• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1375-1391
• /
• 2012

Smart grid is a next-generation intelligent power grid that applying ICT to power grid to maximize the energy efficiency ratio. Recently, technologies and standards for smart grid are being developed around the world. Information security which is an essential part of smart grid development has to be managed continuously. Information security management system certification for organizational risk management has been implemented in Korea. Although preparation for information security management system certification which is applicable to smart grid is considered, there are no specific methods. This paper is to propose core and added evaluation criteria for Korean smart grid based on K-ISMS through comparative analysis between ISMS operated in Korea and smart grid information security management system developed in the United States. Added evaluation criteria enable smart grid related business that certified existing ISMS to minimize redundant and unnecessary certification assessment work.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.21 no.4
• /
• pp.15-23
• /
• 2021

In most hacking attacks, hackers intrudes inside for a long period of time and attempts to communicate with the outside using a circumvent connection to achieve purpose. research in response to advanced and intelligent cyber threats has been mainly conducted with signature-based detection and blocking methods, but recently it has been extended to threat hunting methods. attacks from organized hacking groups are advanced persistent attacks over a long period of time, and bypass remote attacks account for the majority. however, even in the intrusion detection system using intelligent recognition technology, it only shows detection performance of the existing intrusion status. therefore, countermeasures against targeted bypass rwjqthrwkemote attacks still have limitations with existing detection methods and threat hunting methods. in this paper, to overcome theses limitations, we propose a model that can detect the targeted circumvent connection remote attack threat of an organized hacking group. this model designed a threat hunting process model that applied the method of verifying the origin IP of the remote circumvent connection, and verified the effectiveness by implementing the proposed method in actual defense information system environment.

• Journal of Internet Computing and Services
• /
• v.23 no.1
• /
• pp.87-93
• /
• 2022

Since 99% of PCs operating in the defense domain use the Windows operating system, detection and response of Window-based malware is very important to keep the defense cyberspace safe. This paper proposes a model capable of detecting malware in a Windows PE (Portable Executable) format. The detection model was designed with an emphasis on rapid update of the training model to efficiently cope with rapidly increasing malware rather than the detection accuracy. Therefore, in order to improve the training speed, the detection model was designed based on a Bidirectional LSTM (Long Short Term Memory) network that can detect malware with minimal sequence data without complicated pre-processing. The experiment was conducted using the EMBER2018 dataset, As a result of training the model with feature sets consisting of three type of sequence data(Byte-Entropy Histogram, Byte Histogram, and String Distribution), accuracy of 90.79% was achieved. Meanwhile, it was confirmed that the training time was shortened to 1/4 compared to the existing detection model, enabling rapid update of the detection model to respond to new types of malware on the surge.

• Journal of Aerospace System Engineering
• /
• v.15 no.3
• /
• pp.65-70
• /
• 2021

This study presents a method to efficiently advance the Republic of Korea's Unmanned Systems through the analysis of the development of the U.S. Unmanned System Policy. After the occurrence of the September 11 attacks, the U.S. developed Unmanned Systems as a part of RMA and became the leader in this area. The system went through numerous trials and errors during the development and acquisition. From these experiences, the U.S. had embodied Unmanned Systems acquisition methods by establishing Unmanned Systems Development Guidance and DoD Autonomy Community of Interest in 2012. In addition, as diverse unmanned programs started to proceed, it promoted Core Technology development sharing and simplification of functions of the Unmanned Systems to exclude budget-wasting elements such as duplication of programs. The Republic of Korea must politically build a collaborative system between industry/academia/research institute/military and apply evolutionary development strategies from the first step of the development of the Unmanned Systems the future Game Changer. In operations, concepts of the Manned/Unmanned Systems complex operation should be established and intelligent S/W, Open System, and Cyber Security technologies to materialize them developed.

• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.151-162
• /
• 2021

Steganography is an advanced technique that hides secret messages by transforming them into subtle noise and spreading them within multimedia files such as images, video and audio. This technology has been exploited in a variety of espionage and cyber attacks. SNS messenger is an attractive SNS Service platform for sending and receiving multimedia files, which is the main medium of steganography. In this study, we proposed two noble steganography communication techniques that guarantee the complete reception rate through the use of thumbnail images in the SNS messenger environment. In addition, the feasibility was verified through implementation and testing of the proposed techniques in a real environment using KakaoTalk, a representative SNS messenger in south korea. By proposing new steganography methods in this study, we re-evaluate the risk of the steganography methods and promoted follow-up studies on the corresponding defense techniques.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.49-58
• /
• 2022

