• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.71-81
• /
• 2021

This paper examines the ongoing research on ways to improve cybersecurity during the entire life cycle of weapons systems applied in advanced countries such as the United States, analyzes restrictions on obtaining domestic weapons systems, and presents effective security evaluation measures. By consistently performing mission-based risk assessment in the cybersecurity test and evaluation plan suitable for domestic circumstances at all stages of acquisition, important information is provided to major decision-making organizations in a timely manner to support decision-making, and to respond to identified vulnerabilities in cybersecurity. It is proposed to set the rules of engagement so that the protection measures can be verified, and a simulated invasion is proposed. In addition, the proposed cybersecurity test and evaluation system was compared with the domestic weapon system test and evaluation. Through this, the mission-based risk assessment element was grafted into the cybersecurity test and evaluation system research conducted so far to identify risks in a timely manner between acquisition projects, thereby supplementing the capability to support major decision-making.

• Convergence Security Journal
• /
• v.10 no.4
• /
• pp.83-91
• /
• 2010

Information security is a critical issue for national defense. This paper provides a result of a study on the countermeasures to the North Korean Asymmetric Strategy-'Cyber Surprise Attack'. After the attack on Yeonpyeong island, the North Korea threatened there will be more surprise attack to the South Korea. Based on the analysis of 'Stuxnet' cyber attack to Iran and China, the North Korean surprise attack may be 'Stuxnet'class cyber attack. This paper several strategic countermeasures in order to overcome the anticipated the North Korean cyber surprise attack.

• Convergence Security Journal
• /
• v.9 no.1
• /
• pp.29-37
• /
• 2009

According to Homeland Security Act of 2002, DHS in USA is comprehensively responsible for execution of protection methods on the public and private sectors against cyber attack for USA cyber crisis management. There are different laws and organizations according to the sector that is the public, the private, CII(Critical Information Infrastructure, or Non-CII in Korea. In this paper, we show the unified cyber crisis management of USA makes korea realize the importance to integration and systematization for the national cyber crisis management system.

• Review of KIISC
• /
• v.25 no.6
• /
• pp.53-58
• /
• 2015

방산업체에 대한 해킹사고 및 방산기밀 유출을 예방하기 위한 보안활동은 방산업체뿐만 아니라 국가안보 차원에서도 매우 중요한 문제다. 반면, 방산업체 대상 보안지원활동은 조직 전체가 아닌 시설 및 정보시스템 중심으로 수행되고 있어 조직 전체적인 정보보호수준을 제고하고 사이버위협에 대한 대응능력을 확충하는데는 한계가 있다. 이에 본 논문에서는 방산업체의 보안수준을 근본적으로 향상시키기 위한 방안으로 대내 외에서 널리 활용되고 있는 ISMS 인증제도를 분석하고 이를 토대로 민간 ISMS에 기반한 방산업체 ISMS 적용방안을 제안한다.

• Korean Security Journal
• /
• no.61
• /
• pp.59-85
• /
• 2019

In the reality that the boundary between the real world and the virtual world disappears with the 4th Industrial Revolution, cyber crimes that occur beyond time and space have clear limitations in fulfilling their duties only with the police force of government organizations established under the real law system. The research method of this thesis is based on the literature research and the experience of security work. The purpose of this paper is to establish a social system where collective intelligence of each social field can participate voluntarily to respond to cyber crimes occurring beyond the time and space before the law and institutionalization. In addition, the social system in which collective intelligence in each social sector can participate voluntarily was established to define crime types in cyberspace in real time and to prevent crimes defined by the people themselves and the counter-measures had been proposed in order to form social consensus. First, it is necessary to establish a collective intelligent network-type cyberpolice volunteer system. The organization consists of professors of security and security related departments at universities nationwide, retired public officials from the National Intelligence Service, the National Police Agency, and the National Emergency Management Agency, security companies and the organizations, civilian investigators, security & guard, firefighting, police, transportation, intelligence, security, national security, and research experts. Second, private sector regulation should be established newly under the Security Business Act. Third, the safety guard of the collective intelligent cyberpolice volunteer system for the stability of the people's lives should strengthen volunteer work. Fourth, research lessons and legal countermeasures against cybercrime in advanced countries should be introduced. Fifth, the Act on the Protection of Personal Information, the Act on Promotion of Information and Communication Network Utilization and Information Protection, the Act on the Utilization and Protection of Credit Information, and the Special Act on the Materials and Parts Industry should be amended. Sixth, police officers should develop cybercrime awareness skills for proactive prevention activities.

• Convergence Security Journal
• /
• v.16 no.5
• /
• pp.11-16
• /
• 2016

In modern society, the development of Information and Communication Technology has given people a lot of opportunities. But on the other side cyber attack also gives enormous damage to people. Recently Korea has become the target of cyber attack. The threat of it is growing. Especially North Korea has committed hostile actions against South Korea. North Korea has recently attacked the computer networks of South Korea's important national facilities. The types of North Korea's cyber attacks include the followings. First, if we see it with the viewpoint of software, it tries to destroy or control the Internet, infects the networks with viruses, worms, Trojan Horse and Distributed Denial of Service. I suggest the following to solve the problem. First, South Korea should unify the organizations to respond to the attacks of North Korea, as North Korea has a unified organization for the cyber attack. Second, they should think about the establishment of "Cyber Terrorism Prevention Act" to systematically respond to the software attacks.

• Proceedings of the Korean DIstribution Association Conference
• /
• 1997.07a
• /
• pp.1-18
• /
• 1997

“전자상거래(Electronic Commerce)”라는 용어는 사용자에 따라서 조금씩 다른 의미로 사용되고 있다. 광의로 해석하자면 상품과 서비스의 질을 높이고 신속한 서비스를 하는 동시에 비용은 절감하고자 하는 조직, 판매자, 소비자를 위한 최신 경영 방법론이라고 정의할 수 있다. 유통분야에서 전자상거래는 POS와 EDI를 적절히 활용하여 수송과 배송이 효율적으로 이루어 질 수 있게 함으로써 경쟁력을 높이는 활동을 의미하였다. (중략)

• Korean Security Journal
• /
• no.46
• /
• pp.63-86
• /
• 2016

The object of this study is to propose a study on the Private Investigator usage for Cyber Crime. The latest trend of cyber crime is being evolve in sophisticated and complex way over the global, like internet fraud, cyber gambling, hacking and etc. Hence national investigative authority mobilize high specialized skills and method of criminal investigation by each nation. But it is hard to respond in rapid and effective way because of propoor, distribution of group and insufficient of related legal system. Already in other countries, not considerable amount of services are given to private investigators in detection and tracking part which is inefficient by nation. So it has significantly meaningful to compensate the defect and study about private investigator usage as companion of cooperation policing for effectively respond to cyber-crime. The way to effectively deal with the cyber-crime is reevaluate meaning of partnership policing and need of private investigator usage. Also it is to analyze the main issue about introduction of a system and suggest the effective way of introduction. First, legislation of private investigator usage which is based upon partnership policing should be made up. Moreover, to establish the range of private investigator's business and enhance the reliability, it is to propose introduction of leading professional global certificate and license system with sufficient education and test. We are expecting introduction of private investigator usage can improve efficiency of investigation and promote effective countermeasures of cyber-crime.

• Korean Security Journal
• /
• no.9
• /
• pp.237-260
• /
• 2005

Development of IT technology as well as arrival of information-oriented society raise the curtain of 'the era of Ubiquitous Computing', implying accessing computers beyond boundary of time and space. In this era, it is expected that IT paradigms and life-styles would be transformed immensely above the experiences of 20th century. However, improvement of technology summons a new risk of cyber terrorism which have not been in the past. Thus, it is urgent to prepare for the threats in the national level. This paper point out five major threats relating to 'the security in the era of Ubiquitous Computing'. : First, spread of threats in connection with BcN establishment, second, vulnerable information-security for wireless communication, third, leakage of private information, fourth, cyber terror and deterioration of security, fifth, security problems of Korea including the drain of military information and solutions in the views of organization, personnel, technology and budget, comparing with other countries.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.3
• /
• pp.605-612
• /
• 2011

Recently, cyber attacks against public communications networks are getting more complicated and varied. Moreover, in some cases, one country could make systematic attacks at a national level against another country to steal its confidential information and intellectual property. Therefore, the issue of cyber attacks is now regarded as a new major threat to national security. The conventional way of operating individual information security systems such as IDS and IPS may not be sufficient to cope with those attacks committed by highly-motivated attackers with significant resources. In this paper, we discuss the technologies and standard trends about actual cyber threat and response methods, design the collaborative response framework based on the security information sharing in the inter-domain environments. The computation method of network threat level based on the collaborative response framework is proposed. The network threats are be quickly detected and real-time response can be executed using the proposed computation method.