• The Journal of the Convergence on Culture Technology
• /
• v.8 no.4
• /
• pp.121-125
• /
• 2022

As the technologies of the 4th industrial revolution develops, spatial information is becoming digitized. Now, even with a smartphone, we can easily identify the location of national & military critical facilities located in the mega cities. As a result, mega cities' national & military critical facilities were exposed to not only traditional threats, but also non-traditional threats such as terrorism, cyber hacking, and criminal activities. This study suggests a way to protect national & military critical facilities of mega cities from such threats. Considering limitation of time & resources, protecting perfectly all national & military critical facilities is impossible, so we should focus on their critical nodes. Specifically, We suggest ways to protect the critical nodes by converging some measures such as design & arrangement in harmony with the surrounding environment, underground construction & covering, and visual deception. Transparency of digital spatial information will further increase with the advent of urban air mobility and autonomous vehicles in the future. Therefore, in order to prepare for future threats, we should take measures to minimize the exposure of critical nodes.

• Journal of Aerospace System Engineering
• /
• v.15 no.3
• /
• pp.65-70
• /
• 2021

This study presents a method to efficiently advance the Republic of Korea's Unmanned Systems through the analysis of the development of the U.S. Unmanned System Policy. After the occurrence of the September 11 attacks, the U.S. developed Unmanned Systems as a part of RMA and became the leader in this area. The system went through numerous trials and errors during the development and acquisition. From these experiences, the U.S. had embodied Unmanned Systems acquisition methods by establishing Unmanned Systems Development Guidance and DoD Autonomy Community of Interest in 2012. In addition, as diverse unmanned programs started to proceed, it promoted Core Technology development sharing and simplification of functions of the Unmanned Systems to exclude budget-wasting elements such as duplication of programs. The Republic of Korea must politically build a collaborative system between industry/academia/research institute/military and apply evolutionary development strategies from the first step of the development of the Unmanned Systems the future Game Changer. In operations, concepts of the Manned/Unmanned Systems complex operation should be established and intelligent S/W, Open System, and Cyber Security technologies to materialize them developed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1205-1214
• /
• 2021

Edge Computing is used as a solution to the cost problem and transmission delay problem caused by network bandwidth consumption that occurs when IoT/CPS devices are integrated into the cloud by performing artificial intelligence (AI) in an environment close to the data source. Since edge computing runs on devices that provide high-performance computation and network connectivity located in the real world, it is necessary to consider application integrity so that it is not exploited by cyber terrorism that can cause human and material damage. In this paper, we propose a technique to protect the integrity of edge computing applications implemented in a script language that is vulnerable to tampering, such as Python, which is used for implementing artificial intelligence, as container images and then digitally signed. The proposed method is based on the integrity protection technology (Docker Contents Trust) provided by the open source container technology. The Docker Client was modified and used to utilize the whitelist for container signature information so that only containers allowed on edge computing devices can be operated.

• KNOM Review
• /
• v.22 no.1
• /
• pp.11-19
• /
• 2019

As technology develops, the latest security threats on the network applied to users are increasing. By attacking industrial or corporate systems with malicious purposes, hackers cause many social problems such as confidential information leakage, cyber terrorism, infringement of information assets, and financial damage. Due to the complex and diversified threats, the current security personnel alone are not enough to detect and analyze all threats. In particular, the Supervisory Control And Data Acquisition (SCADA) used in industrial infrastructures that collect, analyze, and return static data 24 hours a day, 265 days a year, is very vulnerable to real-time security threats. This paper introduces security information and event management (SIEM), a powerful integrated security management system that can monitor the state of the system in real time and detect security threats. Next, we compare SIEM solutions from various companies with the open source SIEM (OSSIM) from AlienVault, which is distributed as an open source, and present cases using the OSSIM and how to utilize it.

• The Korean Journal of Air & Space Law and Policy
• /
• v.26 no.2
• /
• pp.3-39
• /
• 2011

People may operate unmanned aerial vehicles (UAVs or drones) thousands of miles from the drone's location. Drones were first used (like balloons) for surveillance. By 2001, the United States began arming drones with missiles and using them to strike targets during combat in Afghanistan. By mid-2010, over forty states and other entities possessed drones, many with the capability of launching missiles and dropping bombs. Each new development in military weapons technology invites assessment of the relevant international law. This Insight surveys the international law applicable to the recent innovation of weaponizing drones. In determining what international law rules govern drone use, the most salient feature is not the fact that drones are unmanned. The fact drones carry no human operator may be the most important new technological breakthrough, but the key feature for international law purposes is the type of weaponry drones carry. Whether law enforcement rules govern drone use depends on the situation and not necessarily who is operating the drone. Battlefield weapons may also be lawfully used before an armed conflict in the following situations: when initiating self-defense under Article 51 of the United Nations Charter; when authorized by the UN Security Council; when a government seeks to suppress internal armed conflict; and, perhaps, when a state is invited to assist a government in suppressing internal armed conflict. The rules governing resort to force in self-defense are found in Article 51 of the UN Charter and a number of decisions by international courts and tribunals. Commentators continue to debate whether drone technology represents the next revolution in military affairs. Regardless of the answer to that question, drones have not created a revolution in legal affairs. The current rules governing battlefield launch vehicles are adequate for regulating resort to drones. More research must be undertaken, however, to understand the psychological effects of deploying unmanned vehicles and the effects on drone operators of sustained, close visual contact with the aftermath of drone attacks.

