산업융합연구 (Journal of Industrial Convergence)

  • 제20권3호
  • /
  • Pages.23-31
  • /
  • 2022
  • /
  • 2635-8875(pISSN)
  • /
  • 2672-0124(eISSN)
대한산업경영학회 (DAEHAN Society of Industrial Management)
권호 표지
DOI QR코드

DOI QR Code

보안 전문 인력 양성을 위한 정보보안 수업 개선 방안 - 특성화 과정을 중심으로

Information Security Class Improvement Plan to Cultivate Security Professionals - Focusing on Specialization Course

  • 박중오 (성결대학교 파이데이아학부)
  • 투고 : 2022.01.19
  • 심사 : 2022.03.20
  • 발행 : 2022.03.28
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

최근 사이버공격 등을 방어하기 위한 보안 전문인력 양성에 대학 정보보안 학과의 역할의 중요성이 나날이 높아지고 있다. 현재 대학 보안 교육과정은 이론 교육에 비중이 높고 실무 교육의 전문성이 비교적 떨어진다는 문제점이 존재한다. 본 연구는 보안학과의 실무 능력 개선을 목적으로 최근 국/내외 외부 보안 교육기관의 교육 프로그램을 분석하였고, 핵심 특성화 과정에 적절한 수업 모델을 설계하고 방향성을 제시한다. 제안 모델은 기존 문제점인 기초수업 연계 및 보안 실무 교육과정 로드맵을 개선하고, 핵심 5가지 특성화 과목의 실습 프로그램을 추가 설명한다. 본 연구는 각 대학 보안학과 수업 과정의 질과 교육 모델의 개선에 이바지하고자 한다.

Recently, the importance of the role of the university information security department in nurturing security experts to defend against cyber attacks is increasing day by day. The current university security curriculum has a problem in that the proportion of theoretical education is high and the professionalism of practical education is relatively low. This study analyzed the recent educational programs of domestic and foreign security education institutions for the purpose of improving the practical ability of the Department of Security, designing a class model suitable for the core specialization process, and suggesting the direction. The proposed model improves the existing problems of basic class connection and security practice curriculum roadmap, and additionally explains the practice program of the five core specialized subjects. This study intends to contribute to the improvement of the quality of the curriculum and educational model of each university's security department.

