• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.2
• /
• pp.857-880
• /
• 2016

Due to an increasing number of cyberattacks globally, cybersecurity has become a crucial part of national security in many countries. In particular, the Digital Pearl Harbor has become a real and aggressive security threat, and is considered to be a global issue that can introduce instability to the dynamics of international security. Against this context, the cyberattacks that targeted nuclear power plants (NPPs) in the Republic of Korea triggered concerns regarding the potential effects of cyber terror on critical infrastructure protection (CIP), making it a new security threat to society. Thus, in an attempt to establish measures that strengthen CIP from a cybersecurity perspective, we perform a case study on the cyber-terror attacks that targeted the Korea Hydro & Nuclear Power Co., Ltd. In order to fully appreciate the actual effects of cyber threats on critical infrastructure (CI), and to determine the challenges faced when responding to these threats, we examine factual relationships between the cyberattacks and their responses, and we perform analyses of the characteristics of the cyberattack under consideration. Moreover, we examine the significance of the event considering international norms, while applying the Tallinn Manual. Based on our analyses, we discuss implications for the cybersecurity of CI in South Korea, after which we propose a framework for strengthening cybersecurity in order to protect CI. Then, we discuss the direction of national policies.

• Journal of Energy Engineering
• /
• v.24 no.1
• /
• pp.123-131
• /
• 2015

This paper aims to identify and clarify the cyber security risks and their interaction with the power system in Smart Grid. The EMS and other communication networks interact with the power system on a real time basis, so it is important to understand the interaction between two layers to protect the power system from potential cyber threats. In this study, the optimal power flow(OPF) and Power Flow Tracing are used to assess the interaction between the EMS and the power system. Through OPF and Power Flow Tracing based analysis, the physical and economic impacts from potential cyber threats are assessed, and thereby the quantitative risks are measured in a monetary unit.

• ETRI Journal
• /
• v.43 no.3
• /
• pp.549-560
• /
• 2021

Cyberattacks are often difficult to identify with traditional signature-based detection, because attackers continually find ways to bypass the detection methods. Therefore, researchers have introduced artificial intelligence (AI) technology for cybersecurity analysis to detect malicious PowerShell scripts. In this paper, we propose a feature optimization technique for AI-based approaches to enhance the accuracy of malicious PowerShell script detection. We statically analyze the PowerShell script and preprocess it with a method based on the tokens and abstract syntax tree (AST) for feature selection. Here, tokens and AST represent the vocabulary and structure of the PowerShell script, respectively. Performance evaluations with optimized features yield detection rates of 98% in both machine learning (ML) and deep learning (DL) experiments. Among them, the ML model with the 3-gram of selected five tokens and the DL model with experiments based on the AST 3-gram deliver the best performance.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.11
• /
• pp.2199-2205
• /
• 2017

The development of modern ICT technology constitutes cyber world by using infrastructure in country and society. There is no border in cyber world. Countries around the world are carrying out cyber attacks for their own benefit. A cyber killer strategy is needed to defend cyber attacks. In order to defend the cyber attack or to determine the responsibility of attack, it is important to grasp the attacker origin point. Strategic cyber kill chains are needed to strike against the attacker origin. In this paper, we study the analysis of attacker origin. And analyze the cyber kill chain for attacker origin point strike. Study the efficient and customized cyber kill chain strategy for attacking the origin point. The cyber kill chain strategy will be a practical strategy to replace the power of nuclear and missiles with asymmetric power.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.306-309
• /
• 2017

The development of modern ICT technology constitutes cyber world by using infrastructure in country and society. There is no border in cyber world. Countries around the world are carrying out cyber attacks for their own benefit. A cyber killer strategy is needed to defend cyber attacks. In order to defend the cyber attack or to determine the responsibility of attack, it is important to grasp the attacker origin point. Strategic cyber kill chains are needed to strike against the attacker origin. In this paper, we study the analysis of attacker origin. And analyze the cyber kill chain for attacker origin point strike. Study the efficient and customized cyber kill chain strategy for attacking the origin point. The cyber kill chain strategy will be a practical strategy to replace the power of nuclear and missiles with asymmetric power.

