• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.7 no.6
• /
• pp.1185-1193
• /
• 2006

The next generation networked information system over unbounded internet is open to various network attacks and incidents, so many users suffer from damage and financial loss. In this paper we propose a survivability management model to evaluate the tradeoffs between the cost of defence mechanisms for information systems with weighted service and the resulting expected survivability after a network attack or occurrence of incidents. By varying the level of defence in the simulation, we examine how survivability changes according to the defense level. We derive a cost/survivability and weighted service/survivability curve that managers can use to decide on the appropriate level of defense for the network system of their organizations.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.46 no.4
• /
• pp.272-280
• /
• 2023

For the past 70 years, an intense rivalry has persisted on the Korean Peninsula, and North Korea's nuclear and missile threats are becoming increasingly imminent. Facing a shortage of military resources, South Korea has pursued a national defense reform, significantly reducing the number of units and troops while focusing on ground forces. However, North Korea's strategic objective of unifying South Korea through surprise attacks, prompt responses, and combined nuclear and missile assaults remains unchanged. The central issue in this context revolves around determining the appropriate size of the Korean military's standing forces. This study employs the concept of net assessment as a novel method to ascertain the optimal size of the Korean military. Threats, strategic objectives, doctrine, and unit rotations are simultaneously considered from the enemy's perspective. In anticipation of security risks on the Korean Peninsula, an acceptable troop size will be proposed using the net assessment approach to calculate the appropriate standing force size.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.46 no.4
• /
• pp.321-330
• /
• 2023

The Korean military has sought to build an all-round military force against the national and international security environment and future asymmetric threats as well as the military threats it faces. However, while raising the need for timely electrification, there are few cases of quantitatively evaluating the loss when electrification is delayed, making it difficult for our military to provide a logical basis to support the importance of the electrification period. Therefore, through this study, we tried to analyze the index of loss cost that can support the need for timely electrification with logical and quantitative data and present it as a logical basis. To this end, the loss cost was calculated in terms of combat efficiency, equipment utilization rate, and maintenance requirements, which can be quantitatively calculated based on "combat readiness," a general impact on the military in case of delayed timely electrification.

• Journal of Digital Convergence
• /
• v.16 no.10
• /
• pp.223-233
• /
• 2018

The forces to protect people's life and property against the enemy attack is an organization which is regulated by the constitutional law. In terms of nature, its security is a significant factor to determine success or failure for the war. However, recently the 4th industrial revolution represents the rapid change in the advancement of civilization and technology. It can influence on the environment of military security which can make various changes. Unless taking proper action againsty these changes, it can inflict a vital harm for the organization of forces and its internal security. In this aspect, this study discuss new threats of the military security, above all, the most technical improvements and harms for the drones in terms of security. In addition, the advantages and disadvantages of drones which can influence on the ragions of military command and control, information operations, maneuvers, firepower, operation sustainment supports are analyzed. Moreover, this study set the purpose of developmental security measure for security threats in the aspects of military security.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.8
• /
• pp.1205-1212
• /
• 2022

Cyber threat targeting ICS (Industrial Control System) has indicated drastic increases over the past decade and Cyber Incident in Critical Infrastructure such as Energy, Gas Terminal and Petrochemical industries can lead to disaster-level accidents including casualties and large-scale fires. In order to effectively respond to cyber attacks targeting ICS, a multi-layered defense-in-depth strategy considering Control System Architecture is necessary. In particular, the centralized security log system integrating OT (Operational Technology) and IT (Information Technology) plays an important role in the ICS incident response plan. The paper suggests the way of implementing centralized security log system that collects security events and logs using OPC Protocol from Level 0 to Level 5 based on IEC62443 Purdue Model to integrate ICS security logs with SIEM (Security Information Event Management) operated in IT environment.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.3
• /
• pp.291-297
• /
• 2019