키워드

참고문헌

  1. K. J. Seo, J. E. Choi & H. W. Kim. (2015). An Exploratory Study on Development of Information Security Manpower. Journal of Association Of Information Systems, 24(2), 73-96. DOI : 10.5859/KAIS.2015.24.2.73
  2. K. T. Park, H. J. Jun & T. S. Kim. (2016). A Study on the Cybersecurity Workforce Training Program Development by Level of a Characteristic of Training Program. Journal of Information Technology Applications & Management, 23(4), 127-138. DOI : 10.21219/JITAM.2016.23.4.127
  3. J. M. Yang. (2018). A Study on Development of Standard Modeling Education Program in Information Security : Focusing on Domestic University Cases. Journal of Convergence Security Association, 18(5), 99-104.
  4. S. M. JIN, L. W. DING, D. R. LIU & H. Y. LI. (2020). Research on Training Strategy of Information Technology Application Ability of Normal University Students. International Journal of Advanced Science and Convergence, 2(4), 17-24. DOI : 10.22662/IJASC.2020.2.4.017
  5. J. H. Song & H. R. Kim. (2016). A Study on the NCS based Curriculum for Educating Information Security Manpower. Journal of the Korea Academia-Industrial cooperation Society, 17(11), 537-544. DOI: 10.5762/KAIS.2016.17.11.537
  6. J. H. Jung & C. M. Jung. (2019). An Analysis of Industrial Security Curriculum's in Colleges. Journal of Society for e-Business Studies, 24(2), 29-53. DOI : 10.7838/jsebs.2019.24.2.029
  7. J. S. Park. (2019). A Study on the Improvement of Curriculum for Human Resources Development in the Industrial Security. Journal of Association for Industrial Security, 9(1), 141-163.
  8. M. G. Lee. (2017). A Development of Curriculum for Information Security Professional Manpower Training. Journal of the Institute of Electronics and Information Engineers, 54(1), 46-52. DOI : 10.5573/ieie.2017.54.1.046
  9. W. H. Park & S. J. Ahn. (2017). Enhancing Education Curriculum of Cyber Security Based on NICE. KIPS Transactions on Computer and Communication Systems, 6(7), 321-328. DOI : 10.3745/KTCCS.2017.6.7.321
  10. C. B. Kim. (2020). An Analysis of Information Security Curriculum in Elementary School practical arts, Secondary School Informatics Teaching and Suggestions for Improvement. Journal of Society of Computer and Information, 25(10), 69-75. DOI : 10.9708/jksci.2020.25.10.069
  11. S. J. Kim & Y. H. Jung. (2020). A Study on the Improvement of Industrial Security Curriculum Based on Industrial Demand: A Survey on IPA for Industrial Security Officers. Journal of Korean Industrial Security, 10(3), 169-186. DOI : 10.33388/kais.2020.10.3.169
  12. Korea Internet & Security Agency. Annual training at KISA Cyber Security Talent Center, Cyber Security Manpower Training (K-Shield) Regular Course, Retrieved from http://academy.kisa.or.kr
  13. Korea Information Security Education Center. KISEC Information Security Expert Course, Retrieved from https://www.kisec.com
  14. Korea Information Technology Research Institute. KITRI Academy - Security Field, Retrieved from http://academy.kitri.re.kr
  15. Korea Information Security Industry Association. KISIA Talent Support Education Project - Security, Retrieved from https://www.kisia.or.kr
  16. Global IT Human Resources Development Institute. Global IT - National-based strategic training, Retrieved from http://www.gith.co.kr
  17. Korea Information Security Education Institute. Cloud Security Expert Training Course, Retrieved from http://www.keduit.com
  18. Ministry of Education. Guidelines for business processing related to credit recognition, etc. [Ministry of Education Notification No. 2021-9, 2021.2.19., partially revised], Retrieved from https://www.moe.go.kr
  19. E. S. Jang. (2020). A Case Study on the Operation of Artificial Intelligence in a Liberal Arts Mandatory Curriculum, Journal of General Education, 14(5), 137-148. DOI : 10.46392/kjge.2020.14.5.137
  20. R. W. Tyler. (2013). Basic principles of curriculum and instruction. University of Chicago press.
  21. W. H. Park & S. J. Ahn. (2017). Enhancing Education Curriculum of Cyber Security Based on NICE. KIPS Transactions on Computer and Communication Systems, 6(7), 321-328. DOI : 10.3745/KTCCS.2017.6.7.321
  22. M. J. Choi & D, Y. Jeong. (2013). A Study on Effect of the Cognitive Style of Field Dependence/Independence to the Information-Seeking Behavior of Undergraduate Students. Journal of the Korean Society for Library and Information Science, 47(1), 125-147. DOI : 10.4275/KSLIS.2013.47.1.125
  23. Ministry of Public Administration and Security. Secure Coding Guide(C, Java), Retrieved from https://www.mois.go.kr/
  24. Oracle. The CERT Oracle Secure Coding Standard for Java, Retrieved from https://www.oracle.com/
  25. Eclipse Foundation. Eclipse IDE, Retrieved from https://www.eclipse.org/
  26. Microsoft. Microsoft Visual Studio, Retrieved from https://visualstudio.microsoft.com/
  27. Philippe Arteau. FindSecurityBugs, Retrieved from https://find-sec-bugs.github.io/
  28. OWASP. OWASP® Zed Attack Proxy, Retrieved from https://www.zaproxy.org/
  29. OffSec Services. Kali Linux, Retrieved from https://www.kali.org/
  30. Wireshark Foundation. Wireshark, Retrieved from https://www.wireshark.org/
  31. C. Sanders. (2017). Practical Packet Analysis, 3E: Using Wireshark to Solve Real-World Network Problems. Seoul : acorn Publishing.
  32. L. Chappell, (2014). Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide. Problems. Seoul : acorn Publishing.
  33. Tenable. Nessus, Retrieved from https://www.tenable.com/
  34. Metasploit. Metasploit Tools, Retrieved from https://www.metasploit.com/
  35. Openwall. John the Ripper, Retrieved from https://www.openwall.com/john/
  36. Willie L. Pritchett. (2014). Kali Linux Cookbook. Seoul : acorn Publishing.
  37. L. Allen. (2015). Kali Linux - assuring security by penetration testing :master the art of penetration testing with Kali Linux(2nd ed.). Seoul : acorn Publishing.
  38. DVWA. Damn Vulnerable Web App, Retrieved from https://dvwa.co.uk/
  39. Digital Forensic Center. (Investigation form) Evidence analysis(Appendix No. 11 form), Retrieved from http://cfpa.or.kr/