• Proceedings of the Safety Management and Science Conference
• /
• 2003.05a
• /
• pp.175-183
• /
• 2003

It should be needed to realize a general system which make it possible to enjoy cyber tourism based on knowledge information system to recover a local potential growth power, catch a jumping chance again, and hold a new competitive power. But to discuss a tourism information system, the matters of hard ware, software and information mediating system should be reviewed generally, this research is likely to provide a cyber tourism information system through internet as a way of cyber tours through multimedia technology and stereoscopic image technique using geographic information system centering on the networking system of tourism information. Constructing $\ulcorner$cyber touristy city$\lrcorner$ on internet, foster a new industry, to go balanced with a present tourism industry and experience a virtual reality, various theme tours create high profit to shrunken tourism industry. Remark : multimedia technology, stereoscopic image, geographic information system

• Journal of Electrical Engineering and Technology
• /
• v.10 no.3
• /
• pp.888-894
• /
• 2015

This paper presents a unified model based assessment framework to quantify threats and vulnerabilities associated with control systems, especially in the SCADA (Supervisory Control and Data Acquisition) system. In the past, this system was primarily utilized as an isolated facility on a local basis, and then it started to be integrated with wide-area networks as the communication technology would make rapid progress. The introduction of smart grid, which is an innovative application of digital processing and communications to the power grid, might lead to more and more cyber threats originated from IT systems. However, an up-to-date power system often requires the real-time operations, which clearly implies that the cyber security would turn out to be a complicated but also crucial issue for the power system. In short, the purpose of this paper is to streamline a comprehensive approach to prioritizing cyber security risks which are expressed by the combination of threats, vulnerabilities, and values in the SCADA components.

• Nuclear Engineering and Technology
• /
• v.54 no.7
• /
• pp.2467-2474
• /
• 2022

Nuclear Power Plants (NPPs) are the most protected facilities among all critical infrastructures (CIs). In addition to physical security, cyber security becomes a significant concern for NPPs since swift digitalization and overreliance on computer-based systems in the facility operations transformed NPPs into targets for cyber/physical attacks. Despite technical competencies, humans are still the central component of a resilient NPP to develop an effective nuclear security culture. Turkey is one of the newcomers in the nuclear energy industry, and Turkish Akkuyu NPP has a unique model owned by an international consortium. Since Turkey has limited experience in nuclear energy industry, specific multinational and multicultural characteristics of Turkish Akkuyu NPP also requires further research in terms of the Facility's prospective nuclear security. Yet, the link between "national cultures" and "nuclear security" is underestimated in nuclear security studies. By relying on Hofstede's national culture framework, our research aims to address this gap and explore possible implications of cross-national cultural differences on nuclear security. To cope with security challenges in the age of hybrid threats, we propose a security management model which addresses the need for cyber-physical security integration to cultivate a robust nuclear security culture in a multicultural working environment.

• Nuclear Engineering and Technology
• /
• v.54 no.4
• /
• pp.1245-1252
• /
• 2022

As regulatory bodies require full implementation of security controls in nuclear power plants (NPPs), security functions for critical digital assets are currently being developed. For the ultimate introduction of security controls, not alternative measures, it is important to understand the relationship between possible cyber threats to NPPs and security controls to prevent them. To address the effectiveness of the security control implementation, this study investigated the types of cyber threats that can be prevented when the security controls are implemented through the mapping of the reorganized security controls in RS-015 to cyber threats on NPPs. Through this work, the cyber threat that each security control can prevent was confirmed, and the effectiveness of several strategies for implementing the security controls were compared. This study will be a useful reference for utilities or researchers who cannot use design basis threat (DBT) directly and be helpful when introducing security controls to NPPs that do not have actual security functions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.95-108
• /
• 2011

Smart Grids are intelligent next generating Electric Power System (EPS) that provide environment-friendliness, high-efficiency, and high-trustworthiness by integrating information and communication technology with electric power technology. Smart grids help to supply power more efficiently and safely than past systems by bilaterally exchanging information between the user and power producer. In addition, it alleviates environmental problems by using renewable energy resources. However, smart grids have many cyber security risks because of the bilateral service, the increase of small and medium-sized energy resources, and the installation of multi-sensors or control devices. These cyber risks can cause critical problems within a national grid through even small errors. Therefore, in order to reduce these risks, it is necessary to establish a cyber security strategy and apply it from the developmental stage to the implementation stage. This thesis analyzes and recommends security strategy in order to resolve the security risks. By applying cyber security strategy to a smart grid, it will provide a stepping-stone to creating a safe and dependable smart grid.