• Review of KIISC
• /
• v.32 no.4
• /
• pp.93-97
• /
• 2022

최근 자율주행차량등의 활발한 기술 개발 및 상용화가 추진되고 있다. 자율주행차량에서는 기존의 센서로부터 수집되는 주변 환경 정보의 한계를 극복하기 위하여 차량통신기술을 활용하여 주변 환경을 보다 정확하고 상세하게 인지하는 필요성이 강조되고 있는 실정이다. 이러한 차량통신기술의 활용성이 증대됨에 따라, 보안 위협에 대응하기 위한 보안 기술도 활발히 연구 개발 추진 중이며, 이와 연관된 국제표준화의 필요성도 부각되고 있다. 최근 IT 보안 국제표준화 기구인 ITU-T SG17에서는 연구반 구조 조정을 진행했으며, ITS(Intelligent Transport Systems) 보안 연구반(Q13)은 지속적으로 차량통신표준화를 추진한다. 본 논문에서는 ITS 보안 연구반의 최근 활동 및 진행 계획을 소개한다.

• The Korean Journal of Air & Space Law and Policy
• /
• v.30 no.2
• /
• pp.201-248
• /
• 2015

In Korea the number of unlawful interference act on board aircrafts has been increased continuously according to the growth of aviation demand, and there were 55 incidents in 2000, followed by 354 incidents in 2014, and an average of 211 incidents a year over the past five years. In 1963, a number of states adopted the Convention on Offences and Certain Other Acts Committed on Board Aircraft (the Tokyo Convention 1963) as the first worldwide international legal instrument on aviation security. The Tokyo Convention took effect in 1969 and, shortly afterward, in 1970 the Convention for the Suppression of Unlawful Seizure of Aircraft(the Hague Convention 1970) was adopted, and the Convention for the Suppression of Unlawful Acts Against the Safety of Civil Aviation(the Montreal Convention 1971) was adopted in 1971. After 9/11 incidents in 2001, to amend and supplement the Montreal Convention 1971, the Convention on the Suppression of Unlawful Acts Relating to International Civil Aviation(the Beijing Convention 2010) was adopted in 2010, and to supplement the Hague Convention 1970, the Protocol Supplementary to the Convention for the Suppression of Unlawful Seizure of Aircraft(the Beijing Protocol 2010) was adopted in 2010. Since then, in response to increased cases of unruly behavior on board aircrafts which escalated in both severity and frequency,, the Montreal Protocol which is seen as an amendment to the Convention on Offences and Certain Other Acts Committed on Board Aircraft(the Tokyo Convention 1963) was adopted in 2014. Korea ratified the Tokyo Convention 1963, the Hague Convention 1970, the Montreal Convention 1971, the Montreal Supplementary Protocol 1988, and the Convention on the Marking of Plastic Explosive 1991 which have proven to be effective. Under the Tokyo Convention ratified in 1970, Korea further enacted the Aircraft Navigation Safety Act in 1974, as well as the Aviation Safety and Security Act that replaced the Aircraft Navigation Safety Act in August 2002. Meanwhile, the title of the Aviation Safety and Security Act was changed to the Aviation Security Act in April 2014. The Aviation Security Act is essentially an implementing legislation of the Tokyo Convention and Hague Convention. Also the language of the Aviation Security Act is generally broader than the unruly and disruptive behavior in Sections 1-3 of the model legislation in ICAO Circular 288. The Aviation Security Act has reflected the considerable parts of the implementation of national legislation under the Beijing Convention and Beijing Protocol 2010, and the Montreal Protocol 2014 that are the modernized international conventions relating to aviation security. However, in future, when these international conventions would come into effect and Korea would ratify them, the national legislation that should be amended or provided newly in the Aviation Security Act are as followings : The jurisdiction, the definition of 'in flight', the immunity from the actions against the aircraft commander, etc., the compulsory delivery of the offender by the aircraft commander, etc., the strengthening of penalty on the person breaking the law, the enlargement of application to the accomplice, and the observance of international convention. Among them, particularly the Korean legislation is silent on the scope of the jurisdiction. Therefore, in order for jurisdiction to be extended to the extra-territorial cases of unruly and disruptive offences, it is desirable that either the Aviation Security Act or the general Crime Codes should be revised. In conclusion, in order to meet the intelligent and diverse aviation threats, the Korean government should review closely the contents of international conventions relating to aviation security and the current ratification status of international conventions by each state, and make effort to improve the legislation relating to aviation security and the aviation security system for the ratification of international conventions and the implementation of national legislation under international conventions.

• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.115-127
• /
• 2021

With the development of science and technology around the world, the realm of cyberspace, following land, sea, air, and space, is also recognized as a battlefield area. Accordingly, it is necessary to design and establish various elements such as definitions, systems, procedures, and plans for not only physical operations in land, sea, air, and space but also cyber operations in cyberspace. In this research, the importance of cyber targets that can be considered when prioritizing the list of cyber targets selected through intermediate target development in the target development and prioritization stage of targeting processing of cyber operations was selected as a factor to be considered. We propose a method to calculate the score for the cyber target and use it as a part of the cyber target prioritization score. Accordingly, in the cyber target prioritization process, the cyber target importance category is set, and the cyber target importance concept and reference item are derived. We propose a TIR (Target Importance Rank) algorithm that synthesizes parameters such as Event Prioritization Framework based on PageRank algorithm for score calculation and synthesis for each derived standard item. And, by constructing the Stuxnet case-based network topology and scenario data, a cyber target importance score is derived with the proposed algorithm, and the cyber target is prioritized to verify the proposed algorithm.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.12
• /
• pp.7292-7301
• /
• 2014

