• Convergence Security Journal
• /
• v.20 no.5
• /
• pp.75-80
• /
• 2020

Damage caused by ransomware has continued to increase since last year, but cyber operations are managed without any separate classification of ransomware types in the military's guidelines for carrying out cyber operations. However, unlike other malware, ransomware is a threat that could paralyze all defense operations in one moment, and the military should reevaluate ransomware and take countermeasures. Accordingly, this paper aims to analyze the assets, vulnerabilities, and threats related to defense information service based on information security risk management, and propose alternatives to ensure continuity of defense work from ransomware threats.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.187-196
• /
• 2020

In order to manage information security risk, various information security level evaluation and information security management system certification have been conducted on a larger scale than ever. However, there are continuous cases of infringement of information protection for companies with excellent information security evaluation and companies with excellent information security management system certification. The existing information security risk management methodology identifies and analyzes risks by identifying information assets inside the information system. Existing information security risk management methodology lacks a review of where cyber threats come from and whether security devices are properly operated for each route. In order to improve the current risk management plan, it is necessary to look at where cyber threats come from and improve the containment level for each inflow section to absolutely reduce unnecessary cyber threats. In addition, it is essential to measure and improve the appropriate configuration and operational level of security equipment that is currently overlooked in the risk management methodology. It is necessary to block and enter cyber threats as much as possible, and to detect and respond to cyber threats that inevitably pass through open niches and use security devices. Therefore, this paper proposes additional evaluation items for evaluating the containment level against cyber threats in the ISMS-P authentication items and vulnerability analysis and evaluation items for major information and communication infrastructures, and evaluates the level of security equipment configuration for each inflow.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.951-958
• /
• 2021

With the growing cyber threat to information assets, it has become important to share threat information quickly. This paper examines the sharing of cyber threat information and presents a method to determine the importance of threat indicators in the information sharing market by calculating weights. The analysis was conducted using AHP techniques, with a pairwise comparison of the four factors(attacker & infected system indicators, role indicators, malicious file indicators, technique & spread indicators) and the details of each factor. Analysis shows that malicious file indicators are the most important among the higher evaluation factors and infected system IP, C&C and Smishing are the most important factors in comparison between detailed items. These findings could be used to measure the preference of consumers and the contribution of information provider for facilitating information sharing.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.673-685
• /
• 2017

STI(Social Trust Index) indicates levels of trustworthiness, honesty and reliability among people in a society. Since the STI varies in countries, security control on cyber space should be applied differently according to the STI so that companies can protect their assets efficiently and effectively. We compare STIs between Korea and United States using the Diamond Model and investigate how the STIs affect corporate security controls in those two countries. We finally present a formula using AHP (Analytic Hierarchy Process) to measure levels of corporate security controls in different countries.

• Journal of Cadastre & Land InformatiX
• /
• v.48 no.1
• /
• pp.35-53
• /
• 2018

Recently, there is a growing interest in housing policy to prepare for the aging society. The purpose of this study is exploring the factors that explain housing consumption and adjustment of pre-retirees after retirement. 1,351 samples were collected from A bank and analyzed. There categories of housing consumption adjustment were considered including downsizing, maintain, and upsizing. Gender, educational level, housing size, housing type, asset size, and willingness to work after retirement were examined to see if they can explain the housing consumption adjustment of pre-retirees using orderd- probit model. The finding of this study is that housing size, asset size, and willingness to work after retirement statistically significantly explain the housing consumption adjustment. At specific, firstly, if the current size of the housing is relatively large, it is highly likely to downsize housing after retirement. Second, pre-retiree whose assets exceeded 1 billion won were more likely to scale up housing than assets of over 300 million to less than 500 million won. Lastly, unless there is absolutely no willingness to work after retirement, it is indicated that it intends to up-sizing consumption rather than down-sizing adjustment. The results of this study can provide useful information for the housing policy in order to prepare for the (post) aged society.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.759-761
• /
• 2016

