• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.4
• /
• pp.582-590
• /
• 2022

As security threats caused by cyber attacks continue, security control is mainly operated in the form of a service business with expertise for rapid detection and response. Accordingly, a number of studies have been conducted on the operation of security control services. However, due to the research on the resulting management, indicators, and measurements, the work process has not been studied in detail, causing confusion in the field, making it difficult to respond to security accidents. This paper presents ISMS-P-based service management methods and proposes an easy outsourcing service management method for client by checklisting each item derived from the mapping of 64 items of ISMS-P protection requirements through business relevance analysis. In addition, it is expected to help implement periodic security compliance and acquire and renew ISMS-P in the mid- to long-term, and to contribute to enhancing security awareness of related personnel.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.4
• /
• pp.723-736
• /
• 2022

Steganography is being used as a means of secret communication for crimes that threaten national security such as terrorism and espionage. With the development of computers, steganography technologies develop and criminals produce and use their own programs. However, the research for steganography is not active because detailed information on national security cases is not disclosed. The development of investigation technologies and the responses of criminal law are insufficient. Therefore, in this paper, the detection and decoding process was examined for steganography investigation, and the method was analyzed for 'the spy case of Pastor Kim', who was convicted by the Supreme Court. Multiple security devices were prepared using symmetric steganography using the pre-promised stego key. Furthermore, the three criminal legal issues: (1) the relevance issue, (2) the right to participate, and (3) the public trial issue a countermeasure were considered in national security cases. Through this paper, we hope that the investigative agency will develop analysis techniques for steganography.

• Journal of Advanced Navigation Technology
• /
• v.27 no.4
• /
• pp.453-456
• /
• 2023

Fighter jets employ guided missiles equipped with seekers to counter enemy air threats. Short range guided missiles(SRM) usually carry infrared(IR) seekers and are used to engage targets within visual range. On the other hand, medium range guided missiles(MRM) often utilize radio frequency(RF) seekers to engage targets beyond visual range. Medium range guided missiles do not activate their seekers until they reach the detection range of the seeker, and the aircraft's radar guides them for a certain distance. This guidance method is called Missile Data Link(MDL), and it can be implemented in either one-way or two-way communication modes, depending on the missile's communication system. In this paper, we discuss MDL based on these two communication modes, along with the integration of RADAR, mission computers, and guided missiles.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.62-65
• /
• 2022

NCS(Naval Combat System) is a system that maximizes the combat effectiveness for the naval ships by providing track detection, tracking, thereat analysis, engagement, hit assessment and many other capabilities using ship integrated heterogeneous sensor and weapon systems. In order to achieve the purpose of the NCS, every crew is require to be proficient in the operation of NCS. In accordance with the goal, NCS provides a onboard training function, and the crew conducts system operation proficiency and teamwork training on the ship. Training instructors for control training should have a high standard of training environment control and monitoring capabilities, which need to be studied. This paper studies a 3D display method for visualizing the training situation of training instructors.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.487-498
• /
• 2023

Security incidents using vulnerabilities in cloud services occur, but it is difficult to collect and analyze traces of incidents in cloud environments with complex and diverse service models. As a result, the importance of cloud forensics research has emerged, and infringement response scenarios must be designed from the perspective of cloud service users (CSUs) and cloud service providers (CSPs) based on representative security threat cases in the public cloud service model. This simulated hacking-based proactive cloud infringement response framework can be used to respond to the cloud service critical resource attack process from the viewpoint of vulnerability detection before cyberattacks occur on the cloud, and can also be expected for data acquisition. Therefore, in this paper, we propose a framework for preventive cloud infringement based on simulated hacking by analyzing and utilizing Cloudfox, a cloud penetration test tool.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.199-201
• /
• 2021

