• Title/Summary/Keyword: Cyber Defense

Search Result 262, Processing Time 0.023 seconds

A Study on the Defense Cyber Warfare Exercise (국방사이버전 연습체계 개선 방안 연구)

  • Kwon, Moon-Taek
    • Convergence Security Journal
    • /
    • v.9 no.4
    • /
    • pp.43-53
    • /
    • 2009
  • In the information society, information security is a critical issue for defense cyber network system. This paper provides a result of a study on the defense cyber exercise system for cyber warfare. So far, defense cyber exercise system has been uneffective and is not systematic even if several exercises has been implemented. In order to overcome these problems, a systematic and integrated cyber exercise process is suggested. Under the suggested system, we expect that cyber exercise for cyber warfare will be implemented with more effective manner.

  • PDF

Cyber Attack and Defense Modeling Using Vulnerability Metrics (취약성 매트릭스를 이용한 사이버 공격 및 방어 모델링)

  • Lee Jang-Se;Chi Sung-Do;Choi Gyoo-Seok
    • Journal of the Korea Society for Simulation
    • /
    • v.13 no.3
    • /
    • pp.11-20
    • /
    • 2004
  • The major objective of this paper is to perform modeling of cyber attack and defense using vulnerability metrics. To do this, we have attempted command level modeling for realizing an approach of functional level proposed by Nong Ye, and we have defined vulnerability metrics that are able to apply to DEVS(Discrete Event System Specification) and performed modeling of cyber attack and defense using this. Our approach is to show the difference from others in that (i) it is able to analyze behaviors of systems being emerged by interaction between functional elements of network components, (ii) it is able to analyze vulnerability in quantitative manner, and (iii) it is able to establish defense suitably by using the analyzed vulnerability. We examine an example of vulnerability analysis on the cyber attack and defense through case study.

  • PDF

Cyber Attack and Defense Modeling Using Vulnerability Metrics (취약성 매트릭스를 이용한 사이버 공격 및 방어 모델링)

  • 이장세;지승도
    • Proceedings of the Korea Society for Simulation Conference
    • /
    • 2003.06a
    • /
    • pp.191-198
    • /
    • 2003
  • The major objective of this paper is to perform modeling of cyber attack and defense using vulnerability metrics. To do this, we have attempted command level modeling for realizing an approach of functional level proposed by Nong Ye, and we have defined vulnerability metrics that are able to apply to DEVS(Discrete Event System Specification) and performed modeling of cyber attack and defense using this. Our approach is to show the difference from others in that (ⅰ) it is able to analyze behaviors of system emerged by interaction with functional elements of components composing network and each other, (ⅱ) it is able to analyze vulnerability in quantitative manner, and (ⅲ) it is able to establish defense suitably by using the analyzed vulnerability. We examine an example of vulnerability analysis on the cyber attack and defense through case study.

  • PDF

Design and Implementation of Cyber Range for Cyber Defense Exercise Based on Cyber Crisis Alert (사이버위기 경보 기반 사이버 방어 훈련장 설계 및 구축 연구)

  • Choi, Younghan;Jang, Insook;Whoang, Inteck;Kim, Taeghyoon;Hong, Soonjwa;Park, Insung;Yang, Jinsoek;Kwon, Yeongjae;Kang, Jungmin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.5
    • /
    • pp.805-821
    • /
    • 2020
  • Cyber defense exercise should require training on the latest cyber attacks and have a similar process to defense cyber attacks. In addition, it is also important to train on cyber resilience that can perform normal tasks or support equivalent tasks regardless of cyber attacks. In this paper, we proposed and developed a cyber range that can strengthen the elements of cyber resilience by performing cyber defense exercise in real time based on the cyber crisis alert issued when a cyber attack occurs in Korea. When BLUE, YELLOW, ORANGE, and RED warnings are issued according to the cyber crisis, our system performs proactive response, real time response, and post response according to the alarm. It can improve trainee's capability to respond to cyber threats by performing cyber defense exercise in a cyber crisis environment similar to the actual situation of Korea.

A Study on Maturity Model for the Assessment of Cyber Resilience Level in the Defence Information System (국방정보시스템 사이버복원력 수준 평가를 위한 성숙도모델에 관한 연구)

  • Choi, Jae-hyeok;Kim, Wan-ju;Lim, Jae-sung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.5
    • /
    • pp.1153-1165
    • /
    • 2019
  • Recently, threats of hacking have been increasing on the national intelligence service network and key infrastructure, including the defense field. The defense information system responds to threats from the outside through the network separation, but if the defense information system is hacked, it has a serious impact on the operations of wartime or peacetime military forces. Today, cyberattacks and threats are rising to unpredictable levels and making it practically impossible to completely block and prevent hacking threats completly. So, in this study proposed a maturity model to assess the level of cyber-resilience, which is the ability to ensure the system's viability and maintain continuity through rapid response and recovery if signs of cyberattacks by the defense information system are expected or occurred. The proposed maturity model is expected to contribute to improving the cyber security level of the defense information system by assessing the level of cyber resilience of the defense information system and identifying and supplementing fields that are lacking.

