• 대한전기학회:학술대회논문집
• /
• 대한전기학회 2004년도 학술대회 논문집 정보 및 제어부문
• /
• pp.426-428
• /
• 2004

Sensor network supports data delivery from physical world to cyber space Sensors get physical events then wireless network transfers sensor data to service server. We use sensor network technology to manage location information of asset. In ubiquitous computing environment, user localization is basic context for intelligent service. A lot of research group make effort to develop low cost localization technology. In this paper, we propose asset monitoring system using wireless sensor network. It is implemented using ad hoc network technology which can be adopted to smart home and this system can monitor the asset location and movement.

• 한국컴퓨터정보학회논문지
• /
• 제23권12호
• /
• pp.95-105
• /
• 2018

As the IT industry developed, the information held by the company soon became a corporate asset. As this information has value as an asset, the number and scale of various cyber attacks which targeting enterprises and institutions is increasing day by day. Therefore, research are being carried out to protect the assets from cyber attacks by using the attack graph to identify the possibility and risk of various attacks in advance and prepare countermeasures against the attacks. In the attack graph, security metric is used as a measure for determining the importance of each asset or the risk of an attack. This is a key element of the attack graph used as a criterion for determining which assets should be protected first or which attack path should be removed first. In this survey, we research trends of various security metrics used in attack graphs and classify the research according to application viewpoints, use of CVSS(Common Vulnerability Scoring System), and detail metrics. Furthermore, we discussed how to graft the latest security technologies, such as MTD(Moving Target Defense) or SDN(Software Defined Network), onto the attack graphs.

• 디지털산업정보학회논문지
• /
• 제4권4호
• /
• pp.127-138
• /
• 2008

To study about core capability which becomes the kernel of sustainable competitive advantage (SCA) in cyber university which confronts competition-deepening circumstance, the value and importance of brand and educational services of cyber universities which stand on the basis of offline university were examined. Moreover, core capability based on the importance of cyber university service was searched, and its strategic course were suggested. Within research processes, competition environment of cyber university was forecasted, and importance to build up its core capability was examined. Moreover, conjoint analysis was carried out for three offline cyber universities. As a result of survey analysis, effectiveness of cyber university brand showed greater influence than other characteristics in terms of the influence which affects consumer preference for cyber university. Therefore, to overcome weaknesses of brand asset in low brand power cyber university, establishment of strong core capability which reflects consumer preference is needed to carry out differentiation strategy or concentration strategy, and it is necessary to consider the introduction of new competitiveness structure.

• 한국생활과학회지
• /
• 제21권2호
• /
• pp.225-240
• /
• 2012

The purpose of this study was to investigate the determinants of households with risky debt loads. The study used financial ratios to determine which households were over-indebted. The 3 ratios used were Debt to Asset ratio, Debt to Financial asset ratio, and Debt Service ratio. Data for this study was the 2011 Survey of Household Finance. Households that demonstrated total debts of 70% or more when compared to total assets were 8.8%. Households that demonstrated a debt load totaling 5 or more times their total financial assets were 19%. Households with monthly repayment obligations of 40% or more of disposable income were 20%. Households that fulfilled all 3 financial ratio criteria were 1.5% of total indebted households. Over-indebted households demonstrated severe economic condition in terms of debt, but not all over-indebted households were categorized as being in economically vulnerable group. The major determinants of households with risky debts were income, asset, purpose of loans, and spending behavior of the households.

• 융합보안논문지
• /
• 제22권4호
• /
• pp.65-73
• /
• 2022

사이버 작전은 가상의 사이버 전장 환경에서 수행되기 때문에, 지휘관이 사이버작전의 의사결정을 효과적으로 지원하기 위해서는 사이버 환경의 현황을 일관된 형태로 평가하고 가시화할 수 있는 평가지표를 정의하고 이를 측정할 수 있는 기술의 개발이 요구된다. 본 논문에서는 사이버 전장에서 수집할 수 있는 다양한 평가지표를 정의하고 이를 정규화하는 방법과 사이버 현황을 일관된 형태로 평가할 수 있는 기술을 제안한다. 제안하는 사이버 전장 상태 요소들의 통합 시계열 분석 및 도시 기술은 최상위에 정규화된 평가지표가 있으며, 해당 지표는 사이버 자산 관련 지표, 평가 대상망 관련 지표, 사이버 위협 관련 지표로 구성되는 각각의 지표들은 6개의 하위 지표를 가진다. 해당 지표들은 지휘관의 관심 영역에 따라 가중치를 부여하여 활용될 수 있고, 사이버 전장의 전체적인 현황을 파악할 수 있어 사이버 작전을 수행하는데 필요한 상황인식에 활용될 수 있을 것으로 예상된다.

• Communications for Statistical Applications and Methods
• /
• 제27권4호
• /
• pp.487-500
• /
• 2020

Insurers face increasing demands for cyber liability; entailed in part by a variety of new forms of risk of data breaches. As data breach occurrences develop, our understanding of the volatility in data breach counts has also become important as well as its expected occurrences. Volatility clustering, the tendency of large changes in a random variable to cluster together in time, are frequently observed in many financial asset prices, asset returns, and it is questioned whether the volatility of data breach occurrences are also clustered in time. We now present volatility analysis based on INGARCH models, i.e., integer-valued generalized autoregressive conditional heteroskedasticity time series model for frequency counts due to data breaches. Using the INGARCH(1, 1) model with data breach samples, we show evidence of temporal volatility clustering for data breaches. In addition, we present that the firms' volatilities are correlated between some they belong to and that such a clustering effect remains even after excluding the effect of financial covariates such as the VIX and the stock return of S&P500 that have their own volatility clustering.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2023년도 춘계학술발표대회
• /
• pp.305-307
• /
• 2023

현재 제조업에서 설비 라인 증축 및 최적화를 위해서는 공정 분석과 설비 시스템 테스트가 요구되며, 많은 시간과 비용이 소요된다. 이러한 문제를 해결하기 위해, 가상의 설비모델을 이용해 설비검증과 라인 테스트를 수행할 수 있는 다양한 CPS(Cyber Physical System)가 연구되고 있다. 본 논문에서는 다양한 설비 이해관계자 사이의 상호운용성을 확보하기 위해 독일의 Industry 4.0에서 제안한 표준 설비 명세인 AAS(Asset Administration Shell)를 활용한 CPS 구현을 제안한다. SMT(Surface Mounting Technology) 라인 중 Screen Printer를 대상으로, 총 3개의 서브 모델(Sub model)과 17개의 속성(Property)을 AAS 명세하고 이를 이용한 CPS를 구현하는 사례연구를 수행했다. 제안 방법은 표준명세를 활용한 제조 분야 CPS 구현에 적용될 수 있다.

• Journal of Electrical Engineering and Technology
• /
• 제10권3호
• /
• pp.888-894
• /
• 2015

This paper presents a unified model based assessment framework to quantify threats and vulnerabilities associated with control systems, especially in the SCADA (Supervisory Control and Data Acquisition) system. In the past, this system was primarily utilized as an isolated facility on a local basis, and then it started to be integrated with wide-area networks as the communication technology would make rapid progress. The introduction of smart grid, which is an innovative application of digital processing and communications to the power grid, might lead to more and more cyber threats originated from IT systems. However, an up-to-date power system often requires the real-time operations, which clearly implies that the cyber security would turn out to be a complicated but also crucial issue for the power system. In short, the purpose of this paper is to streamline a comprehensive approach to prioritizing cyber security risks which are expressed by the combination of threats, vulnerabilities, and values in the SCADA components.

• Nuclear Engineering and Technology
• /
• 제44권8호
• /
• pp.919-928
• /
• 2012

The applications of computers and communication system and network technologies in nuclear power plants have expanded recently. This application of digital technologies to the instrumentation and control systems of nuclear power plants brings with it the cyber security concerns similar to other critical infrastructures. Cyber security risk assessments for digital instrumentation and control systems have become more crucial in the development of new systems and in the operation of existing systems. Although the instrumentation and control systems of nuclear power plants are similar to industrial control systems, the former have specifications that differ from the latter in terms of architecture and function, in order to satisfy nuclear safety requirements, which need different methods for the application of cyber security risk assessment. In this paper, the characteristics of nuclear power plant instrumentation and control systems are described, and the considerations needed when conducting cyber security risk assessments in accordance with the lifecycle process of instrumentation and control systems are discussed. For cyber security risk assessments of instrumentation and control systems, the activities and considerations necessary for assessments during the system design phase or component design and equipment supply phase are presented in the following 6 steps: 1) System Identification and Cyber Security Modeling, 2) Asset and Impact Analysis, 3) Threat Analysis, 4) Vulnerability Analysis, 5) Security Control Design, and 6) Penetration test. The results from an application of the method to a digital reactor protection system are described.

• 한국컴퓨터정보학회논문지
• /
• 제24권11호
• /
• pp.99-107
• /
• 2019

사이버 보안을 위한 활동인 '위험관리(Risk management)'와 '보안관제(security monitoring)' 업무는 미래에 발생할 보안 위협에 대비하고 보안 사고를 최소화 하는 활동이라는 점에서 깊은 상관관계를 가지고 있다. 또한 위험관리와 보안관제 분야 모두 관리자에게 시각적으로 그 정보자산에 대한 위협을 보여주는 패턴 모델을 적용하는 것이 효과적이다. 검증받은 패턴모델로는 전통적인 품질관리 분야에서 오랫동안 사용되어온 '관리도'(control chart)모델이 존재하지만 정보시스템의 사이버 위험관리와 보안관제에서의 활용은 부족하다. 이에 본 논문에서는 위험관리와 보안관제 시스템을 통합한 사이버 SRM(Security Risk Monitoring)시스템을 설계하였다. SRM은 '관리도'의 패턴을 이용한 '보안대책' (security control)의 적용 전략을 제시한다. 보안대책은 기존의 표준화된 보안대책 집합인 ISMS, NIST SP 800-53, CC를 통합적으로 적용하였다. 이를 활용하여 2014~2018년 까지 4년간 우리나라사이버위기 경보동향을 분석하였고 이는 향후 보다 유연한 보안대책 수립을 가능하게 한다.