The Internet of Things (IoT) is a technology that can organically connect people and things without time and space constraints by using communication network technology and sensors, and transmit and receive data in real time. The IoT used in all industrial fields has limitations in terms of storage allocation, such as device size, memory capacity, and data transmission performance, so it is important to manage power consumption to effectively utilize the limited battery capacity. In the prior research, there is a problem in that security is deteriorated instead of improving power efficiency by lightening the security algorithm of the encryption module. In this study, we proposes a low-power security architecture that can utilize high-performance security algorithms in the IoT environment. This can provide high security and power efficiency by using relatively complex security modules in low-power environments by executing security modules only when threat detection is required based on inspection results.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.947-960
• /
• 2023

In Korea, traditional paper promissory notes are currently undergoing a transformation, being gradually replaced by electronic notes. This transformation is being steered under the Korea Financial Telecommunications Institute, a trusted authority. However, existing electronic systems have security vulnerabilities, including the risk of hacking and internal errors within the institute. To this end, we have defined a novel anonymous electronic promissory note system based on blockchain. We have constructed a concrete protocol and conducted security analysis of our protocol. Note that, in our protocol, every note information is committed so that the note remains undisclosed until the point of payment. Once the note information becomes public on the blockchain, it enables the detection of illicit activities, such as money laundering and tax evasion. Furthermore, our protocol incorporates a feature of split endorsement, which is a crucial functionality permitted by the Korean electronic note system. Consequently, our proposed protocol is suitable for practical applications in financial transactions.

• Journal of Advanced Navigation Technology
• /
• v.28 no.1
• /
• pp.27-36
• /
• 2024

In this paper, we analyze the unified requirements of international association of classification societies - cyber resilience of ships, ahead of implementation of the agreement on July 1, 2024, and respond to ship cyber security and resilience programs based on 5 requirements, 17 details, and documents that must be submitted or maintained according to the ship's cyber resilience,. Measures include document management such as classification certification documents and design documents, configuration of a network with enhanced security, establishment of processes for accident response, configuration management using software tools, integrated network management, malware protection, and detection of ship network security threats with security management solutions. proposed a technology capable of real-time response.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.785-802
• /
• 2017

As cyber threats using malicious code continue to increase, many security and vaccine companies are putting a lot of effort into analysis and detection of malicious codes. However, obfuscation techniques that make software analysis more difficult are applied to malicious codes, making it difficult to respond quickly to malicious codes. In particular, commercial obfuscation tools can quickly and easily generate new variants of malicious codes so that malicious code analysts can not respond to them. In order for analysts to quickly analyze the actual malicious behavior of the new variants, reverse obfuscation(=de-obfuscation) is needed to disable obfuscation. In this paper, general analysis methodology is proposed to de-obfuscate the software used by a commercial obfuscation tool, Themida. First, We describe operation principle of Themida by analyzing obfuscated executable file using Themida. Next, We extract original code and data information of executable from obfuscated executable using Pintool, DBI(Dynamic Binary Instrumentation) framework, and explain the implementation results of automated analysis tool which can deobfuscate to original executable using the extracted original code and data information. Finally, We evaluate the performance of our automated analysis tool by comparing the original executable with the de-obfuscated executable.

• Journal of the Korean Society for Nondestructive Testing
• /
• v.35 no.1
• /
• pp.61-67
• /
• 2015

Recently, the initiation of outside diameter stress corrosion cracking (ODSCC) at the tube support plate region of domestic steam generators (SG) with Alloy600 HTMA tubes has been increasing. As a result, SGs with Alloy600 HTMA tubes must be replaced early or are scheduled to be replaced prior to their designed lifetime. ODSCC is one of the biggest threats to the integrity of SG tubes. Therefore, the accurate evaluation of tube integrity to determine ODSCC is needed. Eddy current testing (ECT) is conducted periodically, and its results could be input as parameters for evaluating the integrity of SG tubes. The reliability of an ECT inspection system depends on the performance of the inspection technique and abilty of the analyst. The detection probability and ECT sizing error of degradation are considered to be the performance indices of a nondestructive evaluation (NDE) system. This paper introduces an optimized evaluation method for ECT, as well as the sizing error, including the analyst performance. This study was based on the results of a round robin program in which 10 inspection analysts from 5 different companies participated. The analysis of ECT sizing results was performed using a linear regression model relating the true defect size data to the measured ECT size data.