The world's leading industrialized nations are improving their national science and technology capacity through the continuous expansion of national R&D investment and the improvement of performance in accordance with the trend of the fourth industrial revolution. As rapid technological development following technological convergence necessitates a preemptive response to a new paradigm, the importance of securing high technology that affects the national competitiveness is increasing day by day. Core technologies and future new technologies that affect national competitiveness can be seen as a measure to upgrade the nation's innovative capabilities. In particular, the core technologies and future new technologies to prepare for changes in a security environment and future battlefields are very important in the defense sector that develops weapons systems. In the defense sector, the core technologies based on the military weapons systems are identified, and future new technologies that use the best technologies of the private sector for national defense, not on the needs of develops weapons systems, are derived. This study examined the characteristics of core technology and future new technology of defense ground unmanned systems, conducted a comparative study through empirical analysis, and concluded that strategic technology planning and research and development are needed according to the core technology and future new technology characteristics.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.501-519
• /
• 2017

With the revolution of IT technology, cyber threats and crimes are also increasing. In the recent years, many large-scale APT attack executed domestically and internationally. Specially, many of the APT incidents were not recognized by internal organizations, were noticed by external entities. With fourth industrial revolution(4IR), advancement of IT technology produce large scale of sensitive data more than ever before; thus, organizations invest a mount of budget for various methods such as encrypting data, access control and even SIEM for analyzing any little sign of risks. However, enhanced intelligent APT it's getting hard to aware or detect. These APT threats are too much burden for SMB, Enterprise and Government Agencies to respond effectively and efficiently. This paper will research what's the limitation and weakness of current defense countermeasure base on Cyber Kill Chain process and will suggest effective and efficient APT defense operation model with considering of organization structure and human resources for operation.

• The Journal of Society for e-Business Studies
• /
• v.20 no.2
• /
• pp.27-36
• /
• 2015

Current leakage of industrial technologies with revealing state secret against nation is gradually increasing and scope of the spill is diversified from technology-oriented leakage to new economic security sector like information and communication, electrical and electronic, defense industry, illegal export of strategic material, economic order disturbance by foreign country, infringement of intellectual property, etc. So the spill damage can affect not only leaked company but also national interests and entire domestic industry. According to statistics from National Industrial Security Center of National Intelligence Service, a major cause of technology leakage is not only by external things about hacking and malignant code, but internal leakage of former and current employees account for about 80%. And technology leakage due to temptation of money and personal interests followed by technology leakage of subcontractor is steadily increased. Most studies in the field of security have tended to focus on measuring security capability of company in order to prevent leakage core assets or developing measurement Indicators for management rather than security activities of the company members that is most important. Therefore, this study analyzes the effect of most underlying security education in security activities on security capabilities of enterprise. As a result, it indicates that security education have a positive(+) correlation with security capabilities.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.6
• /
• pp.1-8
• /
• 2019

Medical information is an important personal information for patients, and it must be protected. In particular, when medical personnel approach electronic medical records, authentication for enhanced security is essential. However, the existing public certificate-based certification model did not reflect the security characteristics of the electronic medical record(EMR) due to problems such as personal key management and authority delegation. In this study, we propose a fingerprint recognition-based authentication model with enhanced security to solve problems in the approach of the existing electronic medical record system. The proposed authentication model is an EMR system based on fingerprint recognition using PEMS (Private-key Escrow Management Server), which is applied with the private key commission protocol and the private key withdrawal protocol, enabling the problem of personal key management and authority delegation to be resolved at source. The performance experiment of the proposed certification model confirmed that the performance time was improved compared to the existing public certificate-based authentication, and the user's convenience was increased by recognizing fingerprints by replacing the electronic signature password.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.4
• /
• pp.446-458
• /
• 2017

In order to make a decision about the acquisition of command control communication weapon systems considering the client's technology level requirements, the improvement of the domestic technology level and security of core technology, the person in charge can perform technology evaluation/analysis based on command control communication weapon system patent data. As a method of collecting such patent data, we can collect the patent data of government-designated (Defense Acquisition Program Act Article 35) companies (11 Major defense companies/9 General defense companies) through the Korea Intellectual Property Rights Information System (KIPRIS) of the Korean Intellectual Property Office (KIPO) In this way, we collected 1,526 patents and 134 International Patent Classification (IPC) types through the KIPRIS of the KIPO. Based on these data, we performed three types of analysis, General information analysis, Principal Components Analysis (PCA) and Network analysis, and extracted 27, 19 and 13 IPC types from them, respectively. Based on the above three analysis results, we confirmed 8 IPC types (F41A, F41G, G06F, G01S, H04B, H04L, H04M and H04W) as the key technologies and representative technology fields of domestic communication-electronics defense companies.