• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.3
• /
• pp.37-47
• /
• 2020

The In the 4^th industrial revolution, cyber space will evolve into hyper-connectivity, super-convergence, and super-intelligence due to the development of advanced information and communication technologies, which will connect the nation's core infrastructure into a single network. As applying the 4^th industrial revolution technology to the cyber attack technique, it is evolving in an intelligent and sophisticate method. In order to response intelligent cyber attacks, it is difficult to guarantee self-defense in cyberspace by policy-oriented, preplanned-centric and hierarchical cyber response strategies. Therefore, this research aims to propose a situation-flexible & action-oriented cyber response mechanism that can respond flexibly by selecting the most optimal smart security solution according to changes in the cyber attack steps. The proposed cyber response mechanism operates the smart security solutions according to the action-oriented detailed strategies. In addition, artificial intelligence-based decision-making systems are used to select the smart security technology with the best responsiveness.

• Journal of Internet Computing and Services
• /
• v.25 no.1
• /
• pp.137-146
• /
• 2024

drones are used in a variety of fields, including business, leisure, lifesaving, and war. Various research using drones is being conducted in the military. In particular, the use of drones in 『Manned-Unmanned Complex combat performance plan』, powered by various unmanned vehicles deployed in the Army TIGER system, is expected to be a major factor realizing the Army's future combat performance that minimizes damage to ally combat troops while causing maximum damage to the enemy. As the deployment of various systems progresses, combat performance methods utilizing each system are evolving, but there is a lack of research to identify and resolve limitations in the perspective of unmanned vehicle operators. Based on the Ukrainian military's FPV drone combat case, we would like to make suggestions from the operator's perspective on overcoming perspective limitations through the introduction of FPV and the designation of military drone frequency.

• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.83-89
• /
• 2021

The RMF (Cyber Security Risk Management Framework) is a more strengthened U.S. defense cybersecurity framework that is currently used throughout the U.S. federal government beyond the defense sector. In the past decade, the proportion of cyber warfare in non-regular warfare encountered by the United States, especially cyberattacks caused by China and North Korea, has been increasing. In the end, the U.S. is newly establishing an RMF system to prepare a more strengthened cybersecurity policy at the pan-government level, and the U.S. Department of Defense aims to expand the U.S. defense RMF evaluation policy beyond the federal government level. The South Korean military has already applied RMF at the request of the U.S. that notified the policy to apply RMF when obtaining F-35A. The application of RMF by the Korean military is no longer inevitable. Now is the time for the Korean military to seriously think about what to prepare for the early establishment of a successful Korean RMF system.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.21 no.4
• /
• pp.489-496
• /
• 2018

In this paper, a performance comparison of dynamic TDMA and fixed TDMA in tactical data link system is conducted. The performance metric include: delay, queue size and system throughput. To perform comparison of two TDMA schemes, we adopt the modified M/D/1 queueing model. Computer simulation is also performed to verify conducted analytical results.

• Convergence Security Journal
• /
• v.17 no.2
• /
• pp.101-107
• /
• 2017

Recent cyber attacks on South Korea, including hacking and viruses, are increasing significantly. To deal with the cyber invasion of cyber aggression, the Ministry of National Defense defined the necessary procedures for cyber security with guidelines for cyber security. In spite of, based on the analyses the cyber defense operations published, the number of violations are increasing. To address issues stated above, the safety check items should be reviewed and revised. This paper will revisit current safety check items and provide new guidelines to prevent cyber security breaches, which will provide more safe and efficient cyber environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.5685-5700
• /
• 2018

Cyber intelligence, surveillance, and reconnaissance (ISR) has become more important than traditional military ISR. An agent used in cyber ISR resides in an enemy's networks and continually collects valuable information. Thus, this agent should be able to determine what is, and is not, useful in a short amount of time. Moreover, the agent should maintain a classification rate that is high enough to select useful data from the enemy's network. Traditional feature selection algorithms cannot comply with these requirements. Consequently, in this paper, we propose an effective hybrid feature selection method derived from the filter and wrapper methods. We illustrate the design of the proposed model and the experimental results of the performance comparison between the proposed model and the existing model.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.600-601
• /
• 2021

The cyberspace, which is the fifth battle field, should be utilized for multi-domain maneuvering between the cyberspace and the physical space using an electromagnetic spectrum. This becomes a major concept of cyber electronic warfare that combines the characteristics of cyber warfare and electronic warfare. In this study, the concept of cyber electronic warfare is analyzed by using the OSI reference model and examining the threats of the two-layer data link layer.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.1-13
• /
• 2022

As the information and communication environment develops, the environment of military facilities is also development remarkably. In proportion to this, cyber threats are also increasing, and in particular, APT attacks, which are difficult to prevent with existing signature-based cyber defense systems, are frequently targeting military and national infrastructure. It is important to identify attack groups for appropriate response, but it is very difficult to identify them due to the nature of cyber attacks conducted in secret using methods such as anti-forensics. In the past, after an attack was detected, a security expert had to perform high-level analysis for a long time based on the large amount of evidence collected to get a clue about the attack group. To solve this problem, in this paper, we proposed an automation technique that can classify an attack group within a short time after detection. In case of APT attacks, compared to general cyber attacks, the number of attacks is small, there is not much known data, and it is designed to bypass signature-based cyber defense techniques. As an attack model, we used MITRE ATT&CK® which modeled many parts of cyber attacks. We design an impact score considering the versatility of the attack techniques and proposed a group similarity score based on this. Experimental results show that the proposed method classified the attack group with a 72.62% probability based on Top-5 accuracy.

• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.77-83
• /
• 2013

As the network composed of numerous sensor nodes, sensor network conducts the function of sensing the surrounding information by sensor and of the sensed information. The concept of the battlefield is also changing to one that includes not only physical spaces but all areas including the networks of the nation's key industries and military facilities, energy facilities, transportation, and communication networks. In light of the changing warfare in terms of how it is conducted and what form it takes, the Korea military has to seek ways to effectively respond to threats of cyber warfare. In the past, although partial strategies on cyber warfare were studied, no research was done through the overall system flow. In this paper, key variables related to cyber warfare security are classified into personnel, management, and technology. A simple model and an extended model are suggested for each area, and based on the technology area of the extended model, formal methods are used to verify the validity and a detailed response strategy is suggested according to the identified leverage.

• Maritime Security
• /
• v.3 no.1
• /
• pp.45-72
• /
• 2021

North Korea's cyber capabilities represent a relatively new threat to global financial institutions and foreign governments, particularly the U.S and South Korean governments. Based primarily on publicly available sources, such as journalistic accounts and scholarly publications, this qualitative paper analyzes the ways in which North Korean leader Kim Jong Un has bolstered his country's asymmetric power and advanced his line of byungjin (dual development in the economy and military). Particularly by merging the cyber and maritime domains, North Korean operatives generate more revenue for the regime and helps keep the heavily sanctioned leadership in power. Despite the increased international attention to North Korean hackers, few analysts have examined the important role of cyber in the DPRK's internal political culture, specifically in advancing Kim Jong Un's byungjin line. Cyber fits into the DPRK's longstanding tradition of irregular warfare and guerilla-based armed struggle. Cyber also further advances Kim's personal reputation in the DPRK as an economic innovator and military strategist. This paper pays particular attention to the role of the DPRK's cyber operations in both ideological and maritime contexts. Recently, North Korean hackers have targeted South Korean shipbuilding industries and developed a blockchain scam, known as Marine Chain. North Korean cyber agents have increasingly paid attention to the nexus of cyber and maritime domains in their activities.