Adaptive Multi-Layer Security Approach for Cyber Defense (사이버 방어를 위한 적응형 다중계층 보호체제)

  • Lee, Seong-kee;Kang, Tae-in
    • Journal of Internet Computing and Services
    • /
    • v.16 no.5
    • /
    • pp.1-9
    • /
    • 2015
  • As attacks in cyber space become advanced and complex, monotonous defense approach of one-one matching manner between attack and defense may be limited to defend them. More efficient defense method is required. This paper proposes multi layers security scheme that can support to defend assets against diverse cyber attacks in systematical and adaptive. We model multi layers security scheme based on Defense Zone including several defense layers and also discuss essential technical elements necessary to realize multi layers security scheme such as cyber threats analysis and automated assignment of defense techniques. Also effects of multi layers security scheme and its applicability are explained. In future, for embodiment of multi layers security scheme, researches about detailed architecture design for Defense Zone, automated method to select the best defense technique against attack and modeling normal state of asset for attack detection are needed.

A Study on The Cyber Threat Centered Defense Cyber Protection Level Analysis (사이버 위협 중심의 국방 사이버 방호수준 분석에 관한 연구)

  • Seho Choi;Haengrok Oh;Joobeom Yun
    • Convergence Security Journal
    • /
    • v.21 no.4
    • /
    • pp.77-85
    • /
    • 2021
  • Cyber protection is an activity that protects the information systems we operate from cyber attacks and threats. To know the level of protection of the currently operating cyber protection system, it is necessary to update the current state of attack technology by reflecting the constantly evolving cyber threats and to analyze whether it is possible to respond with the protection function. Therefore, in this paper, we analyze the relationship between the attack procedures and defense types of the cyber kill chain with the defense technology(Mitigation ID) of MITRE and present the cyber protection level for each military unit type with a focus on defensive cyber activities. In the future, it is expected that the level of cyber protection will be improved through real-time analysis of the response capabilities of cyber protection systems operating in the defense sector to visualize the level of protection for each unit, investigate unknown cyber threats, and actively complement vulnerabilities.

A Comprehensive Survey of TPM for Defense Systems

  • Cheol Ryu;Jae-Ho Lee;Do-Hyung Kim;Hyung-Seok Lee;Young-Sae Kim;Jin-Hee Han;Jeong-nyeo Kim
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.18 no.7
    • /
    • pp.1953-1967
    • /
    • 2024
  • Lately, there has been a notable surge in the defense industry's efforts to develop highly advanced intelligent systems. These systems encompass sophisticated computing platforms that boast an impressive level of autonomy. However, it's important to acknowledge that these very systems are not impervious to vulnerabilities stemming from both hardware and software tampering. Within the context of this discourse, our focus of the survey is directed towards the hardware security module. This component stands out for its capability to offer a significantly heightened level of protection when compared to conventional software-based techniques. Through the lens of this paper, we embark on a comprehensive survey of Trusted Platform Module (TPM), a hardware security module, shedding light on its potential to fortify the defense against threats that emerge from various vectors of attack.

A research on cyber kill chain and TTP by APT attack case study (APT 공격 사례 분석을 통한 사이버 킬체인과 TTP에 대한 연구)

  • Yoon, Youngin;Kim, Jonghwa;Lee, Jaeyeon;Yu, Sukdea;Lee, Sangjin
    • Convergence Security Journal
    • /
    • v.20 no.4
    • /
    • pp.91-101
    • /
    • 2020
  • We analyzed APT attack cases that occurred overseas in the past using a cyber kill chain model and a TTP model. As a result of the analysis, we found that the cyber kill chain model is effective in figuring out the overall outline, but is not suitable for establishing a specific defense strategy, however, TTP model is suitable to have a practical defense system. Based on these analysis results, it is suggested that defense technology development which is based on TTP model to build defense-in-depth system for preparing cyber attacks.

Integrated Scenario Authoring Method using Mission Impact Analysis Tool due to Cyber Attacks (사이버공격에 의한 임무영향 분석 도구를 이용한 통합시나리오 저작 방법)

  • Yonghyun Kim;Donghwa Kim;Donghwan Lee;Juyoub Kim;Myung Kil Ahn
    • Journal of Internet Computing and Services
    • /
    • v.24 no.6
    • /
    • pp.107-117
    • /
    • 2023
  • It must be possible to assess how combat actions taking place in cyberspace affect the military's major mission systems and weapon systems. In order to analyze the mission impact caused by a cyber attack through cyber M&S, the target mission system and cyber warfare elements must be built as a model and a scenario for simulation must be authored. Many studies related to mission impact analysis due to cyber warfare have been conducted focusing on the United States, and existing studies have authored separate scenarios for physical battlefields and cyber battlefields. It is necessary to build a simulation environment that combines a physical battlefield model and a cyber battlefield model, and be able to integrate and author mission scenarios and cyber attack/defense scenarios. In addition, the physical battlefield and cyber battlefield are different work areas, so authoring two types of scenarios for simulation is very complicated and time-consuming. In this paper, we propose a method of using mission system information to prepare the data needed for scenario authoring in advance and using the pre-worked data to author an integrated scenario. The proposed method is being developed by reflecting it in the design of the scenario authoring tool, and an integrated scenario authoring in the field of counter-fire warfare is being performed to prove the proposed method. In the future, by using a scenario authoring tool that reflects the proposed method, it will be possible to easily author an integrated scenario for mission impact analysis in a short period of time.