• Title/Summary/Keyword: cyberattacks

Search Result 69, Processing Time 0.018 seconds

A Study on Vulnerability Analysis Techniques for Secure Weapon System Software (안전한 무기체계 소프트웨어를 위한 취약점 분석 기법에 관한 연구)

  • Kim, Jong-Bok;Jo, In-June
    • The Journal of the Korea Contents Association
    • /
    • v.18 no.8
    • /
    • pp.459-468
    • /
    • 2018
  • Cyberattacks on information systems used by applications related to weapon system and organizations associated with national defense put national security at risk. To reduce these threats, continuous efforts such as applying secure coding from the development stage or managing detected vulnerabilities systematically are being made. It also analyzes and detects vulnerabilities by using various analysis tools, eliminates at the development stage, and removes from developed applications. However, vulnerability analysis tools cause problems such as undetected, false positives, and overdetected, making accurate vulnerability detection difficult. In this paper, we propose a new vulnerability detection method to solve these problems, which can assess the risk of certain applications and create and manage secured application with this data.

DEVS-based Modeling Methodology for Cybersecurity Simulations from a Security Perspective

  • Kim, Jiyeon;Kim, Hyung-Jong
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.14 no.5
    • /
    • pp.2186-2203
    • /
    • 2020
  • Security administrators of companies and organizations need to come up with proper countermeasures against cyber-attacks considering infrastructures and security policies in their possession. In order to develop and verify such countermeasures, the administrators should be able to reenact both cyber-attacks and defenses. Simulations can be useful for the reenactment by overcoming its limitations including high risk and cost. If the administrators are able to design various scenarios of cyber-attacks and to develop simulation models from their viewpoints, they can simulate desired situations and observe the results more easily. It is challenging to simulate cyber-security issues, because there is lack of theoretical basis for modeling a wide range of the security field as well as pre-defined basic components used to model cyber-attacks. In this paper, we propose a modeling method for cyber-security simulations by developing a basic component and a composite model, called Abstracted Cyber-Security Unit Model (ACSUM) and Abstracted Cyber-security SIMulation model (ACSIM), respectively. The proposed models are based on DEVS(Discrete Event systems Specification) formalism, a modeling theory for discrete event simulations. We develop attack scenarios by sequencing attack behaviors using ACSUMs and then model ACSIMs by combining and abstracting the ACSUMs from a security perspective. The concepts of ACSUM and ACSIM enable the security administrators to simulate numerous cyber-security issues from their viewpoints. As a case study, we model a worm scenario using ACSUM and simulate three types of simulation models based on ACSIM from a different security perspective.

The Relationship Between Financial Literacy and Public Awareness on Combating the Threat of Cybercrime in Malaysia

  • ISA, Mohd Yaziz Bin Mohd;IBRAHIM, Wan Nora Binti Wan;MOHAMED, Zulkifflee
    • The Journal of Industrial Distribution & Business
    • /
    • v.12 no.12
    • /
    • pp.1-10
    • /
    • 2021
  • Purpose: Cyber criminals have affected various markets and the banking system has encountered various kinds of cyberattacks. The purpose of this study is to analyze cybercrime that is an emerging threat and investigate the significant contribution of financial literacy and public awareness on cybercrimes. To understand the security issues and the need for corrective steps, the techniques and strategies used by cyber fraudsters in obtaining unauthorized access and use the financial information for purpose of fraud need to be understood. Research design, data and methodology: A sample of 123 banks employees from 12 commercial banks in Malaysia was surveyed. This study differs from previous studies as it surveyed the employees' awareness, and this approach fills in the gap in existing literature. Results: The financial literacy and public awareness have positive impact on organizational performance effectiveness to combat threat of cybercrime. Some recommendations are also proposed from research findings, for banking industry and government regulations. Conclusion: The present study focuses on banking sector so its findings cannot be generalized to other sectors. Linking these topics has created a new study in combating threat of cybercrimes generally, and specifically in Malaysia. The present study enhances the understanding of customers' role to combat the impact of cybercrimes on performances of banking industry.

INFORMATION AND COMMUNICATION TECHNOLOGIES AS A TOOL OF STRATEGY FOR ENSURING THE HIGHER EDUCATION ADAPTABILITY TO THE DIGITAL ECONOMY CHALLENGES

  • Kholiavko, Nataliia;Popelo, Olha;Bazhenkov, Ievgen;Shaposhnykova, Iryna;Sheremet, Oleh
    • International Journal of Computer Science & Network Security
    • /
    • v.21 no.8
    • /
    • pp.187-195
    • /
    • 2021
  • The intensification of the processes of the digital economy development is leading to the transformation of the higher education system. Universities are forced to digitalize their own educational, research, international, marketing, financial and economic activities in order to maintain a competitive position in the global market of educational services. The purpose of the article is to study the role of information and communication technologies in the development of the higher education system and to ensure its adaptability to modern challenges of digital economy. To achieve this goal, methods of content analysis, logical generalization, systematization and a structural-functional method are used. In the article, the authors substantiate the urgency of forming a holistic strategy to ensure the adaptability of higher education to the challenges of digital economy. In the structure of this strategy, the information-technological block is singled out and described. The authors specified a set of positive synergetic effects from the introduction of modern information and communication technologies in the activities of universities. The main information threats to the digitalization of higher education related to the protection of personal data and university systems from cyberattacks and fraudulent schemes are identified. In conclusion, the authors detail the measures for the strategy implementation to ensure the adaptability of higher education to digital economy.

Two-Pathway Model for Enhancement of Protocol Reverse Engineering

  • Goo, Young-Hoon;Shim, Kyu-Seok;Baek, Ui-Jun;Kim, Myung-Sup
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.14 no.11
    • /
    • pp.4310-4330
    • /
    • 2020
  • With the continuous emergence of new applications and cyberattacks and their frequent updates, the need for automatic protocol reverse engineering is gaining recognition. Although several methods for automatic protocol reverse engineering have been proposed, each method still faces major limitations in extracting clear specifications and in its universal application. In order to overcome such limitations, we propose an automatic protocol reverse engineering method using a two-pathway model based on a contiguous sequential pattern (CSP) algorithm. By using this model, the method can infer both command-oriented protocols and non-command-oriented protocols clearly and in detail. The proposed method infers all the key elements of the protocol, which are syntax, semantics, and finite state machine (FSM), and extracts clear syntax by defining fine-grained field types and three types of format: field format, message format, and flow format. We evaluated the efficacy of the proposed method over two non-command-oriented protocols and three command-oriented protocols: the former are HTTP and DNS, and the latter are FTP, SMTP, and POP3. The experimental results show that this method can reverse engineer with high coverage and correctness rates, more than 98.5% and 99.1% respectively, and be general for both command-oriented and non-command-oriented protocols.

Semi-supervised based Unknown Attack Detection in EDR Environment

  • Hwang, Chanwoong;Kim, Doyeon;Lee, Taejin
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.14 no.12
    • /
    • pp.4909-4926
    • /
    • 2020
  • Cyberattacks penetrate the server and perform various malicious acts such as stealing confidential information, destroying systems, and exposing personal information. To achieve this, attackers perform various malicious actions by infecting endpoints and accessing the internal network. However, the current countermeasures are only anti-viruses that operate in a signature or pattern manner, allowing initial unknown attacks. Endpoint Detection and Response (EDR) technology is focused on providing visibility, and strong countermeasures are lacking. If you fail to respond to the initial attack, it is difficult to respond additionally because malicious behavior like Advanced Persistent Threat (APT) attack does not occur immediately, but occurs over a long period of time. In this paper, we propose a technique that detects an unknown attack using an event log without prior knowledge, although the initial response failed with anti-virus. The proposed technology uses a combination of AutoEncoder and 1D CNN (1-Dimention Convolutional Neural Network) based on semi-supervised learning. The experiment trained a dataset collected over a month in a real-world commercial endpoint environment, and tested the data collected over the next month. As a result of the experiment, 37 unknown attacks were detected in the event log collected for one month in the actual commercial endpoint environment, and 26 of them were verified as malicious through VirusTotal (VT). In the future, it is expected that the proposed model will be applied to EDR technology to form a secure endpoint environment and reduce time and labor costs to effectively detect unknown attacks.

An Analysis Measure for Cybersecurity linked Threat against Diverse Protection Systems (다양성보호계통 사이버보안 연계 위협 분석 방안)

  • Jung, Sungmin;Kim, Taekyung
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.17 no.1
    • /
    • pp.35-44
    • /
    • 2021
  • With the development of information technology, the cybersecurity threat continues as digital-related technologies are applied to the instrumentation and control system of nuclear power plants. The malfunction of the instrumentation and control system can cause economic damage due to shutdown, and furthermore, it can lead to national disasters such as radioactive emissions, so countering cybersecurity threats is an important issue. In general, the study of cybersecurity in instrumentation and control systems is concentrated on safety systems, and diverse protection systems perform protection and reactor shutdown functions, leading to reactor shutdown or, in the worst case, non-stop situations. To accurately analyze cyber threats in the diverse protection system, its linked facilities should be analyzed together. Risk analysis should be conducted by analyzing the potential impact of inter-facility cyberattacks on related facilities and the impact of cybersecurity on each configuration module of the diverse protection system. In this paper, we analyze the linkage of the diverse protection system and discuss the cybersecurity linkage threat by analyzing the availability of equipment, the cyber threat impact of the linked equipment, and the configuration module's cybersecurity vulnerability.

Security Enhancement of Public Organization Members Based on the Protection Motivation Theory (보호동기이론에 기반한 조직구성원의 보안강화 : 보안정책에 대한 신뢰와 보안스트레스의 매개효과를 중심으로)

  • Choi, Heeyoung;Kang, Juyoung
    • Journal of Information Technology Services
    • /
    • v.19 no.6
    • /
    • pp.83-95
    • /
    • 2020
  • "I think security is only trying to make it uncomfortable." "10% of my work is entering IDs and passwords, such as boot passwords, mobile phone authentication numbers, etc." As reflected in the complaint above, stress caused by information security among organizations' members is increasing. In order to strengthen information security, practical solutions to reduce stress are needed because the motivation of the members is needed in order for organizations to function properly. Therefore, this study attempts to suggest key factors that can enhance security while reducing information security stress among members of organizations. To this end, based on the theory of protection motivation, trust and security stress from information security policies are set as mediating factors to explain changes in security reinforcement behavior. Furthermore, risk, efficacy, and reaction costs of cyberattacks are considered as prerequisites. Our study suggests a solution to the security reinforcement problem by analyzing the factors that influence the behavior of members of organizations. In turn, this can raise protection motivation among members.

A Cooperative Smart Jamming Attack in Internet of Things Networks

  • Al Sharah, Ashraf;Owida, Hamza Abu;Edwan, Talal A.;Alnaimat, Feras
    • Journal of information and communication convergence engineering
    • /
    • v.20 no.4
    • /
    • pp.250-258
    • /
    • 2022
  • The emerging scope of the Internet-of-Things (IoT) has piqued the interest of industry and academia in recent times. Therefore, security becomes the main issue to prevent the possibility of cyberattacks. Jamming attacks are threads that can affect performance and cause significant problems for IoT device. This study explores a smart jamming attack (coalition attack) in which the attackers were previously a part of the legitimate network and are now back to attack it based on the gained knowledge. These attackers regroup into a coalition and begin exchanging information about the legitimate network to launch attacks based on the gained knowledge. Our system enables jammer nodes to select the optimal transmission rates for attacks based on the attack probability table, which contains the most probable link transmission rate between nodes in the legitimate network. The table is updated constantly throughout the life cycle of the coalition. The simulation results show that a coalition of jammers can cause highly successful attacks.

Self-sufficiencies in Cyber Technologies: A requirement study on Saudi Arabia

  • Alhalafi, Nawaf;Veeraraghavan, Prakash
    • International Journal of Computer Science & Network Security
    • /
    • v.22 no.5
    • /
    • pp.204-214
    • /
    • 2022
  • Speedy development has been witnessed in communication technologies and the adoption of the Internet across the world. Information dissemination is the primary goal of these technologies. One of the rapidly developing nations in the Middle East is Saudi Arabia, where the use of communication technologies, including mobile and Internet, has drastically risen in recent times. These advancements are relatively new to the region when contrasted to developed nations. Thus, offenses arising from the adoption of these technologies may be new to Saudi Arabians. This study examines cyber security awareness among Saudi Arabian citizens in distinct settings. A comparison is made between the cybersecurity policy guidelines adopted in Saudi Arabia and three other nations. This review will explore distinct essential elements and approaches to mitigating cybercrimes in the United States, Singapore, and India. Following an analysis of the current cybersecurity framework in Saudi Arabia, suggestions for improvement are determined from the overall findings. A key objective is enhancing the nationwide focus on efficient safety and security systems. While the participants display a clear knowledge of IT, the surveyed literature shows limited awareness of the risks related to cyber security practices and the role of government in promoting data safety across the Internet. As the findings indicate, proper frameworks regarding cyber security need to be considered to ensure that associated threats are mitigated as Saudi Arabia aspires to become an efficient smart nation.