• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.5
• /
• pp.721-736
• /
• 2023

The Command and Control Framework was developed for penetration testing and education purposes, but threat actors such as cybercrime groups are abusing it. From a cyber threat hunting perspective, identifying Command and Control Framework servers as well as proactive responding such as blocking the server can contribute to risk management. Therefore, this paper proposes a methodology for tracking the Command and Control Framework in advance. The methodology consists of four steps: collecting a list of Command and Control Framework-related server, emulating staged delivery, extracting botnet configurations, and collecting certificates that feature is going to be extracted. Additionally, experiments are conducted by applying the proposed methodology to Cobalt Strike, a commercial Command and Control Framework. Collected beacons and certificate from the experiments are shared to establish a cyber threat response basis that could be caused from the Command and Control Framework.

• Journal of the Korea Society for Simulation
• /
• v.20 no.4
• /
• pp.167-175
• /
• 2011

Concerning the effectiveness of command and control is increasing worldwide as future warfare is changing into Network Centric Warfare (NCW). Unlike the old attrition warfare that depends mainly on mobility and strike assets, the modern warfare is based on information and network which regards acquisition and circulation of information as important. Therefore, there's no room for rediscussion that C4ISR (Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance) system will play an important role in warfare. In spite of this fact, there isn't any way to explain clearly how to measure the effectiveness of command and control system in a battle and to reflect it systematically in a system effectiveness. In this study, we examined NCO-CF (Network Centric Operations-Conceptual Framework), developed by the Department of Defense (DOD), which can conceptually explain the increment of effectiveness of C4ISR system that is the basis of NCO. And we suggested methodology based on NCO-CF to establish the evaluation criteria for M&S analysis of command and control effectiveness. As a case study we derived the evaluation criteria for the command and control system in joint operations by applying the suggested methodology.

• International Journal of Control, Automation, and Systems
• /
• v.6 no.3
• /
• pp.327-338
• /
• 2008

A fault tolerant control system design technique has been proposed and analyzed for managing performance degradation in the presence of multiple faults in actuators. The method is based on a control structure with a model reference reconfigurable control design in an inner loop and command input adjustment in an outer loop. The reduced dynamic performance requirements in the presence of different actuator faults are accounted for through different performance reduced (degraded) reference models. The degraded steady-state performances are governed by the reduced levels of command input. The reconfigurable controller is designed on-line automatically in an explicit model reference control framework so that the dynamics of the closed-loop system follow that of the performance reduced reference model under each fault condition. The reduced command input level is determined to prevent potential actuator saturation. The proposed method has been evaluated and analyzed using an aircraft example against actuator faults subject to constraints on the magnitude and slew-rate of actuators.

• ETRI Journal
• /
• v.27 no.6
• /
• pp.810-813
• /
• 2005

This letter presents an analytical framework for a performance analysis of the imperfect direct-sequence code division multiple access (DS-CDMA) closed-loop power control (CLPC) loop with loop delay, channel estimation error, and power control command bit error as the parameters under a Rayleigh flat fading environment. The proposed model is verified through a comparison between analytical results and simulation ones.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.10
• /
• pp.4787-4807
• /
• 2016

Although the dense interconnection datacenter networks (DCNs) (e.g. FatTree) provide multiple paths and high bisection bandwidth for each server pair, the single-path TCP (SPT) and ECMP which are widely used currently neither achieve high bandwidth utilization nor have good load balancing. Due to only one available transmission path, SPT cannot make full use of all available bandwidth, while ECMP's random hashing results in many collisions. In this paper, we present OFPT, an OpenFlow based Parallel Transport framework, which integrates precise routing and scheduling for better load balancing and higher network throughput. By adopting OpenFlow based centralized control mechanism, OFPT computes the optimal path and bandwidth provision for each flow according to the global network view. To guarantee high throughput, OFPT dynamically schedules flows with Seamless Flow Migration Mechanism (SFMM), which can avoid packet loss in flow rerouting. Finally, we test OFPT on Mininet and implement it in a real testbed. The experimental results show that the average network throughput in OFPT is up to 97.5% of bisection bandwidth, which is higher than ECMP by 36%. Besides, OFPT decreases the average flow completion time (AFCT) and achieves better scalability.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39C no.8
• /
• pp.615-625
• /
• 2014

