학생의 부진 원인을 규명하고 사이버 가정학습 2.0을 통해서 일어나는 인식변화과정의 분석을 통해 사이버 가정학습 2.0 시스템에 맞는 상황모형을 도출하였다. 수집된 자료는 근거이론을 통해 분석하였으며, 사회과 학습부진학생이 느끼는 부진 원인에는 인지적 영역과 정의적 영역이 함께 규명됐고, 사이버 가정학습 2.0을 통해 사회과 학습부진학생들은 부정적 인식을 긍정적으로 변화시켜감을 알 수 있었다. 특히 과정분석을 통해 상황모형을 도출한 결과 사회과 학습부진학생을 위한 사이버 가정학습 2.0 문제해결학습 모형이 도출하였는 바, 크게 도입, 문제규명, 탐색, 수행, 정리 및 평가의 다섯 단계로 나뉘어지는 것이었다. 향후에는 보다 장기간의 연구를 통해 학습부진학생의 가족과 또래관계의 분석이 포함된 연구나 사이버 가정학습 2.0과 교실수업을 보다 유기적으로 연계한 연구가 요청된다.

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.65-73
• /
• 2022

Since cyber operations are performed in a virtual cyber battlefield, the measurement indicators that can evaluate and visualize the current state of the cyber environment in a consistent form are required for the commander to effectively support the decision-making of cyber operations. In this paper, we propose a method to define various evaluation indicators that can be collected on the cyber battlefield, normalized them, and evaluate the cyber status in a consistent form. The proposed cyber battlefield status element consists of cyber asset-related indicators, target network-related indicators, and cyber threat-related indicators. Each indicator has 6 sub-indicators and can be used by assigning weights according to the commander's interests. The overall status of the cyber battlefield can be easily recognized because the measured indicators are visualized in time series on a single screen. Therefore, the proposed method can be used for the situational awareness required to effectively conduct cyber warfare.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.143-151
• /
• 2020

The cyber battlefield called the fifth battlefield, is not based on geological information unlike the existing traditional battlefiels in the land, sea, air and space, and has a characteristics that all information has tightly coupled correlation to be anlayized. Because the cyber battlefield has created by the network connection of computers located on the physical battlefield, it is not completely seperated from the geolocational information but it has dependency on network topology and software's vulnerabilities. Therefore, the analysis for cyber battlefield should be provided in a form that can recognize information from multiple domains at a glance, rather than a single geographical or logical aspect. In this paper, we describe a study on the development of the cyber operation COP(Common Operational Picture), which is essential for command and control in the cyber warfare. In particular, we propose an architecure for cyber operation COP to intuitively display information based on visualization techniques applying the multi-layering concept from multiple domains that need to be correlated such as cyber assets, threats, and missions. With this proposed cyber operation COP with multi-layered visualization that helps to describe correlated information among cyber factors, we expect the commanders actually perfcrm cyber command and control in the very complex and unclear cyber battlefield.

• Review of KIISC
• /
• v.21 no.6
• /
• pp.42-48
• /
• 2011

전장의 양상이 물리적인 대량살상을 중심으로 한 전통적인 재래전에서 눈에 보이지 않는 사이버전으로 변화되고 있는 시점에서 이에 대비하기 위한 사이버전 공격 및 방어기술은 매우 중차대한 문제이다. 사이버전을 위한 보안 기술로는 암호 인증 인식 감시와 같은 정보보안 핵심원천 기술, 분산서비스거부공격 대응기술, 스마트 아이디 기술, 영상보안 및 바이오인식 기술, 부채널 공격 방지 기술 등이 있다. 이러한 기술들은 사이버전을 위해 사용될 수 있는 매우 명확한 분야라 할 것이다. 또한, 사이버전 기솔로는 암호 인증 인식 감시와 같은 핵심 원천 기술 및 기존 보안 기술 분야를 포함하고 초경량 고비도 암호화 기술, 밀리터리 포렌식 기술, 사이버공격 근원지 역추적 기술, 사이버 공격 정보공유 협업관제 기술, 사이버 공격 무기 제작 기술 등이었다. 특히, 사이버전은 작은 비용으로 최대 효과를 거둘 수 있는 비대칭 전력의 매우 중요한 분야이며, 주요 선진국들은 사이버 공격에 대한 자위권 확보 차원에서 사이버전에 대한 기술적 제도적 준비를 서두르고 있는 상황이다. 본 기고문에서는 이와 같은 사이버전을 위한 보안 기술 현황과 전망을 살펴보고자 한다.

