• Journal of the Korea Society of Computer and Information
• /
• v.24 no.5
• /
• pp.179-186
• /
• 2019

While there have been a lots of studies on the use of cyber money, few researches proposed the results on relationships among quality factors, usage intention, and usage characteristics of cyber money in online business environment. Therefore, this study investigates the relationships between cyber money quality and usage intention of cyber money, and examines whether the usage characteristics(frequency, amount) of cyber money has moderating effect on the relationship between cyber money quality and usage intention of cyber money. Firstly, multiple regression analysis tells significant causal relationship between functional and emotional factors of cyber money quality and usage intention of cyber money. Secondly, dummy regression analysis shows usage characteristics of cyber money has the moderating effect on the relationship between cyber money quality and usage intention of cyber money. This paper concludes with some implications for both theory development and cyber money practice.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.7
• /
• pp.2425-2458
• /
• 2022

The continuous evolution and proliferation of computer technology and our increasing dependence on computer technology have created a new class of threats: "cyber threats." These threats can be defined as activities that can undermine a society's ability to maintain internal or external order while using information technology. Cyber threats can be mainly divided into two categories, namely cyber-terrorism and cyber-warfare. A variety of malware programs are often used as a primary weapon in these cyber threats. A significant amount of research work has been published covering different aspects of cyber threats, their countermeasures, and the policy-making for cyber laws. This article aims to review the research conducted in various important aspects of cyber threats and provides synthesized information regarding the fundamentals of cyber threats; discusses the countermeasures for such threats; provides relevant details of high-profile cyber-attacks; discusses the developments in global policy-making for cyber laws, and lastly presents promising future directions in this area.

• Nuclear Engineering and Technology
• /
• v.51 no.1
• /
• pp.138-145
• /
• 2019

With the application of digital technology to safety-critical infrastructures, cyber-attacks have emerged as one of the new dangerous threats. In safety-critical infrastructures such as a nuclear power plant (NPP), a cyber-attack could have serious consequences by initiating dangerous events or rendering important safety systems unavailable. Since a cyber-attack is conducted intentionally, numerous possible cases should be considered for developing a cyber security system, such as the attack paths, methods, and potential target systems. Therefore, prior to developing a risk-informed cyber security strategy, the importance of cyber-attacks and significant critical digital assets (CDAs) should be analyzed. In this work, an importance analysis method for cyber-attacks on an NPP was proposed using the probabilistic safety assessment (PSA) method. To develop an importance analysis framework for cyber-attacks, possible cyber-attacks were identified with failure modes, and a PSA model for cyber-attacks was developed. For case studies, the quantitative evaluations of cyber-attack scenarios were performed using the proposed method. By using quantitative importance of cyber-attacks and identifying significant CDAs that must be defended against cyber-attacks, it is possible to develop an efficient and reliable defense strategy against cyber-attacks on NPPs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.805-821
• /
• 2020

Cyber defense exercise should require training on the latest cyber attacks and have a similar process to defense cyber attacks. In addition, it is also important to train on cyber resilience that can perform normal tasks or support equivalent tasks regardless of cyber attacks. In this paper, we proposed and developed a cyber range that can strengthen the elements of cyber resilience by performing cyber defense exercise in real time based on the cyber crisis alert issued when a cyber attack occurs in Korea. When BLUE, YELLOW, ORANGE, and RED warnings are issued according to the cyber crisis, our system performs proactive response, real time response, and post response according to the alarm. It can improve trainee's capability to respond to cyber threats by performing cyber defense exercise in a cyber crisis environment similar to the actual situation of Korea.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.5 no.3
• /
• pp.68-76
• /
• 2002

As modern public administrations are constructing homepages based on GIS and enhancing public services through interactive communication with their citizens, cyber governance and internet GIS have been conglomerated more than before. As such, the transformation from 'GIS for public management' to 'Internet GIS for cyber governance' is in progress. In the future, cyber governance based on Internet GIS can be a new paradigm for public management. The aim of this study is to look for the applications of internet GISs for cyber governance. For this purpose, the study examines characteristics of cyber governance and internet GIS and analyses similarities between them. Based on this analysis, the study proposes various ways of applying internet GISs for cyber governance.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.2
• /
• pp.749-766
• /
• 2021

Cyber powers around the world are conducting cyber information-gathering activities in cyberspace, a global domain within the Internet-based information environment. Accordingly, it is imperative to obtain the latest information through the cyber intelligence preparation of the battlefield (IPB) process to prepare for future cyber operations. Research utilizing the cyber battlefield visualization method for effective cyber IPB and situation awareness aims to minimize uncertainty in the cyber battlefield and enable command control and determination by commanders. This paper designed architecture by classifying cyberspace into a physical, logical network layer and cyber persona layer to visualize the cyber battlefield using BGP archive data, which is comprised of BGP connection information data of routers around the world. To implement the architecture, BGP archive data was analyzed and pre-processed, and cyberspace was implemented in the form of a Di-Graph. Information products that can be obtained through visualization were classified for each layer of the cyberspace, and a visualization method was proposed for performing cyber IPB. Through this, we analyzed actual North Korea's BGP and OSINT data to implement North Korea's cyber battlefield centered on the Internet network in the form of a prototype. In the future, we will implement a prototype architecture based on Elastic Stack.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.8
• /
• pp.1687-1692
• /
• 2009

Cyber forensics is used the process and technology of digital forensics as a criminal investigation in cyber space. Cyber crime is classified into cyber terror and general cyber crime, and those two classes are connected with each other. The investigation of cyber terror requires high technology, system environment and experts, and general cyber crime is connected with general crime by evidence from digital data in cyber space. Accordingly, it is difficult to determine relational crime types, collect evidence and the legal admissibility of evidence. Therefore, we considered the classifications of cyber crime, the collection of evidence in cyber space and the application of laws to cyber crime. In order to efficiently investigate cyber crime, it is necessary to integrate those concepts for each cyber crime-case. In this paper, we constructed a cyber forensics domain ontology for cyber criminal investigation using the concepts, relations and properties, according to categories of cyber crime, laws, evidence, and information of criminals and crime-cases. This ontology can be used in the process of investigating of cyber crime-cases, and for data mining of cyber crime; classification, clustering, association and detection of crime types, crime cases, evidences and criminals.

• Journal of the Korean Society of Industry Convergence
• /
• v.23 no.2_2
• /
• pp.333-341
• /
• 2020

In this paper, we introduce a smart city-cyber-security-grid-matrix methodology, as a result of research on overall cyber security of smart cities. The identified cyber security risks that threaten smart cities and smart-city-cyber-security-threat list are presented. The smart-city-cyber-security-requirements necessary to secure the smart city cyber security with the developed smart city-cyber-security-grid-matrix are given in this paper. We show how the developed smart city-cyber-security-grid-matrix methodology can be applied to real world. For it, we interlocked the developed smart city-cyber-security-grid-matrix methodology with the cyber-security-framework of the National Institute of Standards and Technology, and developed a framework-based smart city-cyber-security-grid-matrix. Using it, it is easy and comfortable to check the level of cyber security of the target smart ciy at a glace, and the construction and operation of the smart city security system is systematized.

• Korean Security Journal
• /
• no.8
• /
• pp.379-407
• /
• 2004

The cyber-crime is one of the results occurring from the increased dependency toward information-telecommunication devices. Currently, the Korean National Police Agency and many other related law enforcement agencies have made efforts to respond against the cyber-crimes. However, the number of cyber-crime is increasing steadily. The worse problem is that the arresting rate for the cyber-crime has been decreased than before. The reasons of decreasing arresting rate come from many different kinds of cyber-crime methods with the developed computer and network technology, Also, the easy concealment of the cyber-crime by the violater and the difficulty of specification against the data objected to search and seizure make the crackdown difficult. The other difficulties come from the lack of professionally trained investigators, the lack of high-technological investigation devices, and the failure of the technology development for the search and seizure of evidences because of the budget deficit. That is to say, these phenomenon show the comprehensive problem of the cyber-police system. Accordingly, to respond against newly changed cyber-crime activities and to investigate effectively, the cyber-police has to take consideration into the professional reorganization of the cyber-police, the development of the investigation technology, and the adjustment of current cyber-crime laws. Most importantly, the cyber-police needs the high-technological investigation devices, the development of the investigation methods, and the training for the professional human resources with the enough budget support.J

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.2
• /
• pp.1-10
• /
• 2014

In this study, I analyzed the increased threat of cyber warfare and the threat of reality about what is happening around the currently. And to prepare for it, I proposed the fact how main developed countries deal with cyber warfare. Also, I presented North Korea's cyber warfare threat which is equipped with world's top 3 cyber warfare performance and the way how their strategy influence to South Korea's national security. Moreever, I studied the existing North Korea's cyber warfare threat and the way how, how South Korea deal with it and prepare to against expected threat of cyber warfare in future.