• Journal of Internet Computing and Services
• /
• v.25 no.1
• /
• pp.147-155
• /
• 2024

Currently, the 4th Industrial Revolution, like other revolutions, is bringing great change and new life to humanity, and in particular, the demand for and use of drones, which can be applied by combining various technologies such as big data, artificial intelligence, and information and communications technology, is increasing. Recently, it has been widely used to carry out dangerous military operations and missions, such as the Russia-Ukraine war and North Korea's reconnaissance against South Korea, and as the demand for and use of drones increases, concerns about the safety and security of drones are growing. Currently, a variety of research is being conducted, such as detection of wireless communication abnormalities and sensor data abnormalities related to drones, but research on real-time detection of threats using radio frequency characteristic data is insufficient. Therefore, in this paper, we conduct a study to determine whether the characteristic data is normal or abnormal signal data by collecting radio frequency signal characteristic data generated while the drone communicates with the ground control system while performing a mission in a HITL(Hardware In The Loop) simulation environment similar to the real environment. proceeded. In addition, we propose an unsupervised learning-based threat detection system and optimal threshold that can detect threat signals in real time while a drone is performing a mission.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.5-16
• /
• 2019

Modern state-of-the-art military aviation assets are operated with independent embedded real-time operating systems(RTOS). These embedded systems are made with a high level of information assurance. However, once the systems are introduced and installed on individual platforms for sustaining operational employment, the systems are not actively managed and as a result the platforms become exposed to serious threats. In this paper, we analyzed vulnerability factors in the processing of mission planning data and maintenance-related data for fighter aircraft. We defined the method and form of cyber attacks that modulate air data using these vulnerabilities. We then proposed a detection module for integrity detection. The designed module can preemptively respond to potential cyber threats targeting high - value aviation assets by checking and preemptively responding to malware infection during flight data processing of fighter aircraft.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.177-189
• /
• 2023

Malware detection is an increasingly important operational focus in cyber security, particularly given the fast pace of such threats (e.g., new malware variants introduced every day). There has been great interest in exploring the use of machine learning techniques in automating and enhancing the effectiveness of malware detection and analysis. In this paper, we present a deep recurrent neural network solution as a stacked Long Short-Term Memory (LSTM) with a pre-training as a regularization method to avoid random network initialization. In our proposal, we use global and short dependencies of the inputs. With pre-training, we avoid random initialization and are able to improve the accuracy and robustness of malware threat hunting. The proposed method speeds up the convergence (in comparison to stacked LSTM) by reducing the length of malware OpCode or bytecode sequences. Hence, the complexity of our final method is reduced. This leads to better accuracy, higher Mattews Correlation Coefficients (MCC), and Area Under the Curve (AUC) in comparison to a standard LSTM with similar detection time. Our proposed method can be applied in real-time malware threat hunting, particularly for safety critical systems such as eHealth or Internet of Military of Things where poor convergence of the model could lead to catastrophic consequences. We evaluate the effectiveness of our proposed method on Windows, Ransomware, Internet of Things (IoT), and Android malware datasets using both static and dynamic analysis. For the IoT malware detection, we also present a comparative summary of the performance on an IoT-specific dataset of our proposed method and the standard stacked LSTM method. More specifically, of our proposed method achieves an accuracy of 99.1% in detecting IoT malware samples, with AUC of 0.985, and MCC of 0.95; thus, outperforming standard LSTM based methods in these key metrics.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.14 no.6
• /
• pp.1069-1076
• /
• 2019

With the development of information and communication technology, the military's battle environment is changing greatly to network centric warfare in where weapon system is connected in a network and carries out mission by exchanging the real-time data. The core of the network centric warfare is Tactical Data Link(TDL) system, and subscribers of TDL exchange tactical information in real time through wireline, wireless and satellite network to share the battlefield situation. The amount of data sent and received through TDL inevitably increase as military's weapon systems equipped with TDL systems increase over time and the performance of communications equipment improves. This study proposes ways to improve the transmission speed and processing capacity of the TDL system by improving the Data Link Processor.

• Transactions of the Korean Society of Mechanical Engineers A
• /
• v.38 no.3
• /
• pp.323-328
• /
• 2014

Recently, there has been demand for the convergence of IT (Information and communication Technologies, ICT) with defense, as has already been achieved in civilian fields such as healthcare and construction. It is expected that completely new and common requirements would emerge from the civilian and military domains and that the shape of war field would change rapidly. Many military scientists forecast that future wars would be network-centric and be based on C4I(Command, Control, Communication & Computer, Intelligence), ISR(Intelligence, Surveillance & Reconnaissance), and PGM(Precision Guided Munitions). For realizing the smart defense concept, IT should act as a baseline technology even for simulating a real combat field using virtual reality. In this paper, we propose the concept of IT-based smart defense with a focus on accurate detection in real and cyber wars, effective data communication, automated and unmanned operation, and modeling and simulation.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.15 no.4
• /
• pp.687-694
• /
• 2020

