• The Journal of the Convergence on Culture Technology
• /
• v.7 no.1
• /
• pp.674-681
• /
• 2021

Cyber attacks targeting critical infrastructure are on the rise. Critical infrastructure is defined as core infrastructures within a country with a high degree of interdependence between the different structures; therefore, it is difficult to sufficiently protect it using outdated cybersecurity techniques. In particular, the distinction between the physical and logical risks of critical infrastructure is becoming ambiguous; therefore, risk management from a comprehensive perspective must be implemented. Accordingly, as a means of further actively protecting critical infrastructure, major countries have begun to apply their security and cybersecurity systems by design, as a more expanded concept is now being considered. This proactive security approach (CSbD, Cybersecurity by Design) includes not only securing the stability of software (SW) safety design and management, but also physical politics and device (HW) safety, precautionary and blocking measures, and overall resilience. It involves a comprehensive security system. Therefore, this study compares and analyzes security by design measures towards critical infrastructure that are leading the way in the US, Europe, and Singapore. It reflects the results of an analysis of optimal cybersecurity solutions for critical infrastructure. I would like to present a plan for applying by Design.

• Electronics and Telecommunications Trends
• /
• v.34 no.5
• /
• pp.58-70
• /
• 2019

In this paper, we present the R&D status of ETRI's Trusted Reality (TR) project and its core technologies. ETRI's TR project focuses on the next-generation paradigm of smart phones, ETRI-TR Smart Glasses, which aims to provide the same features as those of smart phones without the involvement of any handheld device. Furthermore, they are characterized by additional features enabled by trustworthy VR/AR/MR/XR, such as privacy masking/unmasking, distributed structure of thin-client computing/networking among TR-Glasses, TR-LocalEdge, and TR-RemoteEdge, with novel see-through eyes-direct communication between IoT real/virtual objects and human eyes. Based on these core technologies of the ETRI's TR project, the human-held ETRI-TR Smart Glasses is expected to aid in the realization of XR vision with particularly more XR's safe_privacy on social life in the near future.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.10a
• /
• pp.375-378
• /
• 2009

DDoS attacks make people can't using normal internet service, because DDoS attacks cause exhaustion of network bandwidth or exhaustion of computer system resources by using many personal computers or servers which already infected computer virus from hackers. Recent DDoS attacks attack government brach, financial institution, even IT security company. IT security companies make Anti-DDoS product for defense from DDoS attack. But, There is no standard for BMT of Anti-DDoS product. In this dissertation, Anti-DDoS product quality characteristics of the survey analysis to evaluate them by comparing the assessment items were derived.

• Journal of Platform Technology
• /
• v.10 no.4
• /
• pp.82-90
• /
• 2022

emerging. And it shows numerous possibilities and tremendous potentials in the virtual world. This metaverse is not limited to one type, but it is evolving and developing into a service in the form of a virtual convergence economy by breaking down boundaries. As a result, various security issues in metaverse are emerging. Metaverse performs all activities in the virtual space, so various problems such as privacy infringement, virtual asset theft, or fraud can occur. In this paper, a service security model is proposed to provide safe services on metaverse. To this end, we analyze security threats in the metaverse framework and propose a security service model to prevent threats. By evaluating the security of the proposed model, it was shown that safe services are effectively possible on the metaverse.

• Convergence Security Journal
• /
• v.19 no.2
• /
• pp.105-111
• /
• 2019

Since the problem-based learning (PBL) shows the effectiveness of self-directed learning ability and internalization of learning motivation in the process of solving real problems, studies on PBL and application cases are actively pursued in the university education. This study analyzed the effects of PBL on the academic achievement and computational thinking in a non-SW major students' programming course. The programing course was divided into the PBL class and non-PBL class, and at the end of the classes, the scores of the exams and the results of questionnaires about the educational effectiveness and computational thinking were analyzed. As a result, the students in the PBL class, compared to those in the non-PBL class, showed significantly higher scores in the areas of the algorithm implementing skill, self-directed learning, problem solving ability, and continuous learning motivation.

