• Title/Summary/Keyword: Cyber Research

Search Result 1,465, Processing Time 0.021 seconds

Cyber attack taxonomy for digital environment in nuclear power plants

  • Kim, Seungmin;Heo, Gyunyoung;Zio, Enrico;Shin, Jinsoo;Song, Jae-gu
    • Nuclear Engineering and Technology
    • /
    • v.52 no.5
    • /
    • pp.995-1001
    • /
    • 2020
  • With the development of digital instrumentation and control (I&C) devices, cyber security at nuclear power plants (NPPs) has become a hot issue. The Stuxnet, which destroyed Iran's uranium enrichment facility in 2010, suggests that NPPs could even lead to an accident involving the release of radioactive materials cyber-attacks. However, cyber security research on industrial control systems (ICSs) and supervisory control and data acquisition (SCADA) systems is relatively inadequate compared to information technology (IT) and further it is difficult to study cyber-attack taxonomy for NPPs considering the characteristics of ICSs. The advanced research of cyber-attack taxonomy does not reflect the architectural and inherent characteristics of NPPs and lacks a systematic countermeasure strategy. Therefore, it is necessary to more systematically check the consistency of operators and regulators related to cyber security, as in regulatory guide 5.71 (RG.5.71) and regulatory standard 015 (RS.015). For this reason, this paper attempts to suggest a template for cyber-attack taxonomy based on the characteristics of NPPs and exemplifies a specific cyber-attack case in the template. In addition, this paper proposes a systematic countermeasure strategy by matching the countermeasure with critical digital assets (CDAs). The cyber-attack cases investigated using the proposed cyber-attack taxonomy can be used as data for evaluation and validation of cyber security conformance for digital devices to be applied, and as effective prevention and mitigation for cyber-attacks of NPPs.

Effective Response Methods for the Prevention of Cyber-terror in South Korea (한국 사이버테러 방지를 위한 효과적 대응방안)

  • Sung, Yong-Eun;Youn, Byoung-Hoon
    • Convergence Security Journal
    • /
    • v.16 no.2
    • /
    • pp.11-17
    • /
    • 2016
  • The purpose of this research is to explore the effective response methods for the prevention of cyber-terror in South Korea. This research used an analysis of literature research. From the result of this research, the researchers suggested 1) enactment of the 'Cyber-terror Prevention Act' in order to enhance the effectiveness against cyber-terror; 2) establishment of practical control tower for cyber-terror; 3) expansion of the expert training for cyber-terror. The limitations of this research and the recommendations for future research were discussed at the last part of this research.

Cyber Society and Men′s Fashion (사이버 사회와 남성 패션)

  • 이민선
    • The Research Journal of the Costume Culture
    • /
    • v.12 no.5
    • /
    • pp.832-844
    • /
    • 2004
  • The purpose of this study is to explain innovative changes of men's fashion in 'a cyber society', which has come with the advent of internet revolution and where we have witnessed social changes in view of sex, race and class. As for the research methodology, literary research was under taken to study characteristics of cyber society. And demonstrative studies on men's fashion were undertaken through the analysis of photos. 'Cyber space' is defined as 'a communication network of informations and opinions' or 'pseudo world created by computer technology'. Our current world, which has continuous interaction with cyber space, can be understand as cyber society. In a cyber society, transcendental structure is not accepted, feminine characteristics appear more frequently, and western-biased territorial features lose its ground. These characteristics are rooted in ideological characteristics of cyber society, such as opposition and composition. Considering the characteristics of cyber society, the aesthetic images of men's fashion in cyber society can be explained with de-authoritarianism,  metrosexualism and multi-culturalism.

  • PDF

Application of STPA-SafeSec for a cyber-attack impact analysis of NPPs with a condensate water system test-bed

  • Shin, Jinsoo;Choi, Jong-Gyun;Lee, Jung-Woon;Lee, Cheol-Kwon;Song, Jae-Gu;Son, Jun-Young
    • Nuclear Engineering and Technology
    • /
    • v.53 no.10
    • /
    • pp.3319-3326
    • /
    • 2021
  • As a form of industrial control systems (ICS), nuclear instrumentation and control (I&C) systems have been digitalized increasingly. This has raised in turn cyber security concerns. Cyber security for ICS is important because cyber-attacks against ICS can cause not only equipment damage and loss of production but also personal and public safety hazards unlike in general IT environments. Numerous risk analyses have been carried out to enhance the safety of ICS and recently, many studies related to the cyber security of ICS are being conducted. Many existing risk analyses and cyber security studies have considered safety and cyber security separately. However, both safety and cyber security perspectives should be considered when analyzing risks for complex and critical ICS facilities such as nuclear power plants (NPPs). In this paper, the STPA-SafeSec methodology is selected to consider both safety and security perspectives when performing a risk analysis for NPPs in order to assess impacts on the safety by cyber-attacks against the digital I&C systems. The STPA-SafeSec methodology was applied to a test-bed system that simulates a condensate water (CD) system in an NPP. The process of the application up to the development of mitigation strategies is described in detail.

AVOIDITALS: Enhanced Cyber-attack Taxonomy in Securing Information Technology Infrastructure

  • Syafrizal, Melwin;Selamat, Siti Rahayu;Zakaria, Nurul Azma
    • International Journal of Computer Science & Network Security
    • /
    • v.21 no.8
    • /
    • pp.1-12
    • /
    • 2021
  • An operation of an organization is currently using a digital environment which opens to potential cyber-attacks. These phenomena become worst as the cyberattack landscape is changing rapidly. The impact of cyber-attacks varies depending on the scope of the organization and the value of assets that need to be protected. It is difficult to assess the damage to an organization from cyberattacks due to a lack of understanding of tools, metrics, and knowledge on the type of attacks and their impacts. Hence, this paper aims to identify domains and sub-domains of cyber-attack taxonomy to facilitate the understanding of cyber-attacks. Four phases are carried in this research: identify existing cyber-attack taxonomy, determine and classify domains and sub-domains of cyber-attack, and construct the enhanced cyber-attack taxonomy. The existing cyber-attack taxonomies are analyzed, domains and sub-domains are selected based on the focus and objectives of the research, and the proposed taxonomy named AVOIDITALS Cyber-attack Taxonomy is constructed. AVOIDITALS consists of 8 domains, 105 sub-domains, 142 sub-sub-domains, and 90 other sub-sub-domains that act as a guideline to assist administrators in determining cyber-attacks through cyber-attacks pattern identification that commonly occurred on digital infrastructure and provide the best prevention method to minimize impact. This research can be further developed in line with the emergence of new types and categories of current cyberattacks and the future.

Research Activities for Cyber Characters in Korea

  • Lee, Ee-Taek;Park, Chan-Jong;Park, Jung-Jo
    • Proceedings of the Korean Society of Broadcast Engineers Conference
    • /
    • 1999.06a
    • /
    • pp.11-14
    • /
    • 1999
  • The forthcoming century will be the "era of cyber society" . In a virtual environment, a cyber character plays the role of an agent for the human being. In this paper, we introduce active researches of industries, universities, and research institutes in Korea. After Adam Soft Inc. presented a cyber singer,“Adam”, a few cyber characters have succeeded commercially through Internet, TV, CF, movies and etc. Some universities had their own characters to make fundamental researches in the fields of modeling, motion control, and VR. Research institutes have been funded recently to a cyber character related researches. This paper briefly reviews the recent research works, and future trends in Korea. in Korea.

