• Korean Security Journal
• /
• no.54
• /
• pp.9-35
• /
• 2018

During the recent years, cyber attacks have been increasing both in the private sector and the government. Those include the DDOS cases in 2009, the Blue House cyber attack, bank hackings etc. Cyber threats are becoming increasingly serious. However, there is no basic law related to cyber security at present, and regulations related to cyber security are scattered in various domestic laws. This can lead to confusion in the application of the law and difficult to grasp the regulations related to cyber security. In order to overcome this situation, the bill on the prevention and countermeasures against cyber crisis was initiated in 2006, but it has been abrogated. Since then, it has been repeatedly proposed, but it has been abrogated repeatedly due to the overlapping of existing laws and concerns about infringement of personal information. The most recent initiative was the National Cyber Security Act, which was initiated by the government in January 2017. The act focuses on resolving the absence of a basic law related to cyber security, strengthening its responsiveness in the event of a cyber security crisis, and fostering security strength. Therefore, this study seeks to contribute to the establishment of National Cyber Security legislation as a basic law of cyber security by examining the necessity of National Cyber Security legislation through comparative legal analysis with existing domestic laws related to cyber security and suggesting policy implications.

• Proceedings of KOSOMES biannual meeting
• /
• 2008.05a
• /
• pp.1-4
• /
• 2008

근년 일본, 캐나다, 호주, 미국, EU(주로 노르웨이, 영국) 등에서 인공위성을 이용한 해양 안전의 확보를 위한 연구개발이 진행되고 있으며, 일부 실해역 적용의 분야도 도출되고 있는 실정이다. 9.11테러 이후, 국제해사기구에서도 해상보안의 문제는 주요 이슈로 대두되어, 해상보안에의 활용 기술 개발이 먼저 시작되었다. 그 외, 밀입국 선박 감시 덴 해양오염 모니터링이 주요 활용분야이다. 간단하게 요약하면 다음과 같다. -노르웨이: Norwegian Defence Hesearch Establishment(NDRE)에서 주도적으로 선박 탐지 실험 및 기술 개발을 실시. 주로, ESA의 위성을 활용. 국가 보안의 목적으로는 적용을 하고 있음. -캐나다: 캐나다에서 소유하고 있는 RADARSAT을 이용하여 가장 많은 실험을 실시함. 영상을 처리하고 결과에 대한 평가를 수행하기 위한 시스템(Ocean Monitoring Workstation, OSM)을 개발하여 보급에 주력. -호주: 주로 캐나다의 위성 및 시스템의 적용을 하고 있음 영해 및 환경 감시의 역할을 수행. Coastwatch조직을 만들어 해상 감시활동을 하고 있음. -영국: 데이터 취득 후, 2.5시간 이내에 선박의 위치를 전송하는 인터페이스를 개발함. 일본의 경우, 다른 선진국에 비해서는 다소 늦게 시작되었다. 2003년 발간된 '재해 등에 대응한 인공위성이용기술에 관한 종합보고서'를 시작으로 정보수집위성 4기 및 지구관측위성을 이용한 해양 감시 활동이 시작되었다. 또한, 제 3기 과학기술기본계획(2006-2012)내에 해양 불법침입 탐지 기술 개발 항목이 반영되어 있다. 유럽의 해상보안서비스(MARISS)의 사용자 워크숍이 ESA ESRIN(이탈리아 프라스카티)에서 2008년 1월 22일 열렸다. 실질적인 내용은, '해상보안을 위한 우주 시스템'에 관한 것으로 인공위성 이용하는데 있어 설계안 및 데이터 이용 컨셉을 제시하는 것이었다. 여기서 중요한 것은 국가간의 협력이 절대적으로 필요하며, 기존의 시스템과의 통합에 있어 신뢰성을 어떻게 확보하는가에 있다고 할 수 있다. 또한, 보안과 환경모니터링의 기능이 분리되어 진행되고 있는 부분에 대한 정보 통합 방향도 제기되었다. 국내에서도 AIS와 SAR정보의 결합에 관한 검토는 이루어졌으며, 이를 바탕으로 EU와 같은 시스템의 구축(조직과 연구개발)을 위한 실질적인 검토가 필요하다.

• Journal of Digital Convergence
• /
• v.11 no.1
• /
• pp.39-45
• /
• 2013

Recently, the rate of dependence on information system in company is increase through domestic and international trends with the cases of developed similar institutions. In this paper, we analysis current state of company that protect company information resources from disaster, rapid and systematic recovery and business continuity strategic planning. Especially, proposed model was designed. disaster emergency response capacity to enhance disaster preparedness simulation training for standardized measures were established and maintained. In addition, operational continuity, building on the methodology to meet the international standard methodology is presented.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.297-302
• /
• 2004

Internet becomes absolutely necessary tools due to rapid progress of information technology. Educational correspondence abount an age of information demand is a education focused on a learner and remote education based on information technology. WBI(Web Based Instruction) is a formation that remotly educate a learner using web, possible mutual reaction between instructor and learner, submint various studying material, has a good point to overcome spatial restriction. Internal and external standardization working is accelerated and recently XML security studies are activated using XML which is next generation web standard document format. And XML electronic signature raise interworking between digital signature systems used by various field of using XML document. Using these merit and complementing defect are main contents that users have to pay about Certification service to get CA certificate from 2004 june. This paper propose multiplex Certification remote education agent system using XML digital signature to satisfy security requirement.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.11 no.2
• /
• pp.209-214
• /
• 2018

