• Title/Summary/Keyword: Cyber Defense

Search Result 262, Processing Time 0.03 seconds

Data analysis for detection of unauthorized AP using machine learning algorithm in the process of cyber war damage assessment (사이버전 피해평가 과정에서 비인가 무선 AP 공격 식별을 위한 기계학습을 이용한 데이타 분석)

  • Kim, Doyeon;Kim, Yonghyun;Kim, Donghwa;Shin, Dongkyoo;Shin, Dongil
    • Annual Conference of KIPS
    • /
    • 2017.11a
    • /
    • pp.232-234
    • /
    • 2017
  • 사이버전 피해평가에 있어서 유무선 통합 환경에 대한 공격의 탐지와 이에 대한 평가가 필요한 상황이다. 특히 회사, 정부 및 군 시설 등에서 인가되지 않은 AP를 사용하여 공격이 발생하는 경우 각종 바이러스 및 해킹 공격에 의한 피해가 발생한 가능성이 높다. 띠라서 인가된 AP와 인가되지 않은 AP를 탐지해서 찾아 내야한다. 본 논문에서는 인가된 AP와 인가 되지 않은 AP를 탐지하기 위해 RTT(Round Trip Time)값을 데이터셋으로 만들고 각 기계학습 알고리즘 SVM(Support Vector Machine), J48(C4.5), KNN(K nearest neighbors), MLP(Multilayer Perceptron)의 결과를 비교해 성능의 차이를 밝히고 이를 통하여 공격을 탐지하여 피해평가에 연결이 되도록 한다.

System Information Comparison and Analysis Technology for Cyber Attacks (사이버 공격에 대한 시스템 정보 비교 및 분석 기술)

  • Youn, Hyeon-Su;Kim, Yong-Hyun;Kim, Dong-Hwa;Shin, Dong-Kyoo;Shin, Dong-Il
    • Annual Conference of KIPS
    • /
    • 2017.04a
    • /
    • pp.198-200
    • /
    • 2017
  • 정보통신 기술이 발달하여 삶의 질을 높여주는 반면 미흡한 보안정책과 다양하고 강력한 해킹 기술들로 인한 피해가 늘어나는 추세이다. 이러한 해킹 피해 규모는 점차 커지게 되어 국가기반시설까지 영향을 미치고 있다. 본 논문은 어떠한 시스템에 사이버 공격이 행해졌을 때, 디지털 포렌식 기술과 공격트리를 융합하여 그 공격의 방법과 경로를 밝혀주는 기술에 대한 내용이다. 제안하는 기술은 각 기관의 특성에 맞게 해킹의 경로나 방법을 사용자에게 알리는 기능을 갖추었기 때문에 기관의 시스템 및 네트워크의 피해를 평가하는데 도움이 되며 그에 따른 솔루션들이 빠르게 결정될 것으로 기대된다.

Impact of ITSM Military Service Quality and Value on Service Trust

  • Woo, Hanchul;Lee, Sangdo;Huh, Jun-Ho;Jeong, Sukjae
    • Journal of Multimedia Information System
    • /
    • v.7 no.1
    • /
    • pp.55-72
    • /
    • 2020
  • As the IT service environment grows, it is critical in terms of IT service quality to minimize the occurrence of failures due to changes in applications and to diagnose and recover in a short period of time how failure will affect the business. Thus, the Defense Acquisition Program Administration (DAPA) has been building and operating ITSMs to implement IT service management in a leading manner. Information Technology Service Management (ITSM) is divided into events, obstacles, changes, versions and setup management to ensure flexibility and stability in service delivery. It is also operated separately from service level, availability, capacity, financial and IT service continuity management to ensure service quality and cost efficiency. Based on ITSM military service history, this study looks at the impact of quality of service on value, satisfaction, and trust. The results of the analysis are highly valuable for future ITSM implementation and operation.

A Study on the Critical Defense Information Resources Mobilization for Information Warfare (정보전 대비 국방부문 핵심정보자원 동원 방안에 관한 연구)

  • 이승구;김화수
    • Journal of the military operations research society of Korea
    • /
    • v.26 no.2
    • /
    • pp.131-142
    • /
    • 2000
  • The emergence of computer-based information society has fundamentally changed the paradigms of everyday human life and will continue its trend in the 21st century when resources of information technology become more and more important because they can be directly transformed into military use. Future warfare will include such high-tech weapon systems as precision-guided munitions and satellite. But, with the spread of internet and advances in information technology, cyber space appears to be resources can be deciding factor in winning future war. In this paper we proposed to identify core information technology in national defense, improve mobilizing method of information resources in time of crisis, come up with combat effective measures utilizing information technology by estimating future information technological developments.

  • PDF

Cyber Battle damage assessment framework (사이버 전투 피해 평가 프레임워크)

  • Kim, Duhoe;Kim, Yonghyun;Kim, Donghwa;Shin, Dongkyoo;Shin, Dongil
    • Annual Conference of KIPS
    • /
    • 2017.11a
    • /
    • pp.178-181
    • /
    • 2017
  • 정보통신 기술의 발전으로 개인뿐만 아니라 경제, 행정, 국방 등 사회 전반에서 사이버 공간의 중요성이 대두되고 있다. 특히 국방부에서는 사이버 관련 공격들에 관한 피해를 평가하는 연구가 활발히 진행되고 있다. 본 논문에서는 사이버 전투 피해평가 프레임워크를 제안한다. 사이버 전투 피해평가 프레임워크는 아군이 사이버 공격에 의해 피해를 입은 뒤 지휘 통제실에게 아군의 피해를 알리고 장비의 손상도는 얼마인지 작전에 이상을 미치는 영향은 얼마인지 계산하여 제공한다. 본 프레임워크를 사용하면 현 상황을 아군의 사령부가 파악할 수 있게 되어 지휘 결심을 하는데 도움을 주어서 작전을 성공 시킬 수 있게 도와준다.

Development of Risk Index of Cyber Attack and Damage Assessment Priority Calculation Measures (사이버 공격의 위험 지수 개발 및 피해 평가 우선 순위 산출 방안)

  • Youn, Hyeonsu;Kim, YongHyun;Kim, DongHwa;Shin, Dongkyoo;Shin, Dongil
    • Annual Conference of KIPS
    • /
    • 2017.11a
    • /
    • pp.224-227
    • /
    • 2017
  • 정보통신 기술이 발전하면서 범국가적으로 사이버 환경은 사람들에게 없어서는 안 될 존재가 되었다. 이러한 사이버 환경은 간혹 악의적인 사이버 공격자로 인해 파괴되거나 손상된다. 본 논문에서는 사이버 공격에 대한 위험 지수를 개발 방안을 제시한다. 위험 지수에 대한 개발이 이루어진 후 위험 지수와 사이버 공격 횟수끼리 계산하여 값을 산출시킨다. 산출된 값은 곧 공격에 대한 중요도 점수로 표현되며, 이 값에 따라 사이버 전투 피해 평가 항목의 우선순위를 알 수 있게 된다.

A Study on the Application of the Cyber Threat Management System to the Future C4I System Based on Big Data/Cloud (빅데이터/클라우드 기반 미래 C4I체계 사이버위협 관리체계 적용 방안 연구)

  • Park, Sangjun;Kang, Jungho
    • Convergence Security Journal
    • /
    • v.20 no.4
    • /
    • pp.27-34
    • /
    • 2020
  • Recently, the fourth industrial revolution technology has not only changed everyday life greatly through technological development, but has also become a major keyword in the establishment of defense policy. In particular, Internet of Things, cloud, big data, mobile and cybersecurity technologies, called ICBMS, were selected as core leading technologies in defense information policy along with artificial intelligence. Amid the growing importance of the fourth industrial revolution technology, research is being carried out to develop the C4I system, which is currently operated separately by the Joint Chiefs of Staff and each military, including the KJCCS, ATCIS, KNCCS and AFCCS, into an integrated system in preparation for future warfare. This is to solve the problem of reduced interoperability for joint operations, such as information exchange, by operating the C4I system for each domain. In addition, systems such as the establishment of an integrated C4I system and the U.S. military's Risk Management Framework (RMF) are essential for efficient control and safe operation of weapons systems as they are being developed into super-connected and super-intelligent systems. Therefore, in this paper, the intelligent cyber threat detection, management of users' access to information, and intelligent management and visualization of cyber threat are presented in the future C4I system based on big data/cloud.

A Study about the Direction and Responsibility of the National Intelligence Agency to the Cyber Security Issues (사이버 안보에 대한 국가정보기구의 책무와 방향성에 대한 고찰)

  • Han, Hee-Won
    • Korean Security Journal
    • /
    • no.39
    • /
    • pp.319-353
    • /
    • 2014
  • Cyber-based technologies are now ubiquitous around the glob and are emerging as an "instrument of power" in societies, and are becoming more available to a country's opponents, who may use it to attack, degrade, and disrupt communications and the flow of information. The globe-spanning range of cyberspace and no national borders will challenge legal systems and complicate a nation's ability to deter threats and respond to contingencies. Through cyberspace, competitive powers will target industry, academia, government, as well as the military in the air, land, maritime, and space domains of our nations. Enemies in cyberspace will include both states and non-states and will range from the unsophisticated amateur to highly trained professional hackers. In much the same way that airpower transformed the battlefield of World War II, cyberspace has fractured the physical barriers that shield a nation from attacks on its commerce and communication. Cyberthreats to the infrastructure and other assets are a growing concern to policymakers. In 2013 Cyberwarfare was, for the first time, considered a larger threat than Al Qaeda or terrorism, by many U.S. intelligence officials. The new United States military strategy makes explicit that a cyberattack is casus belli just as a traditional act of war. The Economist describes cyberspace as "the fifth domain of warfare and writes that China, Russia, Israel and North Korea. Iran are boasting of having the world's second-largest cyber-army. Entities posing a significant threat to the cybersecurity of critical infrastructure assets include cyberterrorists, cyberspies, cyberthieves, cyberwarriors, and cyberhacktivists. These malefactors may access cyber-based technologies in order to deny service, steal or manipulate data, or use a device to launch an attack against itself or another piece of equipment. However because the Internet offers near-total anonymity, it is difficult to discern the identity, the motives, and the location of an intruder. The scope and enormity of the threats are not just focused to private industry but also to the country's heavily networked critical infrastructure. There are many ongoing efforts in government and industry that focus on making computers, the Internet, and related technologies more secure. As the national intelligence institution's effort, cyber counter-intelligence is measures to identify, penetrate, or neutralize foreign operations that use cyber means as the primary tradecraft methodology, as well as foreign intelligence service collection efforts that use traditional methods to gauge cyber capabilities and intentions. However one of the hardest issues in cyber counterintelligence is the problem of "Attribution". Unlike conventional warfare, figuring out who is behind an attack can be very difficult, even though the Defense Secretary Leon Panetta has claimed that the United States has the capability to trace attacks back to their sources and hold the attackers "accountable". Considering all these cyber security problems, this paper examines closely cyber security issues through the lessons from that of U.S experience. For that purpose I review the arising cyber security issues considering changing global security environments in the 21st century and their implications to the reshaping the government system. For that purpose this study mainly deals with and emphasis the cyber security issues as one of the growing national security threats. This article also reviews what our intelligence and security Agencies should do among the transforming cyber space. At any rate, despite of all hot debates about the various legality and human rights issues derived from the cyber space and intelligence service activity, the national security should be secured. Therefore, this paper suggests that one of the most important and immediate step is to understanding the legal ideology of national security and national intelligence.

  • PDF

A study on knowledge distillation to preserve semantic information (의미적 정보를 보존하는 지식 증류에 대한 연구)

  • Seong-hyun Park;Sangkyun Lee
    • Annual Conference of KIPS
    • /
    • 2024.05a
    • /
    • pp.772-773
    • /
    • 2024
  • 의미적 정보까지 학생 모델에게 학습시키기 위한 지식 증류 기법은 많이 논의되어 왔다. 그러나 학생 모델의 용량이 교사 모델의 용량에 비해 부족함에서 발생하는 의미적 정보 손실에 대한 논의는 아직 진행되지 않았다. 본 논문에서는 의미적 정보의 최소 단위를 교사 모델의 레이어로 설정하여 학생 모델이 지식 증류를 시작하기 전 최적의 지식 증류 대상을 설정하는 최적 은닉층 선정 알고리즘을 제시한다.

Cost-Effective, Real-Time Web Application Software Security Vulnerability Test Based on Risk Management (위험관리 기반의 비용 효율적인 실시간 웹 애플리케이션 소프트웨어 보안취약점 테스팅)

  • Kumi, Sandra;Lim, ChaeHo;Lee, SangGon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.1
    • /
    • pp.59-74
    • /
    • 2020
  • The web space where web applications run is the cyber information warfare of attackers and defenders due to the open HTML. In the cyber attack space, about 84% of worldwide attacks exploit vulnerabilities in web applications and software. It is very difficult to detect web vulnerability attacks with security products such as web firewalls, and high labor costs are required for security verification and assurance of web applications. Therefore, rapid vulnerability detection and response in web space by automated software is a key and effective cyber attack defense strategy. In this paper, we establish a security risk management model by intensively analyzing security threats against web applications and software, and propose a method to effectively diagnose web and application vulnerabilities. The testing results on the commercial service are analyzed to prove that our approach is more effective than the other existing methods.