Recent changes in the information security environment have led to persistent attacks on intelligent assets such as cyber security breaches, leakage of confidential information, and global security threats. Since existing information security systems are not adequate for Advanced Persistent Threat; APT attacks, bypassing attacks, and attacks on encryption packets, therefore, continuous monitoring is required to detect and protect against such attacks. Accordingly, this paper suggests an operation plan for managing an information security system to block the attack routes of advanced persistent threats. This is achieved with identifying the valuable assets for prevention control by establishing information control policies through analyzing the vulnerability and risks to remove potential hazard, as well as constructing detection control through controlling access to servers and conducting surveillance on encrypted communication, and enabling intelligent violation of response by having corrective control through packet tagging, platform security, system backups, and recovery.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.11
• /
• pp.201-208
• /
• 2019

In the phono-sapiens era of the intelligence information society, most business activities are increasingly dependent on networks and information systems. SMEs, which occupy the majority of Korean companies, are increasingly possessing the value and technology of their information assets, and their ability to protect core technologies that are the driving force of corporate growth will be the most important competitiveness of enterprises. Accordingly, the Ministry of Science and ICT and the Korea Internet & Security Agency(KISA) provides a foundation for minimizing the damage from cyber threats such as hacking and information leakage by evaluating the current information protection level of SMEs and enhancing information protection capability by supporting a high level of customized information protection consulting. In this study, we analyze the effectiveness of information protection based on the results of KISA SMEs consulting. In addition, by identifying problems and limitations derived from SMEs information protection consulting results, SMEs should propose measures to improve information security of SMEs that can manage information protection management system more efficiently and effectively.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.18 no.2
• /
• pp.144-155
• /
• 2019

One of the issues of the automotive industry today is autonomous driving vehicles. In order to achieve level 3 or higher as defined by SAE International, harmonization of autonomous driving technology and connected technology is essential. Current vehicles have new features such as autonomous driving, which not only increases the number of electrical components, but also the amount and complexity of software. As a result, the attack surface, which is the access point of attack, is widening, and software security vulnerabilities are also increasing. However, the reality is that the essential security requirements for vehicles are not defined. In this paper, based on real attacks and vulnerability cases and trends, we identify the assets in the in-vehicle network and derive the threats. We also defined the security requirements and derived essential security requirements that should be applied at least to the safety of the vehicle occupant through risk analysis.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.637-659
• /
• 2021

Since the creation of the first Bitcoin blockchain in 2009, the number of cryptocurrency users has steadily increased. However, the number of hacking attacks targeting assets stored in these users' cryptocurrency wallets is also increasing. Therefore, we evaluate the security of the wallets currently on the market to ensure that they are safe. We first conduct threat modeling to identify threats to cryptocurrency wallets and identify the security requirements. Second, based on the derived security requirements, we utilize attack trees and Bayesian network analysis to quantitatively measure the risks inherent in each wallet and compare them. According to the results, the average total risk in software wallets is 1.22 times greater than that in hardware wallets. In the comparison of different hardware wallets, we found that the total risk inherent to the Trezor One wallet, which has a general-purpose MCU, is 1.11 times greater than that of the Ledger Nano S wallet, which has a secure element. However, use of a secure element in a cryptocurrency wallet has been shown to be less effective at reducing risks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.8C
• /
• pp.838-848
• /
• 2005

Most of the national critical key infrastructure, such as power, piped gas and water supply facilities, or the high-speed railroad, is run on the SCADA system. Recently, concerns have been raised about the possibility of these facilities being attacked by cyber terrorists, hacking, or viruses. Thus, it is time to adopt the relevant security management techniques. This paper attempts to propose such security management techniques, including information protection measures and troubleshooting, based on a risk analysis process concerning assets, threats/vulnerability, and hazards, and to examine the security management status of critical key infrastructure in the U.S. and Japan.