• Title/Summary/Keyword: cyber M&S

Search Result 71, Processing Time 0.028 seconds

Research on System Architecture and Simulation Environment for Cyber Warrior Training (사이버전사의 훈련을 위한 시스템 구축 방안 연구)

  • Ahn, Myung Kil;Kim, Yong Hyun
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.2
    • /
    • pp.533-540
    • /
    • 2016
  • It is important to establish the environment for cyber warrior training, testing support and effectiveness analysis in order to cope with sharply increasing cyber threat. However, those practices cannot be easily performed in real world and are followed with many constraints. In this paper, we propose a live/virtual M&S-based system for training/testing and constructive M&S-based system for effectiveness analysis to provide an environment similar to real world. These can be utilized to strengthen the capability to carry out cyber war and analyze the impact of cyber threat under the large-scale networks.

Integrated Scenario Authoring Method using Mission Impact Analysis Tool due to Cyber Attacks (사이버공격에 의한 임무영향 분석 도구를 이용한 통합시나리오 저작 방법)

  • Yonghyun Kim;Donghwa Kim;Donghwan Lee;Juyoub Kim;Myung Kil Ahn
    • Journal of Internet Computing and Services
    • /
    • v.24 no.6
    • /
    • pp.107-117
    • /
    • 2023
  • It must be possible to assess how combat actions taking place in cyberspace affect the military's major mission systems and weapon systems. In order to analyze the mission impact caused by a cyber attack through cyber M&S, the target mission system and cyber warfare elements must be built as a model and a scenario for simulation must be authored. Many studies related to mission impact analysis due to cyber warfare have been conducted focusing on the United States, and existing studies have authored separate scenarios for physical battlefields and cyber battlefields. It is necessary to build a simulation environment that combines a physical battlefield model and a cyber battlefield model, and be able to integrate and author mission scenarios and cyber attack/defense scenarios. In addition, the physical battlefield and cyber battlefield are different work areas, so authoring two types of scenarios for simulation is very complicated and time-consuming. In this paper, we propose a method of using mission system information to prepare the data needed for scenario authoring in advance and using the pre-worked data to author an integrated scenario. The proposed method is being developed by reflecting it in the design of the scenario authoring tool, and an integrated scenario authoring in the field of counter-fire warfare is being performed to prove the proposed method. In the future, by using a scenario authoring tool that reflects the proposed method, it will be possible to easily author an integrated scenario for mission impact analysis in a short period of time.

Trends on U.S. Cyber Security Event Notifications and its Implications

  • Byun, Ye-Eun;Shin, Ick-Hyun;Kwon, Kook-Heui;Kim, Sang-Woo
    • Annual Conference of KIPS
    • /
    • 2015.04a
    • /
    • pp.449-451
    • /
    • 2015
  • When cyber attacks are discovered in nuclear facilities, licensees are required to notify regulatory organizations for quick action. This also helps regulatory organizations to strengthen regulatory capabilities for cyber security. Currently the U.S. issued the final draft rule for Cyber Security Event Notifications. Domestic regulatory activities being at an early stage for cyber security need to implement law for Cyber Security Event Notifications. Since the current laws are focused on the aspect of safety, they are in need of more specific laws for cyber security.

Cyber Kill Chain-Based Taxonomy of Advanced Persistent Threat Actors: Analogy of Tactics, Techniques, and Procedures

  • Bahrami, Pooneh Nikkhah;Dehghantanha, Ali;Dargahi, Tooska;Parizi, Reza M.;Choo, Kim-Kwang Raymond;Javadi, Hamid H.S.
    • Journal of Information Processing Systems
    • /
    • v.15 no.4
    • /
    • pp.865-889
    • /
    • 2019
  • The need for cyber resilience is increasingly important in our technology-dependent society where computing devices and data have been, and will continue to be, the target of cyber-attackers, particularly advanced persistent threat (APT) and nation-state/sponsored actors. APT and nation-state/sponsored actors tend to be more sophisticated, having access to significantly more resources and time to facilitate their attacks, which in most cases are not financially driven (unlike typical cyber-criminals). For example, such threat actors often utilize a broad range of attack vectors, cyber and/or physical, and constantly evolve their attack tactics. Thus, having up-to-date and detailed information of APT's tactics, techniques, and procedures (TTPs) facilitates the design of effective defense strategies as the focus of this paper. Specifically, we posit the importance of taxonomies in categorizing cyber-attacks. Note, however, that existing information about APT attack campaigns is fragmented across practitioner, government (including intelligence/classified), and academic publications, and existing taxonomies generally have a narrow scope (e.g., to a limited number of APT campaigns). Therefore, in this paper, we leverage the Cyber Kill Chain (CKC) model to "decompose" any complex attack and identify the relevant characteristics of such attacks. We then comprehensively analyze more than 40 APT campaigns disclosed before 2018 to build our taxonomy. Such taxonomy can facilitate incident response and cyber threat hunting by aiding in understanding of the potential attacks to organizations as well as which attacks may surface. In addition, the taxonomy can allow national security and intelligence agencies and businesses to share their analysis of ongoing, sensitive APT campaigns without the need to disclose detailed information about the campaigns. It can also notify future security policies and mitigation strategy formulation.