• Annual Conference of KIPS
• /
• 2015.04a
• /
• pp.491-493
• /
• 2015

사이버전의 위협은 종전에는 정보체계와 인터넷망에 국한되는 것으로 여겨졌으나 현재에는 망분리 환경이나 정보체계가 아닌 소프트웨어에 대해서도 위협이 실제하고 있으며, 그 공격 양상이 다양화 복합화 되는 경향을 보이고 있다. 향후 사이버전은 융복합 무기체계가 포함하고 있는 다양한 내장형 소프트웨어에 공격으로 확대될 것이며, 이에 따라 무기체계 내장형 소프트웨어에 대한 사이버전 대용 준비가 필요하다. 본 논문에서는 무기체계 내장형 소프트웨어의 사이버전 대용을 위한 방안으로 무기체계 내장형 소프트웨어의 보안성 강화를 위한 보안강화코딩(시큐어 코딩)을 적용 보안 프레임워크를 제안한다.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2022.06a
• /
• pp.48-49
• /
• 2022

현재 해양수산부에서 발주하여 선박해양플랜트연구소에서 주관하여 진행하고 있는 해양 디지털 항로표지 정보 협력 시스템 과제가 진행 중에 있다. 해양 디지털 항로표지 정보 협력 시스템 과제는 실증 센터 구축을 목표 중 하나로 잡고 있으며, 실증 센터 구축을 위해서는 실증센터 구축 이전에 연구개발 결과물을 유사한 환경에서 성능을 검증할 필요가 있다. 또한 해양 디지털 항로표지 정보 협력 시스템 과제는 외부의 정보를 활용할 필요가 있어 정보통신의 측면에서의 보안이 유지되는 공간이 필요하다. 이를 위하여 본 연구에서는 보안이 필요한 서비스 설치 공간와 일반사용자가 서비스를 사용하기 위해 일반적으로 접근이 가능한 공간을 연결하고, 연결 방법에 대하여 분석하였다. 또한 서비스 개발 기관에서 개발 중인 서비스 코드를 보안 공간으로 전송하여, 시스템 설치 및 SW 품질 테스트 등이 용이한 방안에 대하여 연구하였다.

• Review of KIISC
• /
• v.33 no.6
• /
• pp.79-87
• /
• 2023

사이버위협의 증가로 사이버보안 역량을 강화할 수 있는 사이버훈련에 대한 요구가 점점 증가하고 있다. 사이버훈련이란 개인의 사이버보안 역량 강화 및 사이버공격에 대한 조직적 대응을 단련하는 일련의 행위를 가리킨다. 최근 IT 영역에서 실생활과 밀접한 관계가 있는 OT 영역으로 사이버공격 범위가 늘어나 그 피해는 증가하고 있다. 이로 인해 이들 사이버공격에 대비한 사이버훈련이 필요하며, IT 위주에서 OT를 포함한 사이버훈련으로 확장할 필요가 있다. 본고에서는 IT와 함께 OT 영역까지 사이버훈련을 수행할 수 있는 사이버훈련장 구축 연구를 소개한다. 본고에서는 OT 영역을 11개의 국가기반시설로 분류하였고, OT 사이버환경을 SW 기반으로 구축할 수 있는 방안을 제안한다. 제안된 사이버훈련장을 통해 IT와 OT 대상 사이버공격에 대한 사이버훈련을 수행할 수 있으며 사이버보안 역량을 강화할 수 있다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.335-345
• /
• 2024

In the digital era, data security has become an increasingly critical issue, drawing significant attention. Particularly, anti-tampering technology has emerged as a key defense mechanism against indiscriminate hacking and unauthorized access. This paper explores case studies that exemplify the trends in the development and application of TPM (Trusted Platform Module) and software anti-tampering technology in today's digital ecosystem. By analyzing various existing security guides and guidelines, this paper identifies ambiguous areas within them and investigates recent trends in domestic and international research on software anti-tampering. Consequently, while guidelines exist for applying anti-tampering techniques, it was found that there is a lack of methods for evaluating them. Therefore, this paper aims to propose a comprehensive and systematic evaluation framework for assessing both existing and future software anti-tampering techniques. To achieve this, it using various verification methods employed in recent research. The proposed evaluation framework synthesizes these methods, categorizing them into three aspects (functionality, implementation, performance), thereby providing a comprehensive and systematic evaluation approach for assessing software anti-tampering technology in detail.

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.89-104
• /
• 2024

This study is an empirical study to examine the factors that influence the intention to use artificial intelligence (AI) technology for SW engineering-related tasks, and the purpose of the study is to understand the key factors that influence the use in terms of AI augmentation characteristics and interactive UI/UX characteristics. For this purpose, a survey was conducted among information and communication workers who have experience in using AI-related technologies and the collected data was analyzed. The results of the empirical analysis showed that perceived usefulness was positively influenced by the factors of expertise, interestingness, realism, aesthetics, efficiency, and flexibility, and perceived ease of use was positively influenced by the factors of expertise, interestingness, realism, aesthetics, and flexibility. Variety had no effect on both perceived ease of use and perceived usefulness. Perceived ease of use had a significant effect on perceived immersion, which positively influenced intention to use. These findings are significant in that they provide an academic understanding of the factors that influence the use of AI-enhanced tools in SW engineering-related tasks such as application design, development, testing, and process automation, as well as practical directions for the creators of tools that provide AI-enhanced development services to develop user acquisition strategies.