• Journal of Information Processing Systems
• /
• v.15 no.4
• /
• pp.865-889
• /
• 2019

The need for cyber resilience is increasingly important in our technology-dependent society where computing devices and data have been, and will continue to be, the target of cyber-attackers, particularly advanced persistent threat (APT) and nation-state/sponsored actors. APT and nation-state/sponsored actors tend to be more sophisticated, having access to significantly more resources and time to facilitate their attacks, which in most cases are not financially driven (unlike typical cyber-criminals). For example, such threat actors often utilize a broad range of attack vectors, cyber and/or physical, and constantly evolve their attack tactics. Thus, having up-to-date and detailed information of APT's tactics, techniques, and procedures (TTPs) facilitates the design of effective defense strategies as the focus of this paper. Specifically, we posit the importance of taxonomies in categorizing cyber-attacks. Note, however, that existing information about APT attack campaigns is fragmented across practitioner, government (including intelligence/classified), and academic publications, and existing taxonomies generally have a narrow scope (e.g., to a limited number of APT campaigns). Therefore, in this paper, we leverage the Cyber Kill Chain (CKC) model to "decompose" any complex attack and identify the relevant characteristics of such attacks. We then comprehensively analyze more than 40 APT campaigns disclosed before 2018 to build our taxonomy. Such taxonomy can facilitate incident response and cyber threat hunting by aiding in understanding of the potential attacks to organizations as well as which attacks may surface. In addition, the taxonomy can allow national security and intelligence agencies and businesses to share their analysis of ongoing, sensitive APT campaigns without the need to disclose detailed information about the campaigns. It can also notify future security policies and mitigation strategy formulation.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.14 no.5
• /
• pp.239-247
• /
• 2019

Recently, successful attacks on cyber-physical systems have been reported. As existing network security solutions are limited in preventing the system from malicious attacks, appropriate countermeasures are required from the perspective of the control. In this paper, the cyber and physical attacks are interpreted in terms of actuator and sensor attacks. Based on the interpretation, we suggest a strategy for designing Kalman filters to secure the resilience and safety of the system. Such a strategy is implemented in details to be applied for the lateral control of autonomous driving vehicle. A set of simulation results verify the performance of the proposed Kalman filters.

• Journal of Advanced Navigation Technology
• /
• v.28 no.4
• /
• pp.442-449
• /
• 2024

In this paper, we aim to propose a comprehensive framework for cyber threat analysis of urban air mobility (UAM) or advanced air mobility (AAM) communications, navigation, surveillance, and information system infrastructure. By examining potential vulnerabilities and threat vectors, we seek to enhance the security and resilience of UAM infrastructure. We conduct a detailed cyber threat analysis to identify and categorize various types of cyber threats, assess their impact on the CNSi systems, and evaluate the vulnerabilities within these systems that may be exploited by such threats. This analysis will provide valuable insights for stakeholders involved in the deployment and operation of UAM systems, ultimately contributing to the safe and efficient integration of urban air transportation.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.390-399
• /
• 2022

Cyber security and resilience are phrases that describe safeguards of ICTs (information and communication technologies) from cyber-attacks or mitigations of cyber event impacts. The sole purpose of Risk models are detections, analyses, and handling by considering all relevant perceptions of risks. The current research effort has resulted in the development of a new paradigm for safeguarding services offered online which can be utilized by both service providers and users. customers. However, rather of relying on detailed studies, this approach emphasizes task selection and execution that leads to successful risk treatment outcomes. Modelling intelligent CSGs (Cyber Security Games) using MLTs (machine learning techniques) was the focus of this research. By limiting mission risk, CSGs maximize ability of systems to operate unhindered in cyber environments. The suggested framework's main components are the Threat and Risk models. These models are tailored to meet the special characteristics of online services as well as the cyberspace environment. A risk management procedure is included in the framework. Risk scores are computed by combining probabilities of successful attacks with findings of impact models that predict cyber catastrophe consequences. To assess successful attacks, models emulating defense against threats can be used in topologies. CSGs consider widespread interconnectivity of cyber systems which forces defending all multi-step attack paths. In contrast, attackers just need one of the paths to succeed. CSGs are game-theoretic methods for identifying defense measures and reducing risks for systems and probe for maximum cyber risks using game formulations (MiniMax). To detect the impacts, the attacker player creates an attack tree for each state of the game using a modified Extreme Gradient Boosting Decision Tree (that sees numerous compromises ahead). Based on the findings, the proposed model has a high level of security for the web sources used in the experiment.

• The Korean Journal of Coaching Psychology
• /
• v.5 no.2
• /
• pp.101-125
• /
• 2021

This study tried to identify the psychological mechanisms that middle and high school students can adaptively solve various problems, and to identify differences according to gender and school level. To this end, the growth mindset was set as an independent variable predicting the problem-solving ability of middle and high school students, and ego-resilience and emotional intelligence were set as the mediating variables. As for the research data, responses of 94 middle school students(40 males, 54 females) and 134 high school students(63 males, 71 females) who participated through mobile and off-line were analyzed using SPSS 24.0 and AMOS 18.0. The results are as follows. First, differences according to gender and school level were significant only in emotional intelligence. Second, ego-resilience and emotional intelligence mediated the relationship between growth mindset and problem-solving ability respectively. Third, the dual mediation effect of ego-resilience and emotional intelligence was significant in the relationship between growth mindset and problem-solving ability. Based on these results, theoretical and practical discussions and implications for improving problem-solving ability of middle and high school students are presented.

• International Journal of Computer Science & Network Security
• /
• v.23 no.2
• /
• pp.173-182
• /
• 2023

The UAE government has set its sights on creating a smart, electronic-based government system that utilizes AI. The country's collaboration with India aims to bring substantial returns through AI innovation, with a target of over $20 billion in the coming years. To achieve this goal, the UAE launched its AI strategy in 2017, focused on improving performance in key sectors and becoming a leader in AI investment. To ensure public safety as the role of AI in government grows, the country is working on developing integrated cyber security solutions for SCADA systems. A questionnaire-based study was conducted, using the AI IQ Threat Scale to measure the variables in the research model. The sample consisted of 200 individuals from the UAE government, private sector, and academia, and data was collected through online surveys and analyzed using descriptive statistics and structural equation modeling. The results indicate that the AI IQ Threat Scale was effective in measuring the four main attacks and defense applications of AI. Additionally, the study reveals that AI governance and cyber defense have a positive impact on the resilience of AI systems. This study makes a valuable contribution to the UAE government's efforts to remain at the forefront of AI and technology exploitation. The results emphasize the need for appropriate evaluation models to ensure a resilient economy and improved public safety in the face of automation. The findings can inform future AI governance and cyber defense strategies for the UAE and other countries.

• The Journal of the Convergence on Culture Technology
• /
• v.7 no.1
• /
• pp.674-681
• /
• 2021

Cyber attacks targeting critical infrastructure are on the rise. Critical infrastructure is defined as core infrastructures within a country with a high degree of interdependence between the different structures; therefore, it is difficult to sufficiently protect it using outdated cybersecurity techniques. In particular, the distinction between the physical and logical risks of critical infrastructure is becoming ambiguous; therefore, risk management from a comprehensive perspective must be implemented. Accordingly, as a means of further actively protecting critical infrastructure, major countries have begun to apply their security and cybersecurity systems by design, as a more expanded concept is now being considered. This proactive security approach (CSbD, Cybersecurity by Design) includes not only securing the stability of software (SW) safety design and management, but also physical politics and device (HW) safety, precautionary and blocking measures, and overall resilience. It involves a comprehensive security system. Therefore, this study compares and analyzes security by design measures towards critical infrastructure that are leading the way in the US, Europe, and Singapore. It reflects the results of an analysis of optimal cybersecurity solutions for critical infrastructure. I would like to present a plan for applying by Design.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.11a
• /
• pp.203-205
• /
• 2023

디지털 기술의 지속적인 발전으로 여러 서비스를 제공함과 동시에 갈수록 고도화된 사이버 공격으로 인해 다양한 사이버 위험에 노출될 수 있다. 이에 본 연구에서는 사이버 공격 발생 시 신속한 사이버 복원력 확보를 위해 해외 주요국 및 기관의 관련 정책과 동향을 분석해 보고자 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.11a
• /
• pp.190-192
• /
• 2023

카카오 데이터 센터 화재 사건이나 콜로니얼 파이프라인 해킹 사건과 같이 시스템에 대한 다양한 공격이나 사고가 발생하고 이로 인하여 중요한 필수 서비스가 중단되는 문제가 발생하고 있다. 이러한 문제를 해결하기 위하여 사이버 복원력이 관심을 받고 있다. 사이버 복원력은 사이버 보안에 추가해서 예측, 내구, 회복, 적응의 목적을 가진다. 이 논문에서는 사이버 복원력이 무엇인지 소개하고 사이버 복원력을 기술적인 관점에서와 제도적인 관점에서 소개한다.

• Korean Journal of Social Welfare Studies
• /
• v.42 no.3
• /
• pp.329-353
• /
• 2011

Adolescence is the important period of experiencing primary social relations through family relations. Adolescent of grandparent-grandchildren family who are provided social welfare service, however, causes many psychological and social problems on account of the negative family relationship, so it is needed resilience in order to recover from those circumstances through easing their negative family relations. This study set self esteem, empathy and internal·external locus control as parameters in order to know how negative family relations of grandparent-grandchildren family could influence the resilience of adolescent, then tried to reveal the entire and synthetic causal relationship in paths of them. For this, we analyzed 492 cases of grandparent-grandchildren family adolescent, which had negative family relations. In this process, we used Amos 19.0, analyzed interrelation and path, and examined significance of type and statistical significance in direct-indirect effect between paths. As the analysis result, we proposed that the development of social welfare program and use of it centered on self-esteem, empathy and internal-external control to the family relations of grandparent-grandchildren family adolescents was a practical approaching task of social welfare for them.