• Management Science and Financial Engineering
• /
• v.3 no.2
• /
• pp.1-27
• /
• 1997

Designing effective navigation aids for customer interfaces is critical for the success of cyber shopping malls. Navigation aids can be classified into either basic ones which are based on the structure of the malls or add-ons which are not. Add-on navigation aids provide various short-cuts to promote efficient traversal in the cyber shopping malls, but too many of them would increase the complexity of the customer interface. Metaphors have been used widely for the design of add-on navigation aids, but little research evaluates their impact on the processes and outcomes of customers behavior in cyber shopping malls. This paper presents an empirical study that investigates the navigation process of customers and the subjective evaluation of their shopping experience. This research implemented two versions of a test-bed cyber shopping mall according to different metaphors used; one based on a spatial metaphor, and the other based on a non spatial metaphor. The results of the experiment indicate that navigation aids based on the spatial metaphor were used more frequently, which resulted in better understanding about the entire structure of the cyber shopping malls, which in turn led to an increased ease of finding target items and also a more pleasant shopping experience. The benefits of navigation aids based on the spatial metaphor became more evident when customers were looking for ad-hoc category items rather than common items. This paper presents plausible explanations for the results and implications to the design of navigation aids for cyber shopping malls.

• Journal of Information Processing Systems
• /
• v.15 no.4
• /
• pp.865-889
• /
• 2019

The need for cyber resilience is increasingly important in our technology-dependent society where computing devices and data have been, and will continue to be, the target of cyber-attackers, particularly advanced persistent threat (APT) and nation-state/sponsored actors. APT and nation-state/sponsored actors tend to be more sophisticated, having access to significantly more resources and time to facilitate their attacks, which in most cases are not financially driven (unlike typical cyber-criminals). For example, such threat actors often utilize a broad range of attack vectors, cyber and/or physical, and constantly evolve their attack tactics. Thus, having up-to-date and detailed information of APT's tactics, techniques, and procedures (TTPs) facilitates the design of effective defense strategies as the focus of this paper. Specifically, we posit the importance of taxonomies in categorizing cyber-attacks. Note, however, that existing information about APT attack campaigns is fragmented across practitioner, government (including intelligence/classified), and academic publications, and existing taxonomies generally have a narrow scope (e.g., to a limited number of APT campaigns). Therefore, in this paper, we leverage the Cyber Kill Chain (CKC) model to "decompose" any complex attack and identify the relevant characteristics of such attacks. We then comprehensively analyze more than 40 APT campaigns disclosed before 2018 to build our taxonomy. Such taxonomy can facilitate incident response and cyber threat hunting by aiding in understanding of the potential attacks to organizations as well as which attacks may surface. In addition, the taxonomy can allow national security and intelligence agencies and businesses to share their analysis of ongoing, sensitive APT campaigns without the need to disclose detailed information about the campaigns. It can also notify future security policies and mitigation strategy formulation.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.9
• /
• pp.57-64
• /
• 2018

In recent years, a new approach to cyber security, called the moving target defense, has emerged as a potential solution to the challenge of static systems. In this paper, we design a protected server network with a large number of decoys to anonymize the protected servers that dynamically mutate their IP address and port numbers according to Hidden Tunnel Networking, which is a network-based moving target defense scheme. In the network, a protected server is one-to-one mapped to a decoy-bed that generates a number of decoys, and the decoys share the same IP address pool with the protected server. First, the protected server network supports mutating the IP address and port numbers of the protected server very frequently regardless of the number of decoys. Second, it provides independence of the decoy-bed configuration. Third, it allows the protected servers to freely change their IP address pool. Lastly, it can reduce the possibility that an attacker will reuse the discovered attributes of a protected server in previous scanning. We believe that applying Hidden Tunnel Networking to protected servers in the proposed network can significantly reduce the probability of the protected servers being identified and compromised by attackers through deploying a large number of decoys.

• Convergence Security Journal
• /
• v.16 no.6_1
• /
• pp.43-50
• /
• 2016

As North Korea has a sufficient ability to attack our society's vulnerable computer network, various large-scale cyber attacks are expected to be tried. North Korea's cyber military strength is known a world-class level. The number of its cyber agents is increasing consistently. Recently North Korea's cyber attack has been made regardless of trick and target. But up to now North Korea's cyber attack is more of an exploration than a real attack. Its purpose was to check how fast Korea found a problem and recovered from it. In future, cyber attack that damages substantially is highly probable. In case of an attack against national infrastructure like traffic, financial and energy services, the extent of the damage will be great beyond imagination. In this paper, characteristics of recent North Korea's cyber attack is addressed in depth and countermeasures such as the enactment of cyber terror prevention law, simulation training enforcement, private and public cooperation system construction, cyber security infrastructure expansion, etc. are proposed.

• Smart Media Journal
• /
• v.5 no.2
• /
• pp.65-76
• /
• 2016

Cloud Computing has recently begun to emerge as a new attack target. The malice DDoS attacks are ongoing to delay and disturb the various services of the Cloud Computing. In this paper, we propose the Hornet-Cloud using security Honeypot technique and resources of Cloud Computing, define and design the concept of security functions about active low-interaction framework by cyber resilience simply. In addition, for virtual honeypot service, we simulated and vitrified the possibility of functions of the low-interaction vHoneypot using cyber resilience.

• Annual Conference of KIPS
• /
• 2021.11a
• /
• pp.745-748
• /
• 2021

가상 환경의 시뮬레이션을 이용해 지능형 로봇에 강화 학습 기법을 적용하는 접근법은 실제 세계의 로봇들의 학습에 유용하다. 우리는 이러한 방법을 적용해서 장애물을 회피하고, 로봇이 특정 목표물을 인식하면 목표물로 자율적으로 이동하는 알고리즘을 개발하였다. 제안된 방법의 유용성 검증은 구현과 실험으로 확인하였다.

• Journal of the Korea Society for Simulation
• /
• v.12 no.2
• /
• pp.63-73
• /
• 2003

The major objective of this paper is to propose the method of attacker and host modeling for cyber-attack simulation. In the security modeling and simulation for information assurance, it is essential the modeling of attacker that is able to generate various cyber-attack scenarios as well as the modeling of host, which is able to represent behavior on attack concretely The security modeling and simulation, which was announced by Cohen, Nong Ye and etc., is too simple to concretely analyze attack behavior on the host. And, the attacker modeling, which was announced by CERT, Laura and etc., is impossible to represent complex attack excepting fixed forms. To deal with this problem, we have accomplished attacker modeling by adopted the rule-based SES which integrates the existing SES with rule-based expert system for synthesis and performed host modeling by using the DEVS formalism. Our approach is to show the difference from others in that (ⅰ) it is able to represent complex and repetitive attack, (ⅱ) it automatically generates the cyber-attack scenario suitable on the target system, (ⅲ) it is able to analyze host's behavior of cyber attack concretely. Simulation tests performed on the sample network verify the soundness of proposed method.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.521-524
• /
• 2014

Because of the development of computers and networks, the use of the internet has been rapidly increased. The smart devices, such as smart phones and tablet PCs, have made an epoch-making changes, which have brought people's daily lives to the cyber world and life values have been improved. The cyber world not only just changed individual's lives, but also affected all areas and the world. The recent global trends reside mainly in protection of energy sources, and nation's dependency of the information system such as politic, economic and national security. Since major national infrastructure becomes a stragic attack target, the importance of cyber warfare has rised as an effective way to attact enermy. This article explores the concept of cyber warfare and national cyber capability, and then figure out the plan of reaction to minimize damages with best protection when cyber warfare occurs.

• Convergence Security Journal
• /
• v.23 no.3
• /
• pp.21-28
• /
• 2023

The development of information and communication technology in the 21st century has increased operational efficiency by providing hyper-connectivity and hyper-intelligence in the control systems of major infrastructure, but is also increasing security vulnerabilities, exposing it to hacking threats. Among them, the electric power system that supplies electric power essential for daily life has become a major target of cyber-attacks as a national critical infrastructure system. Recently, in order to protect these power systems, various security systems have been developed and the stability of the power systems has been maintained through practical cyber battle training. However, as cyber-attacks are combined with advanced ICT technologies such as artificial intelligence and big data, it is not easy to defend cyber-attacks that are becoming more intelligent with existing security systems. In order to defend against such intelligent cyber-attacks, it is necessary to know the types and aspects of intelligent cyber-attacks in advance. In this study, we analyzed the evolution of cyber attacks combined with advanced ICT technology.

• Convergence Security Journal
• /
• v.16 no.5
• /
• pp.11-16
• /
• 2016

In modern society, the development of Information and Communication Technology has given people a lot of opportunities. But on the other side cyber attack also gives enormous damage to people. Recently Korea has become the target of cyber attack. The threat of it is growing. Especially North Korea has committed hostile actions against South Korea. North Korea has recently attacked the computer networks of South Korea's important national facilities. The types of North Korea's cyber attacks include the followings. First, if we see it with the viewpoint of software, it tries to destroy or control the Internet, infects the networks with viruses, worms, Trojan Horse and Distributed Denial of Service. I suggest the following to solve the problem. First, South Korea should unify the organizations to respond to the attacks of North Korea, as North Korea has a unified organization for the cyber attack. Second, they should think about the establishment of "Cyber Terrorism Prevention Act" to systematically respond to the software attacks.