SDN and NFV are next-generation network technologies, and cloud, such as data centers, campuses, and large companies, has been established, or is actively applied by service-oriented communication companies. In particular, the Defense Integrated Data Center will be a prime example for military applications. In order for the Defense Integrated Data Center (DIDC) to become an intelligent center, it is accelerating the promotion of the "Smart Defense Integrated Data Center", which applied the latest information and communication technology (ICT). At the time of the establishment of DIDC, it plans to start building infrastructure such as cloud services at around 30% level, and expand D-Cloud to 75% through 'Cloud First'. In addition, the introduction of SDN/NFV will reduce the operation cost and manpower of DIDC, strengthen the ability to efficiently use information resources and cyber information protection systems, and increase flexibility and agility in using each system to improve efficiency in defense management in the future. Therefore, we will discuss the justification and expected effects of SDN/NFV introduction, focusing on DIDC.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.2
• /
• pp.301-306
• /
• 2023

Convergeance in the military operations can be attained by simultaneously integrating effects based on sensor, C2, shooter asset in multi-domain and there is no exception to special operations. However, because of challenges from enemy, terrain, geopraphy, and weather, it's not easy to intertwine effects created from ground, sea, air, cyber and electromagnetic spectrum, and space in special operations conducted in deep area. This study presented how to intertwine high-tech such as long-rane reconnaissance·strike drone, cutting-edge sensor, jamming pod, and modular repeater in order to offset aforementioned challenges. Several new high-tech are able to strengthen convergeance of special operations in accordance with the development of the 4th industrial revolution. Therefore, follow-up studies need to be continued making an efforts to search for them.

• International Journal of Advanced Culture Technology
• /
• v.11 no.4
• /
• pp.310-316
• /
• 2023

This study aims to predict uncertain future scenarios that may unfold in South Korea in the near future, utilizing the theory of extreme events(X-events). A group of 32 experts, consisting of government emergency planning officers, was selected as the focus group to achieve this objective. Using the Focus Group Interview (FGI) technique, opinions were gathered from this focus group regarding potential X-events that may occur within the advanced science and technology domains over the next 10 years. The analysis of these opinions revealed that government emergency planning officers regarded the "Obsolescence of current technology and systems," particularly in the context of cyber network paralysis as the most plausible X-event within science and technology. They also put forth challenging and intricate opinions, including the emergence of new weapon systems and ethical concerns associated with artificial intelligence (AI). Given that X-events are more likely to emerge in unanticipated areas rather than those that are widely predicted, the results obtained from this study carry significant importance. However, it's important to note that this study is grounded in a limited group of experts, highlighting the necessity for subsequent research involving a more extensive group of experts. This research seeks to stimulate studies on extreme events at a national level and contribute to the preparation for future X-event predictions and strategies for addressing them.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.12
• /
• pp.471-480
• /
• 2016

Recently, the damage of cyber attack toward infra-system, national defence and security system is gradually increasing. In this situation, military recognizes the importance of cyber warfare, and they establish a cyber system in preparation, regardless of the existence of threaten. Thus, the study of Intrusion Detection System(IDS) that plays an important role in network defence system is required. IDS is divided into misuse and anomaly detection methods. Recent studies attempt to combine those two methods to maximize advantagesand to minimize disadvantages both of misuse and anomaly. The combination is called Hybrid IDS. Previous studies would not be inappropriate for near real-time network environments because they have computational complexity problems. It leads to the need of the study considering the structure of IDS that have high detection rate and low computational cost. In this paper, we proposed a Hybrid IDS which combines C4.5 decision tree(misuse detection method) and Weighted K-means algorithm (anomaly detection method) hierarchically. It can detect malicious network packets effectively with low complexity by applying mutual information and genetic algorithm based efficient feature selection technique. Also we construct upgraded the the hierarchical structure of IDS reusing feature weights in anomaly detection section. It is validated that proposed Hybrid IDS ensures high detection accuracy (98.68%) and performance at experiment section.

• Electronics and Telecommunications Trends
• /
• v.35 no.1
• /
• pp.12-24
• /
• 2020

To keep pace with other powerful nations in this era of the era of digitalization and to emerge stronger in the world, the defense forces of South Korea aim to innovate and prepare themselves for digital battlefields of possible wars in the future. The resources in the defense sector, which is the core of defense intelligence, is based on an intelligent mission collaboration tactical network system via cyber, command, control, communication, and computer (C4), and military and non-human weapons. Defense intelligence depends on the degree of the convergence of advanced Information and communication technologies (ICTs). Considering this aspect of defense intelligence, We plan to determine the application status of defense blockchain technology and examine the feasibility of applying blockchain technology and the core of applied technology. Generally, a key feature of blockchain technology is its data integrity in untrusted environments. There are various types of core technologies for the blockchain depending on the target areas of application in the defense sector, and it is also essential to derive new application strategies for core technologies that are applied in combination with other ICT technologies. We plan to demonstrate new defense ICT converged technologies (DNAB2: Data, Network, AI, BigData, Blockchain) and DNAB2-As-Services in the defense strategy.