• Title/Summary/Keyword: cyber security behavior

Search Result 69, Processing Time 0.025 seconds

A Study on the Influence of Victimization Experience and Awareness on Cyber Security Behavior - Focusing on Dual Process Theory (침해 경험 및 정보보호 인식이 정보보호 행동에 미치는 영향에 대한 연구 : 이중 프로세스 이론을 중심으로)

  • Kim, Chang-Il;Heo, Deok-Won;Lee, Hye-Min;Sung, Wook-Joon
    • Informatization Policy
    • /
    • v.26 no.2
    • /
    • pp.62-80
    • /
    • 2019
  • The purpose of this study is to investigate the direct effect of victimization experience on cyber security behavior and the indirect effect of information protection awareness through the Dual Process Theory. Baron & Kenny regression analysis was conducted and the results are as follows - first, victimization experience has a positive effect on cyber security behavior; second, the relationship between victimization experience and cyber security behavior is mediated by cyber security awareness; and third, the direct effect of victimization experience on cyber security behavior and the indirect mediating effect of cyber security awareness are both positive (+). The direct effect of victimization experience on cyber security behavior is analyzed to be relatively large compared to the indirect effect that cyber security awareness has on cyber security behavior. Based on these results, It is suggested that periodic cyber security education and campaign policies are needed to enhance cyber security behavior.

Factors Affecting Information Protection Efforts for Preventing Deviant Behavior of Adolescent in Cyber Space (사이버 일탈행위 예방을 위한 개인 정보보호 노력의 영향요인 연구)

  • Um, Myoungyong;Park, Jin-Hee;Kim, Mi-Ryang
    • The Journal of Korean Association of Computer Education
    • /
    • v.8 no.5
    • /
    • pp.31-41
    • /
    • 2005
  • The purpose of this study is to identify the determinants of planned behavior of adolescent, toward information security and cyber crime prevention. A survey methodology was used to investigate a proposed model of influence, and regression analysis was used to analyze the results. The hypothesized model was largely supported by this analysis, and the overall results indicate that the intention to actively participate in information security and cyber crime prevention is mostly influenced by the fear for cyber crime and the perceived usefulness of information security and cyber crime prevention activity. In addition, it was found that the perceived easy of use for information-security related ICT skill, fear for cyber crime, and social norm for information security influence the level of usefulness, but that the prior experience with information leaking was statistically insignificant factor to the level of usefulness and fear for crime. Useful suggestions for promoting information security and cyber crime prevention are also provided.

  • PDF

Advanced insider threat detection model to apply periodic work atmosphere

  • Oh, Junhyoung;Kim, Tae Ho;Lee, Kyung Ho
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.3
    • /
    • pp.1722-1737
    • /
    • 2019
  • We developed an insider threat detection model to be used by organizations that repeat tasks at regular intervals. The model identifies the best combination of different feature selection algorithms, unsupervised learning algorithms, and standard scores. We derive a model specifically optimized for the organization by evaluating each combination in terms of accuracy, AUC (Area Under the Curve), and TPR (True Positive Rate). In order to validate this model, a four-year log was applied to the system handling sensitive information from public institutions. In the research target system, the user log was analyzed monthly based on the fact that the business process is processed at a cycle of one year, and the roles are determined for each person in charge. In order to classify the behavior of a user as abnormal, the standard scores of each organization were calculated and classified as abnormal when they exceeded certain thresholds. Using this method, we proposed an optimized model for the organization and verified it.

Detecting Anomalies, Sabotage, and Malicious Acts in a Cyber-physical System Using Fractal Dimension Based on Higuchi's Algorithm