The subway, which is an urban railway, is the core of public transportation. Urban railways are always exposed to serious problems such as theft, crime and terrorism, as many passengers use them. Especially, due to the nature of urban railway environment, the scope of surveillance is widely dispersed and the range of surveillance target is rapidly increasing. Therefore, it is difficult to perform comprehensive management by passive surveillance like existing CCTV. In this paper, we propose the implementation, design method and object recognition algorithm for intelligent object recognition system in urban railway. The object recognition system that we propose is to analyze the camera images in the history and to recognize the situations where there are objects in the landing area and the waiting area that are not moving for more than a certain time. The proposed algorithm proved its effectiveness by showing detection rate of 100% for Selected area detection, 82% for detection in neglected object, and 94% for motionless object detection, compared with 84.62% object recognition rate using existing Kalman filter.

• Journal of Digital Contents Society
• /
• v.18 no.6
• /
• pp.1009-1015
• /
• 2017

Recently, video surveillance is becoming more and more common as many camera are installed due to crime, terrorism, traffic and security. And systems that control cameras are becoming increasingly general. Video input from the installed camera is monitored by the multiscreen at the central control center, it is essential to simultaneously monitor multiscreen in real-time to quickly respond to situations or dangers. However, monitoring of multiscreen in a mobile environment such as a smart phone is not applied to hardware specifications or network bandwidth problems. For resolving these problems, in this paper, we propose a system that can monitor multiscreen in real-time in mobile-phone environment. We reconstruct the desired multiscreen through transcoding, it is possible to monitor continuously video streaming of multiple cameras, and to have the advantage of being mobile in mobile-phone environment.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.259-265
• /
• 2004

Since the 2003.1.25 Internet Crisis, the government has been looking at a number of options to strengthen national cyber-security/crisis management capability to guard against ever increasing threat of cyber-war and terror. Thus, the focus of this study was to explorer new ways of developing a comprehensive cyber-security/crisis management system, in particular by combining modern social-science analytic theories. As a result, although there has to be more in-depth researches into incorporating advanced techniques to generate more detailed and object-specific indexes and protocols, the use of 'event data system,' which has been widely utilized in many recent social science researches to assess a wide-range of socio-political risks and crises, could be adopted as a basis for a comprehensive nationwide cyber-risk management system.

• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.3-10
• /
• 2013

Cyber attacks are threats to national security. Today, cybersecurity threats have various types, the theft or spread of privacy and national secret, the realization of direct attacks to infrastructure and the hacktivism with political or social objectives. Furthermore, There are special situations in South Korea because of North Korea's threats. Thus, It is necessary to handle cybersecurity as a kind of national security problem. It is a time to identify problems of governance system in cybersecurity and to improve related Acts and subordinate statutes. There are several tasks for legal improvement for governance system in cybersecurity. They are improving legal bases for the roles of the relevant authorities in cybersecurity, consolidating national joint response to cyber accidents, establishing and vitalizing information sharing system, constructing foundation of cybersecurity through industry promotion and manpower development, and acquiring defensive tools by enhancement research an development. In order to address these challenges, it is necessary to pay much attention to enactment and to revision laws and to practice legislative procedure.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.839-850
• /
• 2014

As the social and financial damages caused by APT attack such as 3.20 cyber terror are increased, the technical solution against APT attack is required. It is, however, difficult to protect APT attack with existing security equipments because the attack use a zero-day malware persistingly. In this paper, we propose a host based anomaly detection method to overcome the limitation of the conventional signature-based intrusion detection system. First, we defined 39 features to identify between normal and abnormal behavior, and then collected 8.7 million feature data set that are occurred during running both malware and normal executable file. Further, each process is represented as 83-dimensional vector that profiles the frequency of appearance of features. the vector also includes the frequency of features generated in the child processes of each process. Therefore, it is possible to represent the whole behavior information of the process while the process is running. In the experimental results which is applying C4.5 decision tree algorithm, we have confirmed 2.0% and 5.8% for the false positive and the false negative, respectively.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.5
• /
• pp.637-647
• /
• 2020

Airports and civil aviation authorities have recently utilized and expanded the use of biometric technologies to respond proactively against the rapid changes in aviation terrorism due to scientific development. The Global Security Plan (GASeP) developed by the International Civil Aviation Organization (ICAO) is regarded as precondition for sustainable development of the global air transport industry. Thus GASeP has sought to improve aviation security system using biometic technologies. The purpose of this paper is to realize the equivalent access of aviation security system throughout the world with biometric technologies. First, this paper reviewed the current biometric-security system operated by the EU, USA and international society. Second, legal and institutional processes regarding personal biometric information were analyzed to suggest political implications. This paper concluded that ICAO should propose a global standardization and prepare guideline materials among its 193 member states to prevent aviation security breaches and to share related information on a real-time basis because time is required to utilize biometric technology to improve aviation safety and to develop global air transport.