• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2021.11a
• /
• pp.72-73
• /
• 2021

As discussions of the International Maritime Organization for the introduction of the Marine Autonomous Surface Ship (MASS) began in earnest, discussions were conducted to prioritize cybersecurity (Cyber Risk Management) when developing a system to support MASS operation at the 27th ENAV Committee Working Group (WG2). Korea launched a technology development project for autonomous ships in 2020, and has been promoting detailed tasks for cybersecurity technology development since 2021. MASS operation in a digital maritime communication system environment requires network security of various digital equipment that was not considered in the existing maritime communication environment. This study introduces the basic concept of network security equipment to support MASS operation in the detailed task of cybersecurity technology development, and defines the network security equipment interface for MASS ship application in the basic stage.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.1-9
• /
• 2021

This paper proposes to automate the process of predicting crypto-operations from the power signal generated in RSA decoding process by frequency analysis and K-means algorithm. RSA decoding process is divided into square and multiply operation, and if we can predict the type of operations over time, we will know the RSA key value. After converting the power signal generated in the process of decoding into two-dimensional frequency signal, this paper used K-means algorithm to classify the frequency vector according to the type of operation. these classified frequency vector were used to predict the types of operations.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.8 no.4
• /
• pp.285-296
• /
• 2018

Among many hacking attempts carried out in the past few years, the cyber-attacks that could have caused a national-level disaster were the attacks against nuclear facilities including nuclear power plants. The most typical one was the Stuxnet attack against Iranian nuclear facility and the cyber threat targeting one of the facilities operated by Korea Hydro and Nuclear Power Co., Ltd (Republic of Korea; ROK). Although the latter was just a threat, it made many Korean people anxious while the former showed that the operation of nuclear plant can be actually stopped by direct cyber-attacks. After these incidents, the possibility of cyber-attacks against industrial control systems has become a reality and the security for these systems has been tightened based on the idea that the operations by network-isolated systems are no longer safe from the cyber terrorism. The ROK government has established a realistic control systems defense concept and in the US, the relevant authorities have set up several security frameworks to prepare for the threats. This paper presented various cyber security attack cases and their scenarios against control systems, along with the analysis of countermeasures for them. Though this task, we attempt to identify the items that need to be considered when designing a domestic security framework to improve security and secure stability.

• Journal of Information Technology Applications and Management
• /
• v.25 no.3
• /
• pp.29-41
• /
• 2018

The purpose of constructing university information system is for improvement in diversification and throughput of information, streamlines business processes, rapid exchange of information, sharing of information, decision-making information, and securing educational facilities. Similar to business information technology system, university information system does not have a review system for sharing and overlapping investment of information. Due to the lack of project management for outsourcing and vulnerability of system suitability, system audit is absolutely needed for the university information system. This paper especially focuses on an operational phase in the audit of university information system. Additionally, we proposed operating model and checklists of the university information system based on Management Guidelines of ITIL V3 Operational and Information System. We derived the checklists of operation audit by each domain of service strategy, service design, service transition, service operation, and continual service improvement. As the result, this study appear to have more than average satisfaction the suitability results were.

• Journal of the Economic Geographical Society of Korea
• /
• v.22 no.2
• /
• pp.111-122
• /
• 2019

This study attempts to analyze the critical issues of globalization and present an alternative framework that places ICT in the function of development in comparative perspective. To adjudicate the controversies concerning the effect of developmental factors, it examines the determinants of global trend that leads to the comprehensive mechanism of ICT and cultural residues. The advent of the global community in cyber space requires a new balancing point by the mode of communication and culture among all societies and operation with decentralized authority. This interdependence, by providing diverse network structures and participating in cyberspace, includes the power shift from the dynamics of international relations with voluntary collaboration and brings some important implications for a global empathetic society.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2022.06a
• /
• pp.155-156
• /
• 2022

Efficient operation of ships can transport cargo to ports safer and faster, and reduce fuel costs. Therefore, in this study, the pattern was analyzed using AIS data of ships passing near Busan Port, a representative port in Korea. The analysis of vessel traffic patterns was approached with a grid-based node generation method, which can be used for research such as optimal route and route prediction.

