• Journal of the Korea Institute of Military Science and Technology
• /
• v.22 no.6
• /
• pp.797-805
• /
• 2019

Threats targeting cyberspace are becoming more intelligent and increasing day by day. To cope with such cyber threats, it is essential to improve the coping ability of system security officers. In this paper, we propose a simulated threat generator that automatically generates cyber threats for cyber defense training. The proposed Simulated Threat Generator is designed with MITRE ATT & CK(Adversarial Tactics, Techniques and Common Knowledge) framework to easily add an evolving cyber threat and select the next threat based on the threat execution result.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.101-107
• /
• 2019

Our military's cyberspace is under constant threat from the enemy. These cyber threats are targeted at the information service assets held by the military, and securing the security of the organization's information service assets is critical. However, since Information assets can not be 100% selt-sufficient in any organization as well as the military, acquisition of information assets by the supply chain is an inevitable. Therefor, after reviewing supply chain protection measures to secure the safety of the military supply chain, we proposed a method for securing supply chain companies through the citation of partnership based on the validated trust model.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.21 no.5
• /
• pp.658-664
• /
• 2018

In this paper, we propose a group key management scheme for very high confidential information in tactical wireless networks. For the proposed scheme, we consider the tactical networks that has a hierarchical topology and the nature of high confidential information. The leader node, which may have higher probability of good channel state than others, provides some data to all the network member in order to generate a geographical group key and it transmits the encrypted information with minimum transmission power level to others. By this scheme, the security and reliability for sharing confidential information is ensured. The performance of the proposed scheme is validated by mathematical analysis. It shows that the proposed scheme makes nodes to share a high confidential information securely if the proper parameters for network design are selected.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.21 no.6
• /
• pp.817-825
• /
• 2018

Recently, drones have been used in various field to overcome time and space limitations. However, single drone still has a lot of restriction on transportation wight and travel time. Therefore many studies have been conducted to increase the utilization by swarm of drones. Many things should be additionally considered in order to operate swarming drones securely. Especially the group key management is a challenging research topic in tactical domain due to existence of adversary that has anti-drone skill. In this paper, we proposed an efficient group key management scheme for tactical swarming drone networks where an adversary equipped with anti-drone skills exists. The group key can be updated with a small number of message exchange compared to other convenience schemes. The numerical and simulation results demonstrate that the proposed scheme manages the group key efficiently and securely.

• Convergence Security Journal
• /
• v.1 no.1
• /
• pp.31-35
• /
• 2001

Currently if we are to make a thought to depend on our fast developing information technology, a future war is necessarily to be made a situation of a cyber information warfare. A attacker in the cyber information warfare is able to make attack a military or a civil information and communication system, especially if a attack of a hacker, a virus or a electromagnetic pulse bomb at a military C4ISR system is able to make a confusion or a interruption in military operations, they are available to attack as a real time with non restrictions of physical distance, time, weather and space. While a expenditure of carrying out the cyber information warfares is the lowest expenditure, a effect of carrying out the cyber information warfares is the greatest effect in side of a interruption of information, a confusion, a terror, a pillage and crime of the people. This paper is to introduce "weapons of cyber information warfares", "offence capability of cyber information warfares about several nations" and to propose "a cyber information warfare organization" or the future knowledge warfare. the future knowledge warfare.

• Convergence Security Journal
• /
• v.19 no.5
• /
• pp.99-105
• /
• 2019

In this study present the theoretical background and major trends in which cyber threats are securitization through the discourse process. In particular, this study explained based on the theory of Copenhagen school, which is critical of the security of cyber threats. And presented the security of non-traditional threats and the security of emerging security issues, which explained the process of security for cyber threats, based on existing research, and explained the limitations to this. And tried to provide a cautious point of view that the militarization phenomenon of cyber threats that is currently displayed is a phenomenon that is displayed through the combination of technical discourse and military discourse. Through this study, we aim to show the military the limits of universal solution presentation and the borderline perspective of militarization based on objective insights into the cyber threat security process.

• Journal of National Security and Military Science
• /
• s.2
• /
• pp.285-314
• /
• 2004

The forms of current war are diversified over the pan-national industry. Among these, one kind of threats which has permeated the cyber space based on the advanced information technology causes a new type of war. C4ISR, the military IT revolution, as a integrated technology innovation of Command, Control, Communications, Computer, Intelligence, Surveillance and Reconnaissance suggests that the aspect of the future war hereafter is changing much. In this paper, we design the virtual decoy system and intrusion trace marking mechanism which can capture various attempts and evidence of intrusion by hackers in cyber space, trace the penetration path and protect a system. By the suggested technique, we can identify and traceback the traces of intrusion in cyber space, or take a legal action with the seized evidence.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.21 no.6
• /
• pp.807-816
• /
• 2018

Threat hunting is defined as a process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions. The main concept of threat hunting is to find out weak points and remedy them before actual cyber threat has occurred. And HMM(Hunting Maturity Matrix) is suggested to evolve hunting processes with five levels, therefore, CSOC(Cyber Security Operations Center) can refer HMM how to make them safer from complicated and organized cyber attacks. We are developing a system for cyber situation awareness system with pro-active threat hunting process called unMazeTM. With this unMaze, it can be upgraded CSOC's HMM level from initial level to basic level. CSOC with unMaze do threat hunting process not only detecting existing cyber equipment post-actively, but also proactively detecting cyber threat by fusing and analyzing cyber asset data and threat intelligence.

• Convergence Security Journal
• /
• v.17 no.2
• /
• pp.145-151
• /
• 2017

The Cyberspace of the Republic of Korea Army is continuously threatened by enemies. Means for responding to such cyber threats are ultimately Military information security professional personnel. Currently, however, there are only a handful of advanced information security professional persons in Republic of Korea Army, and a lack of systematic training is inadequate. Therefore, in this thesis, we surveyed the information security professional human resource policies of USA, UK, Israel, and Japan. In addition, the policy to train professional human resources specialized in defense cyber security, we proposed training of specialist talent of 4 steps and medium and long term plan, step-by-step training system sizing, introduction of certification system.

• Convergence Security Journal
• /
• v.18 no.1
• /
• pp.111-116
• /
• 2018

The Cyber space of the ROK Army is constantly threatened by enemy. In order to reponse to such cyber treats, vulnerabilities of information assets of the ROK Army should be identified and eliminated early. However, the ROK Army currently lacks systematic management of vulnerabilities. Therefore, this paper investigates trends of each country's vulnerability management and the actual situation of the management of the vulnerabilities in the ROK Army, and suggests ways of linking vulnerability database and the ROK Army information asset management system for effective vulnerability management of the ROK Army information assets.