  • Marwan Albahar
    • International Journal of Computer Science & Network Security
    • /
    • v.23 no.4
    • /
    • pp.69-78
    • /
    • 2023
  • With the global rise of digital data, the uncontrolled quantity of data is susceptible to cyber warfare or cyber attacks. Therefore, it is necessary to improve cyber security systems. This research studies the behavior of malicious acts and uses Higuchi Fractal Dimension (HFD), which is a non-linear mathematical method to examine the intricacy of the behavior of these malicious acts and anomalies within the cyber physical system. The HFD algorithm was tested successfully using synthetic time series network data and validated on real-time network data, producing accurate results. It was found that the highest fractal dimension value was computed from the DoS attack time series data. Furthermore, the difference in the HFD values between the DoS attack data and the normal traffic data was the highest. The malicious network data and the non-malicious network data were successfully classified using the Receiver Operating Characteristics (ROC) method in conjunction with a scaling stationary index that helps to boost the ROC technique in classifying normal and malicious traffic. Hence, the suggested methodology may be utilized to rapidly detect the existence of abnormalities in traffic with the aim of further using other methods of cyber-attack detection.

Abnormal Behavior Detection for Zero Trust Security Model Using Deep Learning (제로트러스트 모델을 위한 딥러닝 기반의 비정상 행위 탐지)

  • Kim, Seo-Young;Jeong, Kyung-Hwa;Hwang, Yuna;Nyang, Dae-Hun
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2021.05a
    • /
    • pp.132-135
    • /
    • 2021
  • 최근 네트워크의 확장으로 인한 공격 벡터의 증가로 외부자뿐 아니라 내부자를 경계해야 할 필요성이 증가함에 따라, 이를 다룬 보안 모델인 제로트러스트 모델이 주목받고 있다. 이 논문에서는 reverse proxy 와 사용자 패턴 인식 AI 를 이용한 제로트러스트 아키텍처를 제시하며 제로트러스트의 구현 가능성을 보이고, 새롭고 효율적인 전처리 과정을 통해 효과적으로 사용자를 인증할 수 있음을 제시한다. 이를 위해 사용자별로 마우스 사용 패턴, 리소스 사용 패턴을 인식하는 딥러닝 모델을 설계하였다. 끝으로 제로트러스트 모델에서 사용자 패턴 인식의 활용 가능성과 확장성을 보인다.

Attacker and Host Modeling for Cyber-Attack Simulation (사이버 공격 시뮬레이션을 위한 공격자 및 호스트 모델링)

  • 정정례;이장세;박종서;지승도
    • Journal of the Korea Society for Simulation
    • /
    • v.12 no.2
    • /
    • pp.63-73
    • /
    • 2003
  • The major objective of this paper is to propose the method of attacker and host modeling for cyber-attack simulation. In the security modeling and simulation for information assurance, it is essential the modeling of attacker that is able to generate various cyber-attack scenarios as well as the modeling of host, which is able to represent behavior on attack concretely The security modeling and simulation, which was announced by Cohen, Nong Ye and etc., is too simple to concretely analyze attack behavior on the host. And, the attacker modeling, which was announced by CERT, Laura and etc., is impossible to represent complex attack excepting fixed forms. To deal with this problem, we have accomplished attacker modeling by adopted the rule-based SES which integrates the existing SES with rule-based expert system for synthesis and performed host modeling by using the DEVS formalism. Our approach is to show the difference from others in that (ⅰ) it is able to represent complex and repetitive attack, (ⅱ) it automatically generates the cyber-attack scenario suitable on the target system, (ⅲ) it is able to analyze host's behavior of cyber attack concretely. Simulation tests performed on the sample network verify the soundness of proposed method.

  • PDF

A Study on Analysis of Malicious Code Behavior Information for Predicting Security Threats in New Environments

  • Choi, Seul-Ki;Lee, Taejin;Kwak, Jin
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.3
    • /
    • pp.1611-1625
    • /
    • 2019
  • The emergence of new technologies and devices brings a new environment in the field of cyber security. It is not easy to predict possible security threats about new environment every time without special criteria. In other words, most malicious codes often reuse malicious code that has occurred in the past, such as bypassing detection from anti-virus or including additional functions. Therefore, we are predicting the security threats that can arise in a new environment based on the history of repeated malicious code. In this paper, we classify and define not only the internal information obtained from malicious code analysis but also the features that occur during infection and attack. We propose a method to predict and manage security threats in new environment by continuously managing and extending.