With the development of IT Info-Communications technology, the vehicle with a combination of wireless-communication technology has resulted in significant research into the convergence of the component of existing traffic with information, electronics and communication technology. Intelligent Vehicle Communication is a Machine-to-Machine (M2M) concept of the Vehicle-to-Vehicle. The Vehicle-to-Infrastructure communication consists of safety and the ease of transportation. Security technologies must precede the effective Intelligent Vehicle Communication Structure, unlike the existing internet environment, where high-speed vehicle communication is with the security threats of a wireless communication environment and can receive unusual vehicle messages. In this paper, the Vehicle Identification number between the V2I and the secure message communication protocol was proposed using hash functions and a time stamp, and the validity of the vehicle was assessed. The proposed system was the performance evaluation section compared to the conventional technique at a rate VPKI aspect showed an approximate 44% reduction. The safety, including authentication, confidentiality, and privacy threats, were analyzed.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.9 no.4
• /
• pp.113-122
• /
• 2010

Research and development related to advanced railway systems is currently underway presently to promote the maintenance and economic feasibility of subways, and the aim of such research and development is to enhance the functionality, passenger convenience, system safety and reliability assurance of the subway. In this situation, a study that predicts the effect that the development of such an advanced railway system would have on subway users is required. To this end, this study derived willingness to pay and decision factors with the introduction of an advanced railway system after surveying passengers who use subway lines 1~8. The Price Sensitivity Method (PSM) was applied to derive the willingness to pay in relation to user convenience (operating speed, ride comfort, safety, comfort, security and informativeness) with the introduction of an advanced railway system. In addition, willingness to pay and decision factors were examined after explaining the effects of introducing an advanced railway system in detail to subway users. Through the analysis, it was found that willingness to pay amounted to a premium of 148 won ~ 161 won with the introduction of an advanced railway system, and that this was affected by factors such as gender, frequency of use, satisfaction with comfort, and satisfaction with security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1235-1241
• /
• 2016

Personalized App recommendation system is recently famous since the number of various apps that can be used in smart phones that increases exponentially. However, the site users using google play site with malwares have experienced severe damages of privacy exposure and extortion as well as a simple damage of satisfaction descent at the same time. In addition, Sybil attack (Sybil) manipulating the score (rating) of each app with falmay also present because of the social networks development. Up until now, the sybil detection studies and malicious apps studies have been conducted independently. But it is important to determine finally the existence of intelligent attack with Sybil and malware simultaneously when we consider the intelligent attack types in real-time. Therefore, in this paper we experimentally evaluate the relationship between malware and sybils based on real cralwed dataset of goodlplay. Through the extensive evaluations, the correlation between malware and sybils is low for malware providers to hide themselves from Anti-Virus (AV).

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.9
• /
• pp.120-125
• /
• 2016

For the purpose of protecting personal property and lives from incidents, accidents, and threats such as terrorism, video surveillance equipment has been installed and operates in many places. Video surveillance technology has gradually developed into high-quality, high-definition equipment, and a lot of products have been launched. However, closed circuit television (CCTV) equipment for security purposes can invade a person's privacy. In this paper, we propose a way to protect personal video images using meta-data in an intelligent Internet protocol (IP) camera. We designed the system to mask personal video information from meta-data, define the method of image-information access according to user privileges, and show how to utilize the meta-data during storage and recorded data searches. The suggested system complies with guidelines for CCTV installation and operation from Korea's Ministry of the Interior. Installed on only a single server so far, due to the limitations and technical difficulties of hardware performance, it has been difficult to find a method that can be applied to personal image information using real-time protection techniques. Applying the method proposed in this paper can satisfy the guidelines, reduce server costs, and reduce system complexity.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.20 no.3
• /
• pp.422-427
• /
• 2010

Korean Game industry, especially MMORPG(Massively Multiplayer Online Game) has been rapidly expanding in these days. But As game industry is growing, lots of online game security incidents have also been increasing and getting prevailing. One of the most critical security incidents is 'Game Bots', which are programs to play MMORPG instead of human players. If player let the game bots play for them, they can get a lot of benefic game elements (experience points, items, etc.) without any effort, and it is considered unfair to other players. Plenty of game companies try to prevent bots, but it does not work well. In this paper, we propose a behavior pattern model for detecting bots. We analyzed behaviors of human players as well as bots and identified six game features to build the model to differentiate game bots from human players. Based on these features, we made a Naive Bayesian classifier to reasoning the game bot or not. To evaluated our method, we used 10 game bot data and 6 human Player data. As a result, we classify Game bot and human player with 88% accuracy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.821-830
• /
• 2017

The internet is an important infra resource that it controls the economy and society of our country. Also, it is providing convenience and efficiency of the everyday life. But, a case of various are occurred through an using vulnerability of an internet infra resource. Recently various attacks of unknown to the user are an increasing trend. Also, currently system of security control is focussing on patterns for detecting attacks. However, internet threats are consistently increasing by intelligent and advanced various attacks. In recent, the darknet is received attention to research for detecting unknown attacks. Since the darknet means a set of unused IP addresses, no real systems connected to the darknet. In this paper, we proposed an algorithm for finding black IPs through collected the darknet traffic based on a statistics data of port information. The proposed method prepared 8,192 darknet space and collected the darknet traffic during 3 months. It collected total 827,254,121 during 3 months of 2016. Applied results of the proposed algorithm, black IPs are June 19, July 21, and August 17. In this paper, results by analysis identify to detect frequency of black IPs and find new black IPