• Title/Summary/Keyword: Cyber threats

Search Result 385, Processing Time 0.026 seconds

Methodology of Cyber Security Assessment in the Smart Grid

  • Woo, Pil Sung;Kim, Balho H.
    • Journal of Electrical Engineering and Technology
    • /
    • v.12 no.2
    • /
    • pp.495-501
    • /
    • 2017
  • The introduction of smart grid, which is an innovative application of digital processing and communications to the power grid, might lead to more and more cyber threats originated from IT systems. In other words, The Energy Management System (EMS) and other communication networks interact with the power system on a real time basis, so it is important to understand the interaction between two layers to protect the power system from potential cyber threats. This paper aims to identify and clarify the cyber security risks and their interaction with the power system in Smart Grid. In this study, the optimal power flow (OPF) and Power Flow Tracing are used to assess the interaction between the EMS and the power system. Through OPF and Power Flow Tracing based analysis, the physical and economic impacts from potential cyber threats are assessed, and thereby the quantitative risks are measured in a monetary unit.

ICT Adoption and Cyber Security of Korean SMEs (중소기업의 ICT 도입과 사이버 안전에 관한 연구)

  • Jung, Jeyong
    • Journal of the Korea Safety Management & Science
    • /
    • v.23 no.2
    • /
    • pp.53-63
    • /
    • 2021
  • Small and medium-sized enterprises(SMEs) continue to adopt ICT to gain an edge in organizational innovation and competition. This has a management advantage, but it also brings vulnerabilities as to cyber security. Therefore, the purpose of this study is to conduct an exploratory study on the cyber security situation of SMEs. A survey was conducted on Korean SMEs to determine how well they are connected to ICT and how much they are exposed to cyber security threats. The results suggest two things. First, Korean SMEs are well connected to ICT, but there is a gap between the actual adoption and human recognition of its importance. Second, security threats and breaches affect the majority of SMEs, but several problems including costs have not been properly evaluated. The results of this study are expected to help improve the cyber security management system of Korean SMEs.

A Survey on Cyber Physical System Security for IoT: Issues, Challenges, Threats, Solutions

  • Kim, Nam Yong;Rathore, Shailendra;Ryu, Jung Hyun;Park, Jin Ho;Park, Jong Hyuk
    • Journal of Information Processing Systems
    • /
    • v.14 no.6
    • /
    • pp.1361-1384
    • /
    • 2018
  • Recently, Cyber Physical System (CPS) is one of the core technologies for realizing Internet of Things (IoT). The CPS is a new paradigm that seeks to converge the physical and cyber worlds in which we live. However, the CPS suffers from certain CPS issues that could directly threaten our lives, while the CPS environment, including its various layers, is related to on-the-spot threats, making it necessary to study CPS security. Therefore, a survey-based in-depth understanding of the vulnerabilities, threats, and attacks is required of CPS security and privacy for IoT. In this paper, we analyze security issues, threats, and solutions for IoT-CPS, and evaluate the existing researches. The CPS raises a number challenges through current security markets and security issues. The study also addresses the CPS vulnerabilities and attacks and derives challenges. Finally, we recommend solutions for each system of CPS security threats, and discuss ways of resolving potential future issues.

Vulnerabilities, Threats and Challenges on Cyber Security and the Artificial Intelligence based Internet of Things: A Comprehensive Study

  • Alanezi, Mohammed Ateeq
    • International Journal of Computer Science & Network Security
    • /
    • v.22 no.2
    • /
    • pp.153-158
    • /
    • 2022
  • The Internet of Things (IoT) has gotten a lot of research attention in recent years. IoT is seen as the internet's future. IoT will play a critical role in the future, transforming our lifestyles, standards, and business methods. In the following years, the use of IoT in various applications is likely to rise. In the world of information technology, cyber security is critical. In today's world, protecting data has become one of the most difficult tasks. Different type of emerging cyber threats such as malicious, network based and abuse of network have been identified in the IoT. These can be done by virus, Phishing, Spam and insider abuse. This paper focuses on emerging threats, various challenges and vulnerabilities which are faced by the cyber security in the field of IoT and its applications. It focuses on the methods, ethics, and trends that are reshaping the cyber security landscape. This paper also focuses on an attempt to classify various types of threats, by analyzing and characterizing the intruders and attacks facing towards the IoT devices and its services.

Technological Trends in Intelligent Cyber Range (지능형 사이버 훈련장의 기술 동향)

  • Yu, J.H.;Koo, K.J.;Kim, I.K.;Moon, D.S.
    • Electronics and Telecommunications Trends
    • /
    • v.37 no.4
    • /
    • pp.36-45
    • /
    • 2022
  • As the interest in achieving an intelligent society grows with the fourth industrial revolution's development, information and communications technologies technologies like artificial intelligence (AI), Internet of Things, virtual reality, information security, and blockchain technology are being actively employed in different fields for achieving an intelligent society. With these modifications, the information security paradigm in industrial and public institutions, like personal sensitive data, is quickly changing, and it is exposed to different cyber threats and breaches. Furthermore, as the number of cyber threats and breaches grows, so does the need for rapid detection and response. This demand can be satisfied by establishing cyber training programs and fostering experts that can improve cyber security abilities. In this study, we explored the domestic and international technology trends in cyber security education and training facilities for developing experts in information security. Additionally, the AI technology application in the cyber training ground, which can be established to respond to and deter cyber threats that are becoming more intelligent, was examined.

A Study on Threat Detection Model using Cyber Strongholds (사이버 거점을 활용한 위협탐지모델 연구)

  • Inhwan Kim;Jiwon Kang;Hoonsang An;Byungkook Jeon
    • Convergence Security Journal
    • /
    • v.22 no.1
    • /
    • pp.19-27
    • /
    • 2022
  • With the innovative development of ICT technology, hacking techniques of hackers are also evolving into sophisticated and intelligent hacking techniques. Threat detection research to counter these cyber threats was mainly conducted in a passive way through hacking damage investigation and analysis, but recently, the importance of cyber threat information collection and analysis is increasing. A bot-type automation program is a rather active method of extracting malicious code by visiting a website to collect threat information or detect threats. However, this method also has a limitation in that it cannot prevent hacking damage because it is a method to identify hacking damage because malicious code has already been distributed or after being hacked. Therefore, to overcome these limitations, we propose a model that detects actual threats by acquiring and analyzing threat information while identifying and managing cyber bases. This model is an active and proactive method of collecting threat information or detecting threats outside the boundary such as a firewall. We designed a model for detecting threats using cyber strongholds and validated them in the defense environment.

Cyber Threat and Vulnerability Analysis-based Risk Assessment for Smart Ship

  • Jeoungkyu Lim;Yunja Yoo
    • Journal of the Korean Society of Marine Environment & Safety
    • /
    • v.30 no.3
    • /
    • pp.263-274
    • /
    • 2024
  • The digitization of ship environments has increased the risk of cyberattacks on ships. The smartization and automation of ships are also likely to result in cyber threats. The International Maritime Organization (IMO) has discussed the establishment of regulations at the autonomous level and has revised existing agreements by dividing autonomous ships into four stages, where stages 1 and 2 are for sailors who are boarding ships while stages 3 and 4 are for those not boarding ships. In this study, the level of a smart ship was classified into LEVELs (LVs) 1 to 3 based on the autonomous levels specified by the IMO. Furthermore, a risk assessment for smart ships at various LVs in different risk scenarios was conducted The cyber threats and vulnerabilities of smart ships were analyzed by dividing them into administrative, physical, and technical security; and mitigation measures for each security area were derived. A total of 22 cyber threats were identified for the cyber asset (target system). We inferred that the higher the level of a smart ship, the greater the hyper connectivity and the remote access to operational technology systems; consequently, the greater the attack surface. Therefore, it is necessary to apply mitigation measures using technical security controls in environments with high-level smart ships.

Detecting Cyber Threats Domains Based on DNS Traffic (DNS 트래픽 기반의 사이버 위협 도메인 탐지)

  • Lim, Sun-Hee;Kim, Jong-Hyun;Lee, Byung-Gil
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.37B no.11
    • /
    • pp.1082-1089
    • /
    • 2012
  • Recent malicious attempts in Cyber space are intended to emerge national threats such as Suxnet as well as to get financial benefits through a large pool of comprised botnets. The evolved botnets use the Domain Name System(DNS) to communicate with the C&C server and zombies. DNS is one of the core and most important components of the Internet and DNS traffic are continually increased by the popular wireless Internet service. On the other hand, domain names are popular for malicious use. This paper studies on DNS-based cyber threats domain detection by data classification based on supervised learning. Furthermore, the developed cyber threats domain detection system using DNS traffic analysis provides collection, analysis, and normal/abnormal domain classification of huge amounts of DNS data.

A study on classification of the security controls for the effective implementation to nuclear power plant

  • Han, Sang Min;Lee, Chanyoung;Chae, Young Ho;Seong, Poong Hyun
    • Nuclear Engineering and Technology
    • /
    • v.54 no.4
    • /
    • pp.1245-1252
    • /
    • 2022
  • As regulatory bodies require full implementation of security controls in nuclear power plants (NPPs), security functions for critical digital assets are currently being developed. For the ultimate introduction of security controls, not alternative measures, it is important to understand the relationship between possible cyber threats to NPPs and security controls to prevent them. To address the effectiveness of the security control implementation, this study investigated the types of cyber threats that can be prevented when the security controls are implemented through the mapping of the reorganized security controls in RS-015 to cyber threats on NPPs. Through this work, the cyber threat that each security control can prevent was confirmed, and the effectiveness of several strategies for implementing the security controls were compared. This study will be a useful reference for utilities or researchers who cannot use design basis threat (DBT) directly and be helpful when introducing security controls to NPPs that do not have actual security functions.

A Study on the Domestic Model for Cyber Threat Information Sharing by Analyzing the Relevant Systems of Major Advacnced Countries (주요국의 사이버위협정보 공유체계 분석을 통한 국내 적용모델 연구)

  • Yoon, Oh Jun;Cho, Chang Seob;Park, Jeong Keun;Bae, Sun Ha;Shin, Yong Tae
    • Convergence Security Journal
    • /
    • v.16 no.7
    • /
    • pp.101-111
    • /
    • 2016
  • The recent cyber threats are becoming real threats to our lives. This gloomy situation from cyber threats necessarily demands the establishment of the cyber threat information sharing system between the public and private area. Key countries, like the US, Japan and the UK, are stabilizing the cyber threat information sharing systems by founding exclusive organizations for sharing information and setting up and implementing relevant measures. In this thesis, I would like to propose the model for cyber threat information sharing in order to cope efficiently with the ever-intensifying cyber threats. My model would include key elements for the efficient information sharing, such as the clear designation of main operator of information sharing system, the management of collaboration system between the public and private sector, the build-up of the integrated and automated system and the supplementation of legal system including the grant of privilege, and so on.