• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.3
• /
• pp.428-434
• /
• 2020

Recently, due to the development of ICT technology, changes to the convergence service platform of information systems are accelerating. Convergence services expanded to cyber systems with 5G communication, IoT, AI, and cloud are being reflected in the real world. However, the field of cybersecurity audit for responding to cyber attacks and security threats and strengthening security technology is insufficient. In this paper, we analyze the international standard analysis of information security management system, security audit analysis and security of related systems according to the expansion of 5G communication, IoT, AI, Cloud based information system security. In addition, we design and study cybersecurity audit checklists and contents for expanding security according to cyber attack and security threat of information system. This study will be used as the basic data for audit methods and audit contents for coping with cyber attacks and security threats by expanding convergence services of 5G, IoT, AI, and Cloud based systems.

• Journal of Navigation and Port Research
• /
• v.47 no.2
• /
• pp.57-65
• /
• 2023

In 2017, the International Maritime Organization (IMO) adopted MSC.428 (98), which recommends establishing a cyber-risk management system in Ship Safety Management Systems (SMSs) from January 2021. The 27th International Association of Marine Aids to Navigation and Lighthouse Authorities (IALA) also discussed prioritizing cyber-security (cyber-risk management) in developing systems to support Maritime Autonomous Surface Ship (MASS) operations (IALA guideline on developments in maritime autonomous surface ships). In response to these international discussions, Korea initiated the Korea Autonomous Surface Ship technology development project (KASS project) in 2020. Korea has been carrying out detailed tasks for cybersecurity technology development since 2021. This paper outlines the basic concept of ship network security equipment for supporting MASS ship operation in detailed task of cybersecurity technology development and defines ship network security equipment interface for MASS ship applications.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2023.07a
• /
• pp.603-606
• /
• 2023

인공지능 (AI) 서비스는 현대 사회에서 중요한 역할을 맡고 있다. 그러나 이러한 서비스는 보안과 관련된 문제들을 가지고 있다. 본 논문은 AI 서비스의 보안과 관련된 문제와 해결책을 조사하고자 한다. AI 서비스의 개요와 대표적인 상용 서비스를 간략히 소개 후, AI 서비스에서 발생할 수 있는 보안상의 문제와 Chat GPT를 중심으로 한 보안 문제에 대해 다루고자 한다. 또한, 향후 AI보안 서비스 연구 분야와 적재적 기계학습 연구에 대한 전망을 살펴볼 예정이다. 이를 통해 안전하고 신뢰성 있는 AI 서비스를 제공하는데 기여하고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.447-463
• /
• 2022

Artificial Intelligence (AI) technology is a major technology that develops smart ships into autonomous ships in the marine industry. Autonomous ships recognize a situation with the information collected without human judgment which allow them to operate on their own. Existing ship systems, like control systems on land, are not designed for security against cyberattacks. As a result, there are infringements on numerous data collected inside and outside the ship and potential cyber threats to AI technology to be applied to the ship. For the safety of autonomous ships, it is necessary to focus not only on the cybersecurity of the ship system, but also on the cybersecurity of AI technology. In this paper, we analyzed potential cyber threats that could arise in AI technologies to be applied to existing ship systems and autonomous ships, and derived categories that require security risks and the security of autonomous ships. Based on the derived results, it presents future directions for cybersecurity research on autonomous ships and contributes to improving cybersecurity.

• Journal of Internet Computing and Services
• /
• v.24 no.5
• /
• pp.67-73
• /
• 2023

The Digital Age calls for improvement of information literacy particularly among children and youth who are vulnerable to cybergrooming. Taking an interdisciplinary approach by leveraging our team's expertise including child and adolescent development, data analytics, and cybersecurity, this study proposes an interactive artificial intelligence (AI)-based preventive simulation program that raises youth knowledge and awareness about the risk of cybergrooming as well as increases resilient self-efficacy in their cybersecurity-relevant skills. The primary purpose of this project is to evaluate the effectiveness of the simulation program on preventing cybergrooming. More specifically, this study is designed to examine developmental changes in self-efficacy of cybersecurity-relevant skills among youth participants as a function of the preventive simulation program. Further, this study will identify risk and protective factors that explain interindividual differences in the ability of children and youth either to fall victim to advances from a cyber predator or to recognize and deter such threats. The preliminary data will help improve the effectiveness of the preventive simulation program as well as the methods of implementation to large groups of youth. The findings from the proposed study will contribute to making specific recommendations to parents, educators, practitioners, and policy makers for the prevention of cybergrooming.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.3
• /
• pp.527-536
• /
• 2024

