• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.103-112
• /
• 2020

Recently, the interest in hobby/leisure drones is increasing in the private sector, and the military also uses drones in various countries such as North Korea, the United States, and Iran for military purposes such as reconnaissance and destruction. A variety of drone related research is underway, such as establishing and operating drone units within the Korean military. Inparticular, recently, as the size of drone flight control source code increases and the number of functions increases, drone developers are getting accustomed to using open sources and using them without checking for separate security vulnerabilities. However, since these open sources are actually accessible to attackers, they are inevitably exposed to various vulnerabilities. In this paper, we propose an attack scenario for military drones using open sources in connection with these vulnerabilities using Telemetry Hijacking techniques.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.23 no.1
• /
• pp.209-214
• /
• 2023

In the future, as autonomous vehicles become popular at home and abroad, the frequency of accidents involving autonomous vehicles is also expected to increase. In particular, when a fully autonomous vehicle is operated, various criminal/civil problems such as sexual violence, assault, and fraud between passengers may occur as well as the vehicle accident itself. In this case, forensics for accidents involving autonomous vehicles and accidents involving passengers in the vehicles are also about to change. This paper reviewed the types of security threats of autonomous vehicles, methods for maintaining the integrity of evidence data using blockchain technology, and research on digital forensics. Through this, it was possible to describe threats that would occur in autonomous vehicles using blockchain technology and forensic techniques for each type of accident in a scenario-type manner. Through this study, a block that helps forensics of self-driving vehicles before and after accidents by investigating forensic security technology of domestic and foreign websites to respond to vulnerabilities and attacks of autonomous vehicles, and research on block chain security of research institutes and information security companies. A chain method was proposed.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.54 no.1
• /
• pp.46-52
• /
• 2017

Social attention to information security field is inspired, and manpower demand forecast of this area is getting high. This study surveyed information security knowledge of practitioners who work in a field of information security such as computer and network system. We analyzed a connection between survey data, information protection job system that was suggested by NICE, IT skills that NCS and KISA classified and security field classification system. Base on data that analyzed, this study suggests a curriculum that trains professional manpower who perform duties in the field of information security. Suggested curriculum can be applied to 2 year college, 3 year college and 4 year college. Suggested curriculum provides courses that students who want to work in a field of information security must learn during the college. Suggested courses are closely connected to a related field and detailed guideline is indicated to each course to educate. Suggested curriculum is required, and it combines a theoretical education that become basis and a practical education so that it is not weighted to learn theory and is not only focusing on learning simple commands. This curriculum is established to educate students countermeasures of hacking and security defend that based on scenario that connected to executive ability. This curriculum helps to achieve certificates related to a field more than paper qualification. Also, we expect this curriculum helps to train convergent information security manpower for next generation.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.8 no.6
• /
• pp.835-844
• /
• 2018

Recently, as the number of smartphone users has been increasing worldwide, various services such as electronic payment, internet use, and financial settlement are being used as a smartphone. In addition, researches for home appliance control and automobile control using smartphone are conducted. As such, smartphone users can enjoy a more convenient life, but by hacking smartphones, tapping texts and conversations on smartphones, tracking location through spy apps, DDoS attacks using smartphones, and malicious apps When a message is received at a specific telephone number when using a micropayment, the corresponding text message is transmitted to a remote server, thereby increasing the risk of leakage of personal information and the like. Therefore, in this paper, we define the risk factors of the smartphone that are caused by the internal and external environmental, physical, contents (apps) of the smartphone through the smartphone that we use in real life, We propose a method to check vulnerability of smartphone security solution such as CC evaluation and the most effective response technique for each risk of smartphone by defining the technique.