• Title/Summary/Keyword: Cyber Security Expert

Search Result 15, Processing Time 0.019 seconds

A Study on the Capability of Cyber Security Education and Training Professional Personnel (사이버보안 교육훈련 전문 인력의 역량에 관한 연구)

  • Eom, Jungho
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.15 no.1
    • /
    • pp.43-51
    • /
    • 2019
  • This research proposed the necessary capability of cyber security professional personnel for cyber security education and training. Cyber security professional personnel were required specialized capability because the curriculum of cyber security education and training is structured around practice and training. Based on the knowledge, skills, and attitudes of professors, we derive candidate capabilities and index through the results of precedent research. As a result, we derived capability such the candidate capability group as teaching qualification, expert knowledge, practical ability, lecture ability, and research ability, and detailed capability index was derived accordingly. Finally, based on the questionnaire results of the professors related to the information security, it was determined that the capability required for the cyber security education and training professional personnel were expert knowledge, practical ability, and lecture ability. Among the capabilities, executive ability means that they have to fulfil abundant executive experience due to the high proportion of practical training due to the characteristics of cyber security education and training.

The Research for Cyber Security Experts (사이버보안 전문가 양성을 위한 연구)

  • Kim, Seul-gi;Park, Dea-woo
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.21 no.6
    • /
    • pp.1137-1142
    • /
    • 2017
  • Cyber hacking attacks and cyber terrorism are damaging to the lives of the people, and in the end, national security is threatened. Cyber-hacking attacks leaked nuclear power cooling system design drawings, cyber accidents such as hacking of Cheongwadae's homepage and hacking of KBS stations occurred. The Act on Information and Communication Infrastructure Protection, Promotion of Information and Communication Network Utilization and Information Protection, and the Personal Information Protection Act remove the responsibility for cyber attacks, but it is difficult to prevent attacks by hackers armed with new technologies. This paper studies the development of cyber security experts for cyber security. Build a Knowledge Data Base for cyber security professionals. Web hacking, System hacking, and Network hacking technologies and evaluation. Through researches on the operation and acquisition of cyber security expert certification, we hope to help nurture cyber security experts for national cyber security.

Development of a Cybersecurity Workforce Management System (사이버 보안 분야 전문가 프로파일 관리 시스템 연구)

  • Ahn, Jun-young;Lee, Seung-hun;Park, Hee-min;Kim, Hyun-chul
    • Journal of the Semiconductor & Display Technology
    • /
    • v.20 no.3
    • /
    • pp.65-70
    • /
    • 2021
  • According to the trend of increasingly sophisticated cyber threats, the need for technology research that can be applied to cyber security personnel management and training systems is constantly being raised not only overseas but also in Korea. Previously, the US and UK have already recognized the need and have been steadily conducting related research from the past. In the United States, by encouraging applications based on related research (NICE Cybersecurity Workforce Framework) and disclosing successful use cases to the outside, it is laying the groundwork for profiling cyber security experts. However in Korea, research on cyber security expert training and profiling is insufficient compared to other countries. Therefore, in this study, in order to create a system suitable for the domestic situation, research and analysis of cases in the United States and the United Kingdom were conducted over the past few years, and based on this, a prototype was produced for the study of profiling technology for domestic cyber security experts.

Effective Response Methods for the Prevention of Cyber-terror in South Korea (한국 사이버테러 방지를 위한 효과적 대응방안)

  • Sung, Yong-Eun;Youn, Byoung-Hoon
    • Convergence Security Journal
    • /
    • v.16 no.2
    • /
    • pp.11-17
    • /
    • 2016
  • The purpose of this research is to explore the effective response methods for the prevention of cyber-terror in South Korea. This research used an analysis of literature research. From the result of this research, the researchers suggested 1) enactment of the 'Cyber-terror Prevention Act' in order to enhance the effectiveness against cyber-terror; 2) establishment of practical control tower for cyber-terror; 3) expansion of the expert training for cyber-terror. The limitations of this research and the recommendations for future research were discussed at the last part of this research.

A Study on the Short Term Curriculum for Strengthening Information Security Capability in Public Sector (공공분야 정보보안 역량 강화를 위한 단기 교육과정 연구)

  • Yun, Joobeom
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.3
    • /
    • pp.769-776
    • /
    • 2016
  • Recently, cyber attacks are continuously threatening the cyberspace of the state across the border. Such cyber attacks show a surface which is intelligent and sophisticated level that can paralyze key infrastructure in the country. It can be seen well in cases, such as hacking threat of nuclear power plant, 3.20 cyber terrorism. Especially in public institutions of the country in which there is important information of the country, advanced prevention is important because the large-scale damage is expected to such cyber attacks. Technical support is also important, but by improving the cyber security awareness and security expert knowledge through the cyber security education to the country's public institutions workers is important to raise the security level. This paper suggest education courses for the rise of the best security effect through a short-term course for the country's public institutions workers.