A Study on an Extended Cyber Attack Tree for an Analysis of Network Vulnerability (네트워크 취약성 분석을 위한 확장된 사이버 공격 트리에 관한 연구)

  • Eom, Jung Ho;Park, Seon Ho;Chung, Tai M.
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.6 no.3
    • /
    • pp.49-57
    • /
    • 2010
  • We extended a general attack tree to apply cyber attack model for network vulnerability analysis. We defined an extended cyber attack tree (E-CAT) which extends the general attack tree by associating each node of the tree with a transition of attack that could have contributed to the cyber attack. The E-CAT resolved the limitation that a general attack tree can not express complex and sophisticate attacks. Firstly, the Boolean expression can simply express attack scenario with symbols and codes. Secondary, An Attack Generation Probability is used to select attack method in an attack tree. A CONDITION-composition can express new and modified attack transition which a aeneral attack tree can not express. The E-CAT is possible to have attack's flexibility and improve attack success rate when it is applied to cyber attack model.

A Research on Effective Cyber-Physical Systems Tests Using EcoHILS (EcoHILS를 활용한 효율적인 CPS 시험에 관한 연구)

  • Kim, Min-Jo;Kang, Sungjoo;Chun, In-Geol;Kim, Won-Tae
    • IEMEK Journal of Embedded Systems and Applications
    • /
    • v.9 no.4
    • /
    • pp.211-217
    • /
    • 2014
  • Cyber-Physical Systems(CPS) that mostly provides safety-critical and mission-critical services requires high reliability, so that system testing is an essential and important process. Hardware-In-the-Loop Simulation(HILS) is one of the extensively used techniques for testing hardware systems. However, most conventional HILS has problems that it is difficult to support a distributed operating environment and to reuse a HILS platform. In this paper, we introduce EcoHILS(ETRI CPS Open Human-Interactive hardware-in-the-Loop Simulator) in order to test CPS effectively. Moreover, feasibility tests and performance tests of EcoHILS are performed to confirm its effectiveness.

Machine-to-Machine Communications: Architectures, Standards and Applications

  • Chen, Min;Wan, Jiafu;Li, Fang
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.6 no.2
    • /
    • pp.480-497
    • /
    • 2012
  • As a new business concept, machine-to-machine (M2M) communications are born from original telemetry technology with the intrinsic features of automatic data transmissions and measurement from remote sources typically by cable or radio. M2M includes a number of technologies that need to be combined in a compatible manner to enable its deployment over a broad market of consumer electronics. In order to provide better understanding for this emerging concept, the correlations among M2M, wireless sensor networks, cyber-physical systems (CPS), and internet of things are first analyzed in this paper. Then, the basic M2M architecture is introduced and the key elements of the architecture are presented. Furthermore, the progress of global M2M standardization is reviewed, and some representative applications (i.e., smart home, smart grid and health care) are given to show that the M2M technologies are gradually utilized to benefit people's life. Finally, a novel M2M system integrating intelligent road with unmanned vehicle is proposed in the form of CPS, and an example of cyber-transportation systems for improving road safety and efficiency are introduced.

The Effects of Cyber Education in RN-BSN's Courses (RN-BSN 과정에서 사이버교육의 효과)

  • Kim, Hee-Soon;Oh, Ka-Sil;Lee, Kyung-Ja;Chang, Hwa-Kyoung
    • The Journal of Korean Academic Society of Nursing Education
    • /
    • v.9 no.2
    • /
    • pp.212-221
    • /
    • 2003
  • The purpose of this study was to evaluate the effects and define the educational strategies of the cyber education offered to students for Bachelor of Science degree program(RN-BSN). The participants in this study were 67 students in two courses, Growth and Development, and Nursing Process. The main components of the cyber classes were the electronic board and on-line discussion board. The study was conducted from March 4, 2001 to July 23, 2001 at Y University in Seoul, Korea. To examine the effects of the cyber education, learning motivation, and learning satisfaction were measured by questionnaires to the students before the initial class and after completing the class. Learning achievement was measured by the grades for each course. The data were analyzed using frequencies, t-test, and paired t-test. The specific results of the course evaluation were compared and analysis was done to examine differences between traditional classroom teaching and cyber teaching. The study results are as follows: 1. There were no significant differences on total scores for learning motivation between pre-cyber education and post-cyber education. However, there were significant decreases in the post test compared to the pre test for the items, ' I'd like to get as high a score as possible compared to other students (t=-2.20, p=.03)' and ' I'm sure to acquire good grades(t=-5.22, p=.00) '. 2. The average score for learning satisfaction using cyber education was high at 3.52. 3. To define learning achievement using cyber education, grades for students taking cyber classes this year were compared to student grades for a class using traditional lassroom teaching last year. The score was significantly higher for classroom students in the 'Growth and Development' course (t=-3.5, p<.001), and the score was significantly higher for the cyber education students in the 'Nursing Process' course (t=4.3, p<.000). 4. The average of post scores on computer competency was significantly higher on six items, general knowledge about computers, data management and data research, ability to communicate using computer, and internet surfing. On the basis of the above findings, this study suggests that cyber education in nursing courses is effective and readily available. However, it is recommended that consideration be given to characteristics of the course when developing cyber education programs for nursing courses.

  • PDF

An Experimental Environment for Simulation of Stealthy Deception Attack in CPS Using PLCitM (PLC in the Middle) (중간자 PLC를 이용한 CPS 은닉형 공격 실험환경 구축 방안)

  • Chang, Yeop;Lee, Woomyo;shin, Hyeok-Ki;Kim, Sinkyu
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.1
    • /
    • pp.123-133
    • /
    • 2018
  • Cyber-Physical System (CPS) is a system in which a physical system and a cyber system are strongly integrated. In order to operate the target physical system stably, the CPS constantly monitors the physical system through the sensor and performs control using the actuator according to the current state. If a malicious attacker performs a forgery attack on the measured values of the sensors in order to conceal their attacks, the cyber system operated based on the collected data can not recognize the current operation status of the physical system. This causes the delay of the response of the automation system and the operator, and then more damage will occur. To protect the CPS from increasingly sophisticated and targeted attacks, countermeasures must be developed that can detect stealthy deception attacks. However, in the CPS environment composed of various heterogeneous devices, the process of analyzing and demonstrating the vulnerability to actual field devices requires a lot of time. Therefore, in this study, we propose a method of constructing the experiment environment of the PLCitM (PLC in the middle) which can verify the performance of the techniques to detect the CPS stealthy deception attack and present the experimental results.

A Survey on the CPS Security (CPS 보안 문제점 조사 분석)

  • Jeon, Sol;Doh, Inshil;Chae, Kijoon
    • Annual Conference of KIPS
    • /
    • 2016.04a
    • /
    • pp.225-228
    • /
    • 2016
  • CPS(Cyber Physical System)는 사이버 세계(cyber world)와 물리적 세계(physical word)를 연결하여, 현실과 사이버의 정보를 융합 분석하고, 분석한 데이터를 현실에 Feedback 하는 자동적이고 지능적인 제어 시스템이다. 이러한 CPS는 빅데이터를 분석하여 사용자에게 알맞은 정보를 제공해 주며 딥러닝(Deep Learning)을 통해 정확하고 세밀한 Feedback을 제공하는 등 이종 복합 시스템 간의 고신뢰성과 실시간성을 보장하는 무결점 자율 제어 시스템으로 주목 받고 있다. 실생활에서는 의료, 헬스케어, 교통, 에너지, 홈, 국방, 재난대응, 농업, 제조 등에서 폭 넓게 사용되고 있다. 해외에서는 이와 같은 CPS를 이용해 한 분야에 세밀하게 접목시켜 발전을 도모하며, CPS에 의해 변혁되는 데이터 구동형 사회를 준비하고 있다. 하지만, 이러한 CPS를 사용할 때, 보안의 문제점으로 대규모 정전사태가 발생하고, 생명을 위협하는 등의 취약점 또한 드러나고 있어 이에 대한 보안의 중요성과 CPS의 적용분야를 파악하여 전반적인 보안 문제점을 분석하고자 한다.