A Study Covering the Comparative Analysis of Educational Systems in Major Countries for Regular Cybersecurity Education (사이버보안 정규교육화를 위한 주요국 교육체계 비교분석 연구)

  • YOO, Jiyeon
    • The Journal of the Convergence on Culture Technology
    • /
    • v.7 no.1
    • /
    • pp.397-405
    • /
    • 2021
  • With the recent phenomenon of the Intelligence Information Society, the cyber security paradigm has begun to change. In particular, the increase of the interconnectedness of the hyperlinked society has extended the scope of damage that can be caused by cyber threats to the real world. In addition to that, it can also be a risk to any given individual who could accompany a crisis that has to do with public safety or national security. Adolescents who are digital natives are more likely to be exposed to cyber threats, which is mainly due to the fact that they are significantly more involved in cyber activities and they also possess insufficient security comprehension and safety awareness. Therefore, it is necessary to strengthen cyber security capabilities of every young individual, so that they can effectively protect themselves against cyber threats and better manage their cyber activities. It examines the changes of the security paradigm and the necessity for cyber security education, which is in direct accordance to the characteristics of a connected society that further suggests directions and a basic system of cyber security education, through a detailed analysis of the current state of Domestic and Overseas Cyber Security Education. The purpose of this study was to define cybersecurity competencies that are necessary within an intelligent information society, and to propose a regular curriculum for strengthening cybersecurity competencies, through the comparison and meticulous analysis of both domestic and overseas educational systems that are pertinent to cybersecurity competencies. Accordingly, a cybersecurity competency system was constructed, by reflecting C3-Matrix, which is a cyber competency system model of digital citizens. The cybersecurity competency system consists of cyber ethics awareness, cyber ethics behavior, cyber security and cyber safety. In addition to this, based on the basic framework of the cybersecurity competency system, the relevant education that is currently being implemented in the United States, Australia, Japan and Korea were all compared and analyzed. From the insight gained through the analysis, the domestic curriculum was finally presented. The main objective of this new unified understanding, was to create a comprehensive and effective cyber security competency curriculum.

Exploring Effective Zero Trust Architecture for Defense Cybersecurity: A Study

  • Youngho Kim;Seon-Gyoung Sohn;Kyeong Tae, Kim;Hae Sook Jeon;Sang-Min Lee;Yunkyung Lee;Jeongnyeo Kim
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.18 no.9
    • /
    • pp.2665-2691
    • /
    • 2024
  • The philosophy of Zero Trust in cybersecurity lies in the notion that nothing assumes to be trustworthy by default. This drives defense organizations to modernize their cybersecurity architecture through integrating with the zero-trust principles. The enhanced architecture is expected to shift protection strategy from static and perimeter-centric protection to dynamic and proactive measures depending on the logical contexts of users, assets, and infrastructure. Given the domain context of defense environment, we aim three challenge problems to tackle and identify four technical approaches by the security capabilities defined in the Zero Trust Architecture. First approach, dynamic access control manages visibility and accessibility to resources or services with Multi Factor Authentication and Software Defined Perimeter. Logical network separation approach divides networks on a functional basis by using Software Defined Network and Micro-segmentation. Data-driven analysis approach enables machine-aided judgement by utilizing Artificial Intelligence, User and Entity Behavior Analytics. Lastly, Security Awareness approach observes fluid security context of all resources through Continuous Monitoring and Visualization. Based on these approaches, a comprehensive study of modern technologies is presented to materialize the concept that each approach intends to achieve. We expect this study to provide a guidance for defense organizations to take a step on the implementation of their own zero-trust architecture.

A Novel Abnormal Behavior Detection Framework to Maximize the Availability in Smart Grid

  • Shin, Incheol
    • Smart Media Journal
    • /
    • v.6 no.3
    • /
    • pp.95-102
    • /
    • 2017
  • A large volume of research has been devoted to the development of security tools for protecting the Smart Grid systems, however the most of them have not taken the Availability, Integrity, Confidentiality (AIC) security triad model, not like CIA triad model in traditional Information Technology (IT) systems, into account the security measures for the electricity control systems. Thus, this study would propose a novel security framework, an abnormal behavior detection system, to maximize the availability of the control systems by considering a unique set of characteristics of the systems.