• Journal of the Korea Convergence Society
• /
• v.12 no.11
• /
• pp.301-310
• /
• 2021

This study is qualitative research with an aim of assessing experience of prospective social work student enrolled in social welfare field practice during COVID-19 pandemic. The results are shown below. First, the major negative answers of responders were the work-study imbalance of the student, the institution's concern for spread of infection, limited experience due to low-quality-of supervision, the difficulty on choosing institution, and worries on stop of practice due to the COVID-19 pandemic. Second, the key positive answers of responders were awareness of true meaning of social welfare, a major of them, significance of field practice, importance of human rights in their field, and finally, dearness of rapport building between social workers and clients in social welfare practice settings.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.39-48
• /
• 2022

Cyberattacks around the world continue to increase, and their damage extends beyond government facilities and affects civilians. These issues emphasized the importance of developing a system that can identify and detect cyber anomalies early. As above, in order to effectively identify cyber anomalies, several studies have been conducted to learn BGP (Border Gateway Protocol) data through a machine learning model and identify them as anomalies. However, BGP data is unbalanced data in which abnormal data is less than normal data. This causes the model to have a learning biased result, reducing the reliability of the result. In addition, there is a limit in that security personnel cannot recognize the cyber situation as a typical result of machine learning in an actual cyber situation. Therefore, in this paper, we investigate BGP (Border Gateway Protocol) that keeps network records around the world and solve the problem of unbalanced data by using SMOTE. After that, assuming a cyber range situation, an autoencoder classifies cyber anomalies and visualizes the classified data. By learning the pattern of normal data, the performance of classifying abnormal data with 92.4% accuracy was derived, and the auxiliary index also showed 90% performance, ensuring reliability of the results. In addition, it is expected to be able to effectively defend against cyber attacks because it is possible to effectively recognize the situation by visualizing the congested cyber space.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.04a
• /
• pp.343-345
• /
• 2017

통신 기술이 발달하고, 네트워크 환경 또한 다양해짐에 따라 통신 사용자들에 대한 사이버 위협 또한 다양해졌다. 패턴인식 기술과 기계학습에 기반한 침입탐지 기술은 새롭게 보고되는 수많은 사이버 공격들에 대응하기 위해 등장하였다. 기계학습 기반의 IDS는 낮은 오탐률과 높은 효율성을 요구하며, 이러한 특징은 데이터셋을 구성하는 방법론에 큰 영향을 받는다. 본 논문에서는 패턴인식 기반 트래픽 분석을 수행하기 위한 데이터셋을 구성할 때 고려해야할 주안점에 대해 논하며, 현실의 사이버 위협 상황을 잘 반영할 수 있는 데이터셋을 도출하는 방법을 모색한다.

• The Journal of the Korea Contents Association
• /
• v.12 no.10
• /
• pp.237-253
• /
• 2012

The purpose of this study was to examine the perception of cyber community participants on reconciliation of divorced couple and find reasons for pros and cons concerning reconciliation after divorce. The data were collected through searching for website or Internet cafe related to 'reconciliation after divorce' on Internet. The contents of 7 cases for asking for advice on reuniting and opinions of cyber community participants on them were analyzed. Cyber community participants expressed their approval of divorced couple's reuniting for following reasons: 'strong motive for reunion', 'sexual relation with ex-partner', 'parental responsibility', 'regarding reconciliation as a better choice than remarriage', 'regarding as a good choice for child' etc. But cyber community members were opposed to divorced couple's reuniting for following reasons: 'doubt about real intention to reuniting', 'no self-reflection on previous marriage and ex-spouse', 'concern for recurrence of former marital conflict', 'reuniting only for child not for couple', 'no prior settlement of former marital conflict', 'no forgiveness and tolerance for ex-spouse', 'no reflection and change', 'no effort on ex-spouse's side' etc. Though these results were restrictive, this study identified issues surrounding reconciliation after divorce through asking and giving advices by anonymous members on cyberspace. These findings implied that we should take more interest in reconciliation as an realistic alternative marriage pattern after divorce and consider what is important to successful reuniting after divorce.