• Journal of Korean Society of Disaster and Security
• /
• v.9 no.2
• /
• pp.87-91
• /
• 2016

In recent years, lots of damages appear frequently due to cyber terrorism and natural disasters such as typhoon 'Chaba', earthquake at Kyeongju. The damages lead to people's anxiety and public institutions connected directly with them also can't be free from the threat situation. In addition, public institutions must prepare business continuity issues with the highest priority in the event of disasters because they are closest with people's safety. However, preceding researches suggest needs of disaster mitigation activities management system or central office oriented top-down BCP establishing system. In this study, We grasp the current status of public institutions's business continuity plan(BCP) against disaster and we propose an efficient bottom-up method for structuring the BCP of public institutions.

• Journal of Korean Society of Disaster and Security
• /
• v.11 no.2
• /
• pp.9-15
• /
• 2018

From natural disasters such as floods, heavy rains, and strong winds and social disasters such as 911 U.S. terrorism and cyber attacks that could have a fatal impact on corporate continuity, it is necessary to introduce and implement a Business Continuity Management System (BCMS) within a firm to maintain continuity of business and to change the organizational structure for an emergency state in order to operate and manage it systematically and efficiently. therefore, this study analyzed and verified the impact of introducing a Business Continuity Management System (BCMS) on the change in the recognition structure of an organization in four categories, including personal recognition, organizational culture, organizational structure, and organizational strategy, in order to analyse the impact and effect of introducing a Business Continuity Management System (BCMS) on the change in the recognition structure of each category. through this study, we believe that the introduction of a Business Continuity Management System (BCMS) within a firm could effectively change the organization's perception of an emergency state and help it maintain its continuity as well as improve its value.

• Convergence Security Journal
• /
• v.18 no.2
• /
• pp.167-177
• /
• 2018

Major countries, such as the U.S., UK and Germany have reformed their national intelligence systems in the face of transnational, asymmetric and comprehensive threats since September 11, 2001 and have strengthened the intelligence capacity involved in countering terrorism and WMD proliferation, right/left extremism threats. The Korean Moon Jae-in government is preparing a reform plan to eliminate illegal political intervention and abuse of power by the National Intelligence Service(NIS) and to rebuild it as an efficient national intelligence agency for national security. In discussing the reform direction of the NIS, it is necessary to discuss in detail whether adopting a separate model of intelligence agencies to restrict domestic intelligence activities of the NIS and concentrate on foreign intelligence activities or establish new domestic intelligence agencies. Second, as for the issue of transferring anti-Communism investigation authority of the NIS to the police, it needs to be carefully considered in terms of balancing the efficiency and professionalism of intelligence agency activity in the context of North Korea's continuous military provocation, covert operations and cyber threats. Third, it should strive to strengthen the control and supervision functions of the administration and the National Assembly to ensure the political neutrality of the NIS in accordance with the democratization era, to guarantee citizens' basic rights and to improve the transparency of budget execution.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.61-75
• /
• 2011

Recently, there is significant increasing of massive attacks, which try to infect PCs that visit websites containing pre-implanted malicious code. When visiting the websites, these hidden malicious codes can gain monetary profit or can send various cyber attacks such as BOTNET for DDoS attacks, personal information theft and, etc. Also, this kind of malicious activities is continuously increasing, and their evasion techniques become professional and intellectual. So far, the current signature-based detection to detect websites, which contain malicious codes has a limitation to prevent internet users from being exposed to malicious codes. Since, it is impossible to detect with only blacklist when an attacker changes the string in the malicious codes proactively. In this paper, we propose a novel approach that can detect unknown malicious code, which is not well detected by a signature-based detection. Our method can detect new malicious codes even though the codes' signatures are not in the pattern database of Anti-Virus program. Moreover, our method can overcome various obfuscation techniques such as the frequent change of the included redirection URL in the malicious codes. Finally, we confirm that our proposed system shows better detection performance rather than MC-Finder, which adopts pattern matching, Google's crawling based malware site detection, and McAfee.

• Korean Security Journal
• /
• no.31
• /
• pp.157-185
• /
• 2012

Today, the emergence of cyberspace and advancement of globalization caused not only the transformation of our productive and conventional life but also the revolutionary transition of use of destructive violence such as crime and warfare. This transition of environmental condition connects various security threats which separatedly existed in individual, local, national, and global levels in the past, and transformed the mechanical sum of all levels of security threats into the organic sum of multi-dimensional security threats. This article proposes that the sum of multi-dimensional security threats is caused by the interconnectivity of various different levels of security threats and the integrated interdisciplinary perspective is essential to properly understand the fundamental existence of today's security problem and the reality of fear that we face today. The holistic security, the concept proposed here, is to suggest the mode of networked response to multi-dimensional security threats. The holistic security is suggested to overcome the conventional divisional approach based on the principle of "division of labor" and bureaucratic principles, which means more concretely that national security and criminal justice are divided and intelligence, military, police, prosecution, fire-fighting, private security, and etc. are strictly separated into its own expertise and turf. Also, this article introduces integrated security approaches tried by international organization and major countries overseas with the respect of the holistic security. The author have spent some substantial experience of participant observation, meetings, seminar, conference, and expert interviews regarding the issues discussed in the article in various countries including the United States, Russia, Austria, Germany, Canada, Mexico, Israel, and Uzbekistan for the last ten years. Intelligence and information on various levels of security threats and security approaches introduced in this paper is obtained from such opportunities.