• International Journal of Computer Science & Network Security
• /
• v.24 no.9
• /
• pp.85-92
• /
• 2024

Information Security is the foremost concern for IoT (Internet of things) devices and applications. Since the advent of IoT, its applications and devices have experienced an exponential increase in numerous applications which are utilized. Nowadays we people are becoming smart because we started using smart devices like a smartwatch, smart TV, smart home appliances. These devices are part of the IoT devices. The IoT device differs widely in capacity storage, size, computational power, and supply of energy. With the rapid increase of IoT devices in different IoT fields, information security, and privacy are not addressed well. Most IoT devices having constraints in computational and operational capabilities are a threat to security and privacy, also prone to cyber-attacks. This study presents a CIA triad-based information security implementation for the four-layer architecture of the IoT devices. An overview of layer-wise threats to the IoT devices and finally suggest CIA triad-based security techniques for securing the IoT devices..Make sure that the abstract is written as one paragraph.

• Smart Media Journal
• /
• v.6 no.3
• /
• pp.95-102
• /
• 2017

A large volume of research has been devoted to the development of security tools for protecting the Smart Grid systems, however the most of them have not taken the Availability, Integrity, Confidentiality (AIC) security triad model, not like CIA triad model in traditional Information Technology (IT) systems, into account the security measures for the electricity control systems. Thus, this study would propose a novel security framework, an abnormal behavior detection system, to maximize the availability of the control systems by considering a unique set of characteristics of the systems.

• Convergence Security Journal
• /
• v.14 no.1
• /
• pp.11-21
• /
• 2014

South Korea should not be in subordinate position in international relationships like the past. As the status of middle power. South Korea achieves peaceful unification through overcoming North Korea's nuclear and conventional threats, and builds military power in Northeast Asia as a 'balancer'. This can firstly be achieved by constructing "attack systems triad". 'attack systems triad' can be established through integrating the C41SR as a common strategy for the purposes of preemptive deterrence and retaliatory deterrence against the dangers of the present and the future. Second, denial deterrence can be achieved by establishing "defense system triad" by combining common military power and defensive weapon system. Finally, development of independent advanced technological strategies can be achieved by building defense industry and combination of research and development through constructing "Infra triad". As for constructing and reinforcing the future of the ROK military, a unilateral principle and policy efforts to achieve the aforementioned force construction models are needed. This can only be achieved through the government's national vision to take on the role of mediator and a basis founded upon the consensus of the public.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.15-26
• /
• 2022

Various subjects are carrying out cyberattacks using a variety of tactics and techniques. Additionally, cyberattacks for political and economic purposes are also being carried out by groups which is sponsored by its nation. To deal with cyberattacks, researchers used to classify the malware family and the subjects of the attack based on malware signature. Unfortunately, attackers can easily masquerade as other group. Also, as the attack varies with subject, techniques, and purpose, it is more effective for defenders to identify the attacker's purpose and goal to respond appropriately. The essential goal of cyberattacks is to threaten the information security of the target assets. Information security is achieved by preserving the confidentiality, integrity, and availability of the assets. In this paper, we relabel the attacker's goal based on MITRE ATT&CK® in the point of CIA triad as well as classifying cyber security reports to verify the labeling method. Experimental results show that the model classified the proposed CIA label with at most 80% probability.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.445-457
• /
• 2013

This paper is about the study to build a quantitative methodology to assess cyber threats and vulnerabilities on control systems. The SCADA system in power industry is one of the most representative and biggest control systems. The SCADA system was originally a local system but it has been extended to wide area as both ICT and power system technologies evolve. Smart Grid is a concept to integrate energy and IT systems, and therefore the existing cyber threats might be infectious to the power system in the integration process. Power system is operated on a real time basis and this could make the power system more vulnerable to the cyber threats. It is a unique characteristic of power systems different from ICT systems. For example, availability is the most critical factor while confidentiality is the one from the CIA triad of IT security. In this context, it is needed to reflect the different characteristics to assess cyber security risks in power systems. Generally, the risk(R) is defined as the multiplication of threat(T), vulnerability(V), and asset(A). This formula is also used for the quantification of the risk, and a conceptual methodology is proposed for the objective in this study.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.45-52
• /
• 2021

