• Title/Summary/Keyword: Attack scenario

Search Result 89, Processing Time 0.021 seconds

A Study on the Microbial Contaminant Transport and Control Method According to Government Building Bio- Attack (청사 건물의 Bio-Attack에 따른 미생물 오염원 확산 및 제어방안에 관한 연구)

  • Lee, Hyun-Woo;Choi, Sang-Gon;Hong, Jin-Kwan
    • Korean Journal of Air-Conditioning and Refrigeration Engineering
    • /
    • v.20 no.4
    • /
    • pp.252-259
    • /
    • 2008
  • The purpose of this study is to estimate the movement of microbial contaminant caused by bio-attack using bio-agent such as bacillus anthracis for preventing contaminant diffusion. multizone simulation was carried out in the case of three types of bio-attack scenario in the government building. Simulation results show that severe contaminant diffusion is brought about in all cases of bio-attack scenario in one hour, though pollution boundaries have different mode according to bio-attack scenarios. Simulation results also show that immune building technology such as filter and UVGI technology gives us powerful alternatives to meet the emergent situation caused by unexpected bio-attack.

Design and Implementation of Scenario-based Attack Simulator using NS (NS를 이용한 시나리오기반 공격 시뮬레이터 설계 및 구현)

  • Choi, Hyang-Chang;Noh Bong-Nam;Lee Hyung-Hyo
    • Journal of Internet Computing and Services
    • /
    • v.7 no.5
    • /
    • pp.59-69
    • /
    • 2006
  • Generally, network attacks are based on a scenario composed of a series of single-attacks, scenario attacks are launched over a wide network environment and their targets are not apparent. it is required to analyze entire packets captured on the network. This method makes it difficult to detect accurate patterns of attacks because it unnecessarily analyzes even packets unrelated to attacks. In this paper, we design and implement a simulation system for attacks scenario, which helps packet classification connected with attacks. The proposed system constitutes a target network for analysis in a virtual simulation environment, and it simulates dumping TCPDUMP packets including scenario attacks under the constructed virtual environment, We believe that our proposed simulation system will be a useful tool when security administrators perform the analysis of patterns of attack scenarios.

  • PDF

A study on Stage-Based Flow Graph Model for Expressing Cyber Attack Train Scenarios (사이버 공격 훈련 시나리오 표현을 위한 Stage 기반 플로우 그래프 모델 연구)

  • Kim, Moon-Sun;Lee, Man-Hee
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.31 no.5
    • /
    • pp.1021-1030
    • /
    • 2021
  • This paper proposes S-CAFG(Stage-based Cyber Attack Flow Graph), a model for effectively describing training scenarios that simulate modern complex cyber attacks. On top of existing graph and tree models, we add a stage node to model more complex scenarios. In order to evaluate the proposed model, we create a complicated scenario and compare how the previous models and S-CAFG express the scenario. As a result, we confirm that S-CAFG can effectively describe various attack scenarios such as simultaneous attacks, additional attacks, and bypass path selection.

A Study on Vulnerability Analysis and Memory Forensics of ESP32

  • Jiyeon Baek;Jiwon Jang;Seongmin Kim
    • Journal of Internet Computing and Services
    • /
    • v.25 no.3
    • /
    • pp.1-8
    • /
    • 2024
  • As the Internet of Things (IoT) has gained significant prominence in our daily lives, most IoT devices rely on over-the-air technology to automatically update firmware or software remotely via the network connection to relieve the burden of manual updates by users. And preserving security for OTA interface is one of the main requirements to defend against potential threats. This paper presents a simulation of an attack scenario on the commoditized System-on-a-chip, ESP32 chip, utilized for drones during their OTA update process. We demonstrate three types of attacks, WiFi cracking, ARP spoofing, and TCP SYN flooding techniques and postpone the OTA update procedure on an ESP32 Drone. As in this scenario, unpatched IoT devices can be vulnerable to a variety of potential threats. Additionally, we review the chip to obtain traces of attacks from a forensics perspective and acquire memory forensic artifacts to indicate the SYN flooding attack.

A Case Study of the Impact of a Cybersecurity Breach on a Smart Grid Based on an AMI Attack Scenario (AMI 공격 시나리오에 기반한 스마트그리드 보안피해비용 산정 사례)

  • Jun, Hyo-Jung;Kim, Tae-Sung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.3
    • /
    • pp.809-820
    • /
    • 2016
  • The smart grid, a new open platform, is a core application for facilitating a creative economy in the era of the Internet of Things (IoT). Advanced Metering Infrastructure (AMI) is one of the components of the smart grid and a two-way communications infrastructure between the main utility operator and customer. The smart meter records consumption of electrical energy and communicates that information back to the utility for monitoring and billing. This paper investigates the impact of a cybersecurity attack on the smart meter. We analyze the cost to the smart grid in the case of a smart meter attack by authorized users based on a high risk scenario from NESCOR. Our findings could be used by policy makers and utility operators to create investment decision-making models for smart grid security.

An Architecture of a Dynamic Cyber Attack Tree: Attributes Approach (능동적인 사이버 공격 트리 설계: 애트리뷰트 접근)

  • Eom, Jung-Ho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.21 no.3
    • /
    • pp.67-74
    • /
    • 2011
  • In this paper, we presented a dynamic cyber attack tree which can describe an attack scenario flexibly for an active cyber attack model could be detected complex and transformed attack method. An attack tree provides a formal and methodical route of describing the security safeguard on varying attacks against network system. The existent attack tree can describe attack scenario as using vertex, edge and composition. But an attack tree has the limitations to express complex and new attack due to the restriction of attack tree's attributes. We solved the limitations of the existent attack tree as adding an threat occurrence probability and 2 components of composition in the attributes. Firstly, we improved the flexibility to describe complex and transformed attack method, and reduced the ambiguity of attack sequence, as reinforcing composition. And we can identify the risk level of attack at each attack phase from child node to parent node as adding an threat occurrence probability.