Ministry of National Defense, MND, established a "Master Plan of Military Facility" in 2010 based on the defense reform to prepare for future war. It was a plan for consolidating small military facilities into battalion units, reflecting on and preparing for the needs of various changes in defense environment as well as balanced growth of ROK Army, Navy, and Air Force. However, to move forward with "Military Facility Master Plan," current design criteria for military facilities need to be revised to be enacted due to numerous calculation errors in facility footprints because of the absence of a sound facility criteria. Because the future war environment will be changed from Platform basis to Network Centric Warfare basis, Command & Control capability of C4I systems is getting more important. Therefore, Successful mission accomplishment can be secured by convergence of facility and military Information Technology(IT). So, MND should quickly prepare for the operational guidance, design criteria and policy that are suitable for Network Centric Warfare accomplishment, and implement infrastructure of IT and installation of C2 facility in conjunction with consolidation movement of military facilities. In this paper, we propose the defense I3A framework in order to solve this problem.

• Journal of Internet Computing and Services
• /
• v.23 no.1
• /
• pp.125-134
• /
• 2022

The development of information communication and artificial intelligence technology requires the intelligent command and control (C2) system for Korean military, and various studies are attempted to achieve it. In particular, as a volume ofinformation in the C2 workflow increases exponentially, this study pays attention to the collaborative filtering (CF) and recommendation systems (RS) that can provide the essential information for the users of the C2 system has been developed. The RS performing information filtering in the C2 system should provide an explanatory recommendation and consider the context of the tasks and users. In this paper, we propose a contextual pre-filtering CARS framework that recommends information in the C2 workflow. The proposed framework consists of four components: 1) contextual pre-filtering that filters data in advance based on the context and relationship of the users, 2) feature selection to overcome the data sparseness that is a weak point for the CF, 3) the proposed CF with the features distances between the users used to calculate user similarity, and 4) rule-based post filtering to reflect user preferences. In order to evaluate the superiority of this study, various distance methods of the existing CF method were compared to the proposed framework with two experimental datasets in real-world. As a result of comparative experiments, it was shown that the proposed framework was superior in terms of MAE, MSE, and MSLE.

• Journal of English Language & Literature
• /
• v.55 no.3
• /
• pp.459-474
• /
• 2009

The Journal of English Language and Literature. The purpose of this study is to provide an optimality theoretic approach to NPIs (Negative Polarity Items) in English and Korean by proposing three universal constraints. The constraints are C-command Condition (CCC): NPI must be c-commanded by a constituent with negative meaning; Locality Condition (LOC): NPI must be bound in the local domain; Subjacency: NPI licensing must satisfy Subjacency Condition (SBJ); Previous analyses have shown that these three constraints control NPIs in one way or another. This study attempts to demonstrate that NPIs in both English and Korean languages can be nicely accounted for by setting a different constraint hierarchy for the two independent languages. That is, by slightly changing the constraint hierarchy, distributional differences of NPIs in both languages can be accounted straightforwardly within the framework of Optimality Theory.

• Journal of Information Technology and Architecture
• /
• v.11 no.2
• /
• pp.157-173
• /
• 2014

As Air Base Defence, Anti-Aircraft Defence and Nuclear-Biological-Chemical Protection model considered as ground operation models in Republic of Korea Air Force are designed as the voice-centered system between participant nodes, there is a problem communicating accurately. In recent years, the military is developing a command and control capability using data communication technology to solve the problem. Therefore, this paper proposes new model to maximize efficiency of performance improvement through the Data Communication-based Future Air Base Defence Model. We refer to a research paper that is related existing and developed new model. and then we really experimented under WiBro Network that is constructed to Air Base for maintenance control. Based on the analysis and the test result of new Air Base Defence Model, we have concluded that the performance improvement effect is reached.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.6
• /
• pp.2591-2611
• /
• 2020

Botnets have become one of the most significant threats to Internet-connected smartphones. A botnet is a combination of infected devices communicating through a command server under the control of botmaster for malicious purposes. Nowadays, the number and variety of botnets attacks have increased drastically, especially on the Android platform. Severe network disruptions through massive coordinated attacks result in large financial and ethical losses. The increase in the number of botnet attacks brings the challenges for detection of harmful software. This study proposes a smart framework for mobile botnet detection using static analysis. This technique combines permissions, activities, broadcast receivers, background services, API and uses the machine-learning algorithm to detect mobile botnets applications. The prototype was implemented and used to validate the performance, accuracy, and scalability of the proposed framework by evaluating 3000 android applications. The obtained results show the proposed framework obtained 98.20% accuracy with a low 0.1140 false-positive rate.