A Comprehensive Survey of TPM for Defense Systems

  • Cheol Ryu;Jae-Ho Lee;Do-Hyung Kim;Hyung-Seok Lee;Young-Sae Kim;Jin-Hee Han;Jeong-nyeo Kim
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.18 no.7
    • /
    • pp.1953-1967
    • /
    • 2024
  • Lately, there has been a notable surge in the defense industry's efforts to develop highly advanced intelligent systems. These systems encompass sophisticated computing platforms that boast an impressive level of autonomy. However, it's important to acknowledge that these very systems are not impervious to vulnerabilities stemming from both hardware and software tampering. Within the context of this discourse, our focus of the survey is directed towards the hardware security module. This component stands out for its capability to offer a significantly heightened level of protection when compared to conventional software-based techniques. Through the lens of this paper, we embark on a comprehensive survey of Trusted Platform Module (TPM), a hardware security module, shedding light on its potential to fortify the defense against threats that emerge from various vectors of attack.

An Architecture Design and Implementation of Stateful Traffic Generation for Cyber Warfare Training (사이버전 훈련을 위한 상태 저장 트래픽 발생 Architecture 설계 및 구현)

  • Hong, Suyoun;Kim, Kwangsoo;Kim, Taekyu
    • Journal of the Korea Institute of Military Science and Technology
    • /
    • v.23 no.3
    • /
    • pp.267-276
    • /
    • 2020
  • Threats targeting cyberspace are becoming more intelligent and increasing day by day. To cope with such cyber threats, it is essential to improve the coping ability of system security officers. In this paper, we propose a stateful traffic generator that provide network background traffic for cyber warfare training. The proposed architecture is designed for generating traffic similar to real system traffic, so the trainee can perform more realistic training.

Cyber threats: taxonomy, impact, policies, and way forward

  • Malik, Annas W.;Abid, Adnan;Farooq, Shoaib;Abid, Irfan;Nawaz, Naeem A.;Ishaq, Kashif
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.16 no.7
    • /
    • pp.2425-2458
    • /
    • 2022
  • The continuous evolution and proliferation of computer technology and our increasing dependence on computer technology have created a new class of threats: "cyber threats." These threats can be defined as activities that can undermine a society's ability to maintain internal or external order while using information technology. Cyber threats can be mainly divided into two categories, namely cyber-terrorism and cyber-warfare. A variety of malware programs are often used as a primary weapon in these cyber threats. A significant amount of research work has been published covering different aspects of cyber threats, their countermeasures, and the policy-making for cyber laws. This article aims to review the research conducted in various important aspects of cyber threats and provides synthesized information regarding the fundamentals of cyber threats; discusses the countermeasures for such threats; provides relevant details of high-profile cyber-attacks; discusses the developments in global policy-making for cyber laws, and lastly presents promising future directions in this area.

Research on Cyber IPB Visualization Method based on BGP Archive Data for Cyber Situation Awareness

  • Youn, Jaepil;Oh, Haengrok;Kang, Jiwon;Shin, Dongkyoo
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.15 no.2
    • /
    • pp.749-766
    • /
    • 2021
  • Cyber powers around the world are conducting cyber information-gathering activities in cyberspace, a global domain within the Internet-based information environment. Accordingly, it is imperative to obtain the latest information through the cyber intelligence preparation of the battlefield (IPB) process to prepare for future cyber operations. Research utilizing the cyber battlefield visualization method for effective cyber IPB and situation awareness aims to minimize uncertainty in the cyber battlefield and enable command control and determination by commanders. This paper designed architecture by classifying cyberspace into a physical, logical network layer and cyber persona layer to visualize the cyber battlefield using BGP archive data, which is comprised of BGP connection information data of routers around the world. To implement the architecture, BGP archive data was analyzed and pre-processed, and cyberspace was implemented in the form of a Di-Graph. Information products that can be obtained through visualization were classified for each layer of the cyberspace, and a visualization method was proposed for performing cyber IPB. Through this, we analyzed actual North Korea's BGP and OSINT data to implement North Korea's cyber battlefield centered on the Internet network in the form of a prototype. In the future, we will implement a prototype architecture based on Elastic Stack.