A Study on an Extended Cyber Attack Tree for an Analysis of Network Vulnerability (네트워크 취약성 분석을 위한 확장된 사이버 공격 트리에 관한 연구)

  • Eom, Jung Ho;Park, Seon Ho;Chung, Tai M.
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.6 no.3
    • /
    • pp.49-57
    • /
    • 2010
  • We extended a general attack tree to apply cyber attack model for network vulnerability analysis. We defined an extended cyber attack tree (E-CAT) which extends the general attack tree by associating each node of the tree with a transition of attack that could have contributed to the cyber attack. The E-CAT resolved the limitation that a general attack tree can not express complex and sophisticate attacks. Firstly, the Boolean expression can simply express attack scenario with symbols and codes. Secondary, An Attack Generation Probability is used to select attack method in an attack tree. A CONDITION-composition can express new and modified attack transition which a aeneral attack tree can not express. The E-CAT is possible to have attack's flexibility and improve attack success rate when it is applied to cyber attack model.

The Robust Artillery Locating Radar Deployment Model Against Enemy' s Attack Scenarios (적 공격시나리오 기반 대포병 표적탐지레이더 배치모형)

  • Lee, Seung-Ryul;Lee, Moon-Gul
    • Journal of Korean Society of Industrial and Systems Engineering
    • /
    • v.43 no.4
    • /
    • pp.217-228
    • /
    • 2020
  • The ROK Army must detect the enemy's location and the type of artillery weapon to respond effectively at wartime. This paper proposes a radar positioning model by applying a scenario-based robust optimization method i.e., binary integer programming. The model consists of the different types of radar, its available quantity and specification. Input data is a combination of target, weapon types and enemy position in enemy's attack scenarios. In this scenario, as the components increase by one unit, the total number increases exponentially, making it difficult to use all scenarios. Therefore, we use partial scenarios to see if they produce results similar to those of the total scenario, and then apply them to case studies. The goal of this model is to deploy an artillery locating radar that maximizes the detection probability at a given candidate site, based on the probability of all possible attack scenarios at an expected enemy artillery position. The results of various experiments including real case study show the appropriateness and practicality of our proposed model. In addition, the validity of the model is reviewed by comparing the case study results with the detection rate of the currently available radar deployment positions of Corps. We are looking forward to enhance Korea Artillery force combat capability through our research.

An Attack Behavior Expressions for Web Attack Analysis and Composing Attack Database (웹 공격 분석 및 공격 데이터베이스 생성을 위한 효과적인 표현 방법에 관한 연구)

  • Lee, Chang-Hoon
    • Journal of Advanced Navigation Technology
    • /
    • v.14 no.5
    • /
    • pp.725-736
    • /
    • 2010
  • Nowadays, followed the internet service contents increasing makes also increase attack case on the web system. Usually web attack use mixed many kinds of attack mechanism for successfully attack to the server system. These increasing of the kinds attack mechanism, however web attack defence mechanism is not follow the spread of the attack. Therefore, for the defends web application, web attack should be categorizing and analysing for the effective defense. In this paper, we analyze web attack specification evidence and behavior system that use for effective expressions what we proposed. Also, we generate web attack scenario, it is for using verification of our proposed expressions.

Model Inversion Attack: Analysis under Gray-box Scenario on Deep Learning based Face Recognition System

  • Khosravy, Mahdi;Nakamura, Kazuaki;Hirose, Yuki;Nitta, Naoko;Babaguchi, Noboru
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.15 no.3
    • /
    • pp.1100-1118
    • /
    • 2021
  • In a wide range of ML applications, the training data contains privacy-sensitive information that should be kept secure. Training the ML systems by privacy-sensitive data makes the ML model inherent to the data. As the structure of the model has been fine-tuned by training data, the model can be abused for accessing the data by the estimation in a reverse process called model inversion attack (MIA). Although, MIA has been applied to shallow neural network models of recognizers in literature and its threat in privacy violation has been approved, in the case of a deep learning (DL) model, its efficiency was under question. It was due to the complexity of a DL model structure, big number of DL model parameters, the huge size of training data, big number of registered users to a DL model and thereof big number of class labels. This research work first analyses the possibility of MIA on a deep learning model of a recognition system, namely a face recognizer. Second, despite the conventional MIA under the white box scenario of having partial access to the users' non-sensitive information in addition to the model structure, the MIA is implemented on a deep face recognition system by just having the model structure and parameters but not any user information. In this aspect, it is under a semi-white box scenario or in other words a gray-box scenario. The experimental results in targeting five registered users of a CNN-based face recognition system approve the possibility of regeneration of users' face images even for a deep model by MIA under a gray box scenario. Although, for some images the evaluation recognition score is low and the generated images are not easily recognizable, but for some other images the score is high and facial features of the targeted identities are observable. The objective and subjective evaluations demonstrate that privacy cyber-attack by MIA on a deep recognition system not only is feasible but also is a serious threat with increasing alert state in the future as there is considerable potential for integration more advanced ML techniques to MIA.