The article proves the relevance of developing conceptual frameworks for managing the quality assurance of logistics activities in the context of socio-economic interaction of their participants. It is established that the fundamental difference of the logistic approach in management from traditional approaches is the allocation of a single management function of previously separated, disparate material flows, as well as economic, technological, information integration of chain links into a single system capable of effective management of these flows. It is substantiated that the functioning of the enterprise as a logistics system can be represented in the form of a triad of logistics components, namely: supply logistics, production logistics, sales logistics. Management of quality assurance processes of logistics activities in the context of socio-economic interaction of their participants is a functional component of the entire logistics system due to the quality of work and interaction of all participants in the implementation of certain activities. The quality of logistics activities will affect the level of economic potential, rationalization and optimization of all logistics flows. It is proved that the management of quality assurance processes of logistics activities in the context of socio-economic interaction of their participants involves the following main areas: the introduction of a quality system of logistics processes; development and implementation of the general strategy of quality improvement at the enterprise; internal integration; controlling. Management of quality assurance processes of logistics activities in the context of socio-economic interaction of its participants requires compliance with the following requirements: systematic and comprehensive management of all flow processes; coordination of criteria and indicators for assessing the effectiveness of the entire logistics system; dissemination of the use and application of information technology; ensuring partnerships and close interaction of all participants in sales networks.

• Strategy21
• /
• s.31
• /
• pp.57-84
• /
• 2013

North Korea's continuous threats and provocative behaviors have aggravated tension on the Korean peninsula particularly with the recent nuclear weapons test. South Korea's best way to cope with this situation is to maintain the balance among three policy directions: dialogue, sanctions, and deterrence. Among the three, I argue that deterrence should be prioritized. There are different sources of deterrence such as military power, economic power, and diplomatic clouts. States can build deterrence capability independently. Alternatively, they may do so through relations with other states including alliances, bilateral relations, or multilateral relations in the international community. What South Korea needs most urgently is to maintain deterrence against North Korea's local provocations through the enhancement of independent military capability particularly by addressing the asymmetric vulnerability between militaries of the South and the North. Most of all, the South Korean government should recognize the seriousness of the negative consequences that North Korea's 'Nuclear shadow strategy' would bring about for the inter-Korea relations and security situations in Northeast Asia. Based on this understanding, it should develop an 'assertive deterrence strategy' that emphasizes 'multi-purpose, multi-stage, and tailored deterrence whose main idea lies in punitive retaliation.' This deterrence strategy requires a flexible targeting policy and a variety of retaliatory measures capable of taking out all targets in North Korea. At the same time, the force structures of the army, the air force, and the navy should be improved in a way that maximizes their deterrence capability. For example, the army should work on expanding the guided missile command and the special forces command and reforming the reserve forces. The navy and the air force should increase striking capabilities including air-to-ground, ship-to-ground, and submarine-to-ground strikes to a great extent. The marine corps can enhance its deterrence capability by changing the force structure from the stationary defense-oriented one that would have to suffer some degree of troop attrition at the early stage of hostilities to the one that focuses on 'counteroffensive landing operations.' The government should continue efforts for defense reform in order to obtain these capabilities while building the 'Korean-style triad system' that consists of advanced air, ground, and surface/ subsurface weapon systems. Besides these measures, South Korea should start to acquire a minimum level of nuclear potential within the legal boundary that the international law defines. For this, South Korea should withdraw from the Nuclear Non-proliferation Treaty. Moreover, it should obtain the right to process and enrich uranium through changing the U.S.-South Korea nuclear cooperation treaty. Whether or not we should be armed with nuclear weapons should not be understood in terms of "all or nothing." We should consider an 'in-between' option as the Japanese case proves. With regard to the wartime OPCON transition, we need to re-consider the timing of the transition as an effort to demonstrate the costliness of North Korea's provocative behaviors. If impossible, South Korea should take measures to make the Strategic Alliance 2015 serve as a persisting deterrence system against North Korea. As the last point, all the following governments of South Korea should keep in mind that continuing reconciliatory efforts should always be pursued along with other security policies toward North Korea.