In the digital age, the growth of AI and digital technologies brings opportunities and cybersecurity risks. At the forefront of this change are teenagers, referred to as 'digital natives'. However, they may have difficulty using technology safely without proper information security knowledge. This paper highlights the need for information security education for teenagers in South Korea by referring to cases in the UK, Australia, and the US. These countries are already providing education that prepares young people for cyber threats and future societal needs. Reflecting this trend, South Korea should also establish comprehensive information security education for teenagers to equip them for the digital age.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.245-251
• /
• 2021

This work aims to focus on the current features and characteristics of Human Element and Artificial intelligence (AI), ask some questions about future information security, and whether we can avoid human errors by improving machine learning and AI or invest in human knowledge more and work them both together in the best way possible? This work represents several related research results on human behavior towards information security, specified with elements and factors like knowledge and attitude, and how much are they invested for ISA (information security awareness), then presenting some of the latest studies on AI and their contributions to further improvements, making the field more securely advanced, we aim to open a new type of thinking in the cybersecurity field and we wish our suggestions of utilizing each point of strengths in both human attributions in software security and the existence of a well-built AI are going to make better future software security.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2023.07a
• /
• pp.601-602
• /
• 2023

본 논문에서는 인공지능을 결합한 EDR(Endpoint Detection and Response) 시스템을 확인하고, 그 현황을 파악하는 것을 목적으로 한다. 현대에는 점차 보안 위협이 더욱 증가하면서 기존의 방식으로는 대응하기 어려운 상황이 발생하고 있으며, 위협에 대한 예측과 선제적인 대응력을 강화하기 위해 스스로 학습해 감시 및 공격에 대응하는 인공지능 기반의 보안 시스템에 대한 관심이 증가하고 있다. 본 논문은 AI 기반 EDR 시스템과 그 현황에 대해 살펴보고자 한다.

• International Journal of Computer Science & Network Security
• /
• v.24 no.5
• /
• pp.64-72
• /
• 2024

In recent times cyber attackers can use Artificial Intelligence (AI) to boost the sophistication and scope of attacks. On the defense side, AI is used to enhance defense plans, to boost the robustness, flexibility, and efficiency of defense systems, which means adapting to environmental changes to reduce impacts. With increased developments in the field of information and communication technologies, various exploits occur as a danger sign to cyber security and these exploitations are changing rapidly. Cyber criminals use new, sophisticated tactics to boost their attack speed and size. Consequently, there is a need for more flexible, adaptable and strong cyber defense systems that can identify a wide range of threats in real-time. In recent years, the adoption of AI approaches has increased and maintained a vital role in the detection and prevention of cyber threats. In this paper, an Ensemble Deep Restricted Boltzmann Machine (EDRBM) is developed for the classification of cybersecurity threats in case of a large-scale network environment. The EDRBM acts as a classification model that enables the classification of malicious flowsets from the largescale network. The simulation is conducted to test the efficacy of the proposed EDRBM under various malware attacks. The simulation results show that the proposed method achieves higher classification rate in classifying the malware in the flowsets i.e., malicious flowsets than other methods.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.10a
• /
• pp.901-903
• /
• 2019

인공지능 기술의 발전에 따라 산업, 교육, 게임, 의료, 국방, 교통 등에서 여러 가지 방면으로 활용되어가고 있다. 하지만 인공지능을 게임에 접목해 게임 내에서 사람보다 월등한 성적을 낼 수 있다는 것이다. 과거에는 메모리 변조, 패킷 변조 등의 공정한 플레이 규정을 파괴하는 프로그램을 사용하였다면 현재에는 딥러닝을 통해 학습된 게임 알고리즘은 이제까지의 프로그램과는 다르므로 게임 인공지능 산업의 개선방안을 제안하고자 한다.