As military service members are fully permitted to use mobile phones for sickness after work, it is time to minimize the direct collection of personal information from telecommunication companies when opening mobile phones to secure the safety of military service personnel's personal information. Prior to introducing the use of mobile phones by soldiers after work, the Ministry of National Defense established a security control system such as blocking the mobile phone shooting function to prevent security accidents and concerns about some adverse functions such as illegal cyber gambling, game addiction, and viewing pornography. come. Mobile telecommunications companies entrust personal information processing tasks, such as opening mobile phones, to telecommunications agencies and carry out management and supervision, such as checking the status of personal information protection measures. When a military service member opens a mobile phone, a personal information management agency is newly established using the right to portability of personal information, and a system for requesting the transmission of personal information from the military service member is proposed.

• Convergence Security Journal
• /
• v.23 no.3
• /
• pp.73-81
• /
• 2023

The progress in science and technology has widened the scope of the battlefield, leading to the emergence of cyber electronic warfare that exploits electromagnetic waves and networks. Drones have become more important due to advancements in battery technology and navigation systems. Nevertheless, tackling drone threats comes with its own set of difficulties. Radar plays a vital role in detecting drones, offering long-range capabilities and independence from weather conditions. However, the battlefield presents unique challenges like dealing with high levels of signal noise and ensuring the safety of the detection assets. This paper proposes various approaches to improve the operation of drone detection radar in cyber electronic warfare, with a focus on enhancing signal processing techniques, utilizing low probability of interception (LPI) radar, and implementing optimized deployment strategies.

• Journal of Korea Society of Industrial Information Systems
• /
• v.29 no.3
• /
• pp.23-40
• /
• 2024

Hardware attacks involve physical reverse engineering efforts to steal sensitive information, such as encryption keys and circuit designs. Encryption and obfuscation are representative countermeasures, but they are nullified if adversaries manage to find the key. To address this issue, we propose e-Cryptex, which utilizes a Physically Unclonable Function (PUF) as an anti-tampering shield. PUF acts as a random number generator and relies on unique physical variants that cannot be replicated or restored to enhance anti-tampering mechanisms. e-Cryptex uses PUF as a shield to protect the system's structure and generate the key. Tampering with the shield will result in the destruction of the key. This paper demonstrates that e-Cryptex meets PUF security requirements and is effective in detecting of tampering attempts that pierce or completely destroy the shield. Each board consistently generates the same key under normal conditions, while also showing key uniqueness across different boards.

• Korean Security Journal
• /
• no.58
• /
• pp.215-241
• /
• 2019

This study approached the military security problem from the viewpoint of social psychology in view of the fact that the military security problem has been focused on the technical field such as cyber security along with the development of defense science and technology. In this background, we examined the causal relationship between variables after extracting variables affecting the security problem of the military through previous research. The significance of the study results is as follows. First, the military culture has a direct and indirect influence on improving the willingness to adhere to security and the security level of military organizations, as well as contributing to the establishment of military values. This indicates that the overall organizational culture of the current military is influencing the security consciousness of the soldiers and the achievement of organizational security, while at the same time showing the need for effort to create the right organizational culture. Second, the values of soldiers had a positive effect on the willingness of the individual to obey the security and the security performance. Values begin with an understanding of organizational culture and indicate that efforts can be made to establish an organizational security posture when the right values are formed. Third, we have improved the completeness of the study by verifying the causal relationship by extracting variables that correspond to the context of the ROK military.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.12
• /
• pp.471-480
• /
• 2016

Recently, the damage of cyber attack toward infra-system, national defence and security system is gradually increasing. In this situation, military recognizes the importance of cyber warfare, and they establish a cyber system in preparation, regardless of the existence of threaten. Thus, the study of Intrusion Detection System(IDS) that plays an important role in network defence system is required. IDS is divided into misuse and anomaly detection methods. Recent studies attempt to combine those two methods to maximize advantagesand to minimize disadvantages both of misuse and anomaly. The combination is called Hybrid IDS. Previous studies would not be inappropriate for near real-time network environments because they have computational complexity problems. It leads to the need of the study considering the structure of IDS that have high detection rate and low computational cost. In this paper, we proposed a Hybrid IDS which combines C4.5 decision tree(misuse detection method) and Weighted K-means algorithm (anomaly detection method) hierarchically. It can detect malicious network packets effectively with low complexity by applying mutual information and genetic algorithm based efficient feature selection technique. Also we construct upgraded the the hierarchical structure of IDS reusing feature weights in anomaly detection section. It is validated that proposed Hybrid IDS ensures high detection accuracy (98.68%) and performance at experiment section.