Advanced approach to information security management system utilizing maturity models in critical infrastructure

  • You, Youngin;Oh, Junhyoung;Kim, Sooheon;Lee, Kyungho
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.12 no.10
    • /
    • pp.4995-5014
    • /
    • 2018
  • As the area covered by the CPS grows wider, agencies such as public institutions and critical infrastructure are collectively measuring and evaluating information security capabilities. Currently, these methods of measuring information security are a concrete method of recommendation in related standards. However, the security controls used in these methods are lacking in connectivity, causing silo effect. In order to solve this problem, there has been an attempt to study the information security management system in terms of maturity. However, to the best of our knowledge, no research has considered the specific definitions of each level that measures organizational security maturity or specific methods and criteria for constructing such levels. This study developed an information security maturity model that can measure and manage the information security capability of critical infrastructure based on information provided by an expert critical infrastructure information protection group. The proposed model is simulated using the thermal power sector in critical infrastructure of the Republic of Korea to confirm the possibility of its application to the field and derive core security processes and goals that constitute infrastructure security maturity. The findings will be useful for future research or practical application of infrastructure ISMSs.

Attacker and Host Modeling for Cyber-Attack Simulation (사이버 공격 시뮬레이션을 위한 공격자 및 호스트 모델링)

  • 정정례;이장세;박종서;지승도
    • Journal of the Korea Society for Simulation
    • /
    • v.12 no.2
    • /
    • pp.63-73
    • /
    • 2003
  • The major objective of this paper is to propose the method of attacker and host modeling for cyber-attack simulation. In the security modeling and simulation for information assurance, it is essential the modeling of attacker that is able to generate various cyber-attack scenarios as well as the modeling of host, which is able to represent behavior on attack concretely The security modeling and simulation, which was announced by Cohen, Nong Ye and etc., is too simple to concretely analyze attack behavior on the host. And, the attacker modeling, which was announced by CERT, Laura and etc., is impossible to represent complex attack excepting fixed forms. To deal with this problem, we have accomplished attacker modeling by adopted the rule-based SES which integrates the existing SES with rule-based expert system for synthesis and performed host modeling by using the DEVS formalism. Our approach is to show the difference from others in that (ⅰ) it is able to represent complex and repetitive attack, (ⅱ) it automatically generates the cyber-attack scenario suitable on the target system, (ⅲ) it is able to analyze host's behavior of cyber attack concretely. Simulation tests performed on the sample network verify the soundness of proposed method.

  • PDF

Design and Implementation of Cyber Attack Simulator based on Attack Techniques Modeling

  • Kang, Yong Goo;Yoo, Jeong Do;Park, Eunji;Kim, Dong Hwa;Kim, Huy Kang
    • Journal of the Korea Society of Computer and Information
    • /
    • v.25 no.3
    • /
    • pp.65-72
    • /
    • 2020
  • With the development of information technology and the growth of the scale of system and network, cyber threats and crimes continue to increase. To cope with these threats, cybersecurity training based on actual attacks and defenses is required. However, cybersecurity training requires expert analysis and attack performance, which is inefficient in terms of cost and time. In this paper, we propose a cyber attack simulator that automatically executes attack techniques. This simulator generates attack scenarios by combining attack techniques modeled to be implemented and executes the attack by sequentially executing the derived scenarios. In order to verify the effectiveness of the proposed attack simulator, we experimented by setting an example attack goal and scenarios in a real environment. The attack simulator successfully performed five attack techniques to gain administrator privileges.

Development and Application of Elementary Information Security Education STEAM Program through Simulation Hacking Play Activities (모의해킹 놀이 활동을 통한 초등 정보보호교육 STEAM 프로그램 개발 및 적용)

  • Park, Namje
    • Journal of The Korean Association of Information Education
    • /
    • v.20 no.3
    • /
    • pp.273-282
    • /
    • 2016
  • The new STEAM program suggested in this paper aims at helping students to have interest in information security engineering experts and to design their career creatively through the project on future promising career. The program was designed to help teachers and students understand the jobs and capabilities required for information security experts through direction and execution of the information security expert project. Teaching tools of information security through simulation hacking play activities based on hexagon cell is designed to provide students with the chance to indirectly experience the job of a computer security expert through an unplugged education. Because the content of cyber security is unfamiliar and difficult to understand, the program is designed to allow students to access the key principle of the job, rather than to describe the technical part. Using this program, students will be able to communicate with each other to solve the problems, to have interest in computer security experts, and to design their careers in a creative manner.

Analysis of e-Learning based Information Security Education Curriculum (e-러닝 기반의 정보보호 교육과정 분석 연구)

  • Lee, Hyung-Woo
    • The Journal of Korean Association of Computer Education
    • /
    • v.8 no.6
    • /
    • pp.13-21
    • /
    • 2005
  • In this study, we study and analysis on e-Learning based Information Security curriculum. e-Learning based university education courses will be much more established in Korea based on advanced IT technology. Computer related majors such as 'Computer Science' and 'Software' can be easily combined with e-Learning system. And Advanced Information Security Expert (AISE) educational course must be broadly opened for satisfying national requirements. In this study, we analyze e-Learning course on Information Security major based on off-line curriculum and suggest new model for further research.

  • PDF