• International Journal of Computer Science & Network Security
• /
• v.24 no.5
• /
• pp.40-52
• /
• 2024

Cyber-Physical Systems (CPS) are introduced as complex, interconnected systems that combine physical components with computational elements and networking capabilities. They bridge the gap between the physical world and the digital world, enabling the monitoring and control of physical processes through embedded computing systems and networked communication. These systems introduce several security challenges. These challenges, if not addressed, can lead to vulnerabilities that may result in substantial losses. Therefore, it is crucial to thoroughly examine and address the security concerns associated with CPS to guarantee the safe and reliable operation of these systems. To handle these security concerns, different existing security requirements methods are considered but they were unable to produce required results because they were originally developed for software systems not for CPS and they are obsolete methods for CPS. In this paper, a Security Requirements Engineering Methodology for CPS (CPS-SREM) is proposed. A comparison of state-of-the-art methods (UMLSec, CLASP, SQUARE, SREP) and the proposed method is done and it has demonstrated that the proposed method performs better than existing SRE methods and enabling experts to uncover a broader spectrum of security requirements specific to CPS. Conclusion: The proposed method is also validated using a case study of the healthcare system and the results are promising. The proposed model will provide substantial advantages to both practitioners and researcher, assisting them in identifying the security requirements for CPS in Industry 4.0.

• Journal of Korea Port Economic Association
• /
• v.22 no.2
• /
• pp.109-133
• /
• 2006

The Study investigated economic effects and the conditions in the public Shipping e-marketplace. For efficient operation of the public Shipping e-marketplace, this study analyzed how do the participation and community actualize in the public Shipping e-marketplace actualize. According to the research results of the Shipping Cooperations, For Promoting participation in the public Shipping e-marketplace, the Cyber-intermediary operating public Shipping e-marketplace provides timely shipping information, needs publicity strategy generating more benefits than offline transaction, and gives a conviction of the searching costs and transaction costs decrease. Second For promoting community, the Cyber-intermediary must playa major role in electronic community and drive forward continuous publicity strategy in the public Shipping e-marketplace.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2014.10a
• /
• pp.179-181
• /
• 2014

지금까지의 해상교통관제시스템(Vessel Traffic System: VTS)에서 관제를 수행함에 있어서 관제사들이 확인할 수 있는 선박에 대한 정보는 AIS(Automatic Identification System) 정보에 한정적이었다. 하지만 선박에서 전달받는 AIS 정적 정보는 한정적이며, 정확성 역시 신뢰할 수 없을 경우가 많은 실정이다. 그래서 관제사들은 선박의 정확한 정보 확인을 위해서 항만운영시스템(Port-MIS)에 별도로 접속하여 해당 선박에 대한 정보를 조회하여 활용하는 상황이다. 현재 ETRI에서는 Single Windows 개념을 적용한 차세대 해상교통관제시스템을 개발하면서 관제사들의 편의성 제공을 위해 추가적인 Port-MIS의 연동 없이 관제 화면을 통해 관제중인 선박에 대한 Port-MIS 정보를 조회하여 현시할 수 있도록 개발하고 있다. 본 논문에서는 관제사들의 VTS 현시용 선박 정보 필드에 대한 요구사항을 도출하고, 이를 제공하기 위한 시스템 설계 구조에 대해서도 기술한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2024.05a
• /
• pp.333-336
• /
• 2024

스마트팩토리는 기존 제조산업에 ICT 기술이 융합된 지능형 공장이다. 이는 IT(Information Technology)영역과 OT(Operation Technology)으로 구분되고, 영역 간 연결을 통해 제조공정 자동화 및 지능화를 수행한다. IT영역은 외부 네트워크와 연결되어 스마트팩토리의 전사업무 관리를 수행하며, OT영역은 폐쇄망 네트워크로 구성되어 직접적인 제조과정을 수행한다. 이는 2개의 영역으로 구분되어 자동화 및 지능화된 제조공정 과정을 수행함에 따라 구조가 복잡해지고 있으며, 이로 인해 스마트팩토리 보안위협이 발생 가능한 공격 표면이 증가하고 있다. 이에 대응하기 위해서는 스마트팩토리 IT영역과 OT영역의 특징을 분석하고, 영역별 적합한 보안위협 대응체계를 수립해야 한다. 이에 따라, 본 논문에서는 다수의 장치에 대한 학습이 용이하고, 세부적으로 학습기법을 구분할 수 있는 연합학습을 활용하여 스마트팩토리 영역별 적합한 보안위협 대응방안을 제안한다.