• International Journal of Computer Science & Network Security
• /
• v.23 no.2
• /
• pp.173-182
• /
• 2023

The UAE government has set its sights on creating a smart, electronic-based government system that utilizes AI. The country's collaboration with India aims to bring substantial returns through AI innovation, with a target of over $20 billion in the coming years. To achieve this goal, the UAE launched its AI strategy in 2017, focused on improving performance in key sectors and becoming a leader in AI investment. To ensure public safety as the role of AI in government grows, the country is working on developing integrated cyber security solutions for SCADA systems. A questionnaire-based study was conducted, using the AI IQ Threat Scale to measure the variables in the research model. The sample consisted of 200 individuals from the UAE government, private sector, and academia, and data was collected through online surveys and analyzed using descriptive statistics and structural equation modeling. The results indicate that the AI IQ Threat Scale was effective in measuring the four main attacks and defense applications of AI. Additionally, the study reveals that AI governance and cyber defense have a positive impact on the resilience of AI systems. This study makes a valuable contribution to the UAE government's efforts to remain at the forefront of AI and technology exploitation. The results emphasize the need for appropriate evaluation models to ensure a resilient economy and improved public safety in the face of automation. The findings can inform future AI governance and cyber defense strategies for the UAE and other countries.

• Nuclear Engineering and Technology
• /
• v.49 no.3
• /
• pp.484-494
• /
• 2017

In industrial plants such as nuclear power plants, system operations are performed by embedded controllers orchestrated by Supervisory Control and Data Acquisition (SCADA) software. A targeted attack (also termed a control aware attack) on the controller/SCADA software can lead a control system to operate in an unsafe mode or sometimes to complete shutdown of the plant. Such malware attacks can result in tremendous cost to the organization for recovery, cleanup, and maintenance activity. SCADA systems in operational mode generate huge log files. These files are useful in analysis of the plant behavior and diagnostics during an ongoing attack. However, they are bulky and difficult for manual inspection. Data mining techniques such as least squares approximation and computational methods can be used in the analysis of logs and to take proactive actions when required. This paper explores methodologies and algorithms so as to develop an effective monitoring scheme against control aware cyber attacks. It also explains soft computation techniques such as the computational geometric method and least squares approximation that can be effective in monitor design. This paper provides insights into diagnostic monitoring of its effectiveness by attack simulations on a four-tank model and using computation techniques to diagnose it. Cyber security of instrumentation and control systems used in nuclear power plants is of paramount importance and hence could be a possible target of such applications.

• The Journal of Korean Society for Radiation Therapy
• /
• v.21 no.1
• /
• pp.1-7
• /
• 2009

Purpose: The purpose is to evaluate the accuracy of correcting the targeting error through the Target Location System (TLS) for the location change error of the reference point which arises from the movement or motion of patient during the treatment using the CyberKnife. Materials and Methods: In this test, Gafchromic MD-55 film was inserted into the head and neck phantom to analyze the accuracy of the targeting, and then the 6 MV X-ray of CyberKnife (CyberKnife Robotic Radiosurgery System G4, Accuray, US) was irradiated. End to End (E2E) program was used to analyze the accuracy of targeting, which is provided by Accuray Corporation. To compute the error of the targeting, the test was carried out with the films that were irradiated 12 times by maintaining the distance within the rage of $0{\pm}0.2\;mm$ toward x, y, z from the reference point and maintaining the angle within the rage of $0{\pm}0.2^{\circ}$ toward roll, pitch, yaw, and then with the films which were irradiated 6 times by applying intentional movement. And the correlation in the average value of the reference film and the test film were analyzed through independent samples t-test. In addition, the consistency of dose distribution through gamma-index method (dose difference: 3%) was quantified, compared, and analyzed by varying the distance to agreement (DTA) to 1 mm, 1.5 mm, 2 mm, respectively. Results: E2E test result indicated that the average error of the reference film was 0.405 mm and the standard deviation was 0.069 mm. The average error of the test film was 0.413 mm with the standard deviation of 0.121 mm. The result of independent sampling t-test for both averages showed that the significant probability was P=0.836 (confidence level: 95%). Besides, by comparing the consistency of dose distribution of DTA through 1 mm, 1.5 mm, 2 mm, it was found that the average dose distribution of axial film was 95.04%, 97.56%, 98.13%, respectively in 3,314 locations of the reference film, consistent with the average dose distribution of sagittal film that was 95.47%, 97.68%, 98.47%, respectively. By comparing with the test film, it was found that the average dose distribution of axial film was 96.38%, 97.57%, 98.04%, respectively, at 3,323 locations, consistent with the average dose distribution of sagittal film which was 95.50%, 97.87%, 98.36%, respectively. Conclusion: Robotic CyberKnife traces and complements in real time the error in the location change of the reference point caused by the motion or movement of patient during the treatment and provides the accuracy with the consistency of over 95% dose distribution and the targeting error below 1 mm.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.5
• /
• pp.237-242
• /
• 2012

Cyber attacks have rapidly increased by exploiting the underlying vulnerabilities in the target software. However, identifying and correcting these vulnerabilities are extremely difficult and time consuming tasks. To address these problems efficiently, we propose a systematic methodology for security vulnerability assessment process on binary code in the paper. Specifically, we first classified the existing vulnerabilities based on whether the target software run in a Web environment and features of the software. Based on the classification, we determined the list and scope of the vulnerabilities. As our future research direction, we need to further refine and validate our methodology.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.12
• /
• pp.95-105
• /
• 2018

As the IT industry developed, the information held by the company soon became a corporate asset. As this information has value as an asset, the number and scale of various cyber attacks which targeting enterprises and institutions is increasing day by day. Therefore, research are being carried out to protect the assets from cyber attacks by using the attack graph to identify the possibility and risk of various attacks in advance and prepare countermeasures against the attacks. In the attack graph, security metric is used as a measure for determining the importance of each asset or the risk of an attack. This is a key element of the attack graph used as a criterion for determining which assets should be protected first or which attack path should be removed first. In this survey, we research trends of various security metrics used in attack graphs and classify the research according to application viewpoints, use of CVSS(Common Vulnerability Scoring System), and detail metrics. Furthermore, we discussed how to graft the latest security technologies, such as MTD(Moving Target Defense) or SDN(Software Defined Network), onto the attack graphs.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2023.11a
• /
• pp.230-231
• /
• 2023

This study proposes a deep reinforcement learning-based algorithm to automatically generate a ship's passage plan. First, Busan Port and Gwangyang Port were selected as target areas, and a container ship with a draft of 16m was designated as the target vessel. The experimental results showed that the ship's passage plan generated using deep reinforcement learning was more efficient than the Q-learning-based algorithm used in previous research. This algorithm presents a method to generate a ship's passage plan automatically and can contribute to improving maritime safety and efficiency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1179-1189
• /
• 2019

Cyber security evaluation is a series of processes that estimate the level of risk of assets and systems through asset analysis, threat analysis and vulnerability analysis and apply appropriate security measures. In order to prepare for increasing cyber attacks, systematic cyber security evaluation is required. Various indicators for measuring cyber security level such as CWSS and CVSS have been developed, but the quantitative method to apply appropriate security measures according to the risk priority through the standardized security evaluation result is insufficient. It is needed that an Scoring system taking into consideration the characteristics of the target assets, the applied environment, and the impact on the assets. In this paper, we propose a quantitative risk assessment model based on the analysis of existing cyber security scoring system and a method for quantification of assessment factors to apply to the established model. The level of qualitative attribute elements required for cyber security evaluation is expressed as a value through security requirement weight by AHP, threat influence, and vulnerability element applying probability. It is expected that the standardized cyber security evaluation system will be established by supplementing the limitations of the quantitative method of applying the statistical data through the proposed method.

• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.99-113
• /
• 2021

In these days, as cyberspace has been recognized as the fifth battlefield area following the land, sea, air, and space, attention has been focused on activities that view cyberspace as an operational and mission domain in earnest. Also, in the 21st century, cyber operations based on cyberspace are being developed as a 4th generation warfare method. In such an environment, the success of the operation is determined by the commander's decision. Therefore, in order to increase the rationality and objectivity of such decision-making, it is necessary to systematically establish and select a course of action (COA). In this study, COA is established by using the method of classifying operational elements necessary for cyber operation, and it is intended to suggest a direction for quantitative evaluation of COA. To this end, we propose a method of composing the COES (Cyber Operational Elements Set), which becomes the COA of operation, and classifying the cyber operational elements identified in the target development process based on the 5W1H Method. In addition, by applying the proposed classification method to the cyber operation elements used in the STUXNET attack case, the COES is formed to establish the attack COAs. Finally, after prioritizing the established COA, quantitative evaluation of the policy was performed to select the optimal COA.

• Journal of the Korean Association of Oral and Maxillofacial Surgeons
• /
• v.30 no.1
• /
• pp.65-68
• /
• 2004

CyberKnife is a stereotactic radiosurgery system which could be used to treat many tumors and lesions. It provides the surgeon unparalleled flexibility in targeting using a compact light linear accelerator mounted on a robotic arm. Advanced image guidance technology tracks patient and target position during treatment, ensuring accuracy without the use of an invasive head frame. CyberKnife with Dynamic Tracking Software is cleared to provide radiosurgery for lesions anywhere in the body when radiation treatment is indicated. It has often been used to radiosurgically treat otherwise untreatable tumors and malformations. Moreover, this instrument treats tumors at body sites, most of which are unreachable by other stereotactic systems. Compared with conventional radiotherapy, it is fundamentally different that using non-invasive, frameless, no excessive radiation exposure to normal tissue. In oral malignant neoplasm, surgical excision and radiation therapy should be tried first, additionally chemotherapy could be considered. However, after failure of conventional therapies, patients had poor systemic condition and surgical limitation. So, CyberKnife could be a suitable therapy. A 49 years man was referred in recurred mandibular cancer treated by radiotherapy. The tumor was considered inoperable, because of extensive invasion and was not expected to good response to conventional therapies. We experienced a case of CyberKnife after 4 cycle chemotherapies, so we report it with review of literature.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.8
• /
• pp.357-368
• /
• 2013

Our society has evolved into a fully connected society in a mixed reality environment enabling various knowledge sharing / management / control / creation due to the expansion of broadband ICT infrastructure, smart devices, cloud services and social media services. Therefore cyber threats have increased with the convenience. The society of the future can cause more complex and subtle problems, if you do not have an effective response to cyber threats, due to fusion of logical space and physical space, organic connection of the smart object and the universalization of fully connected society. In this paper, we propose the strategy to build knowledge-base as the basis to actively respond to new cyber threats caused by future various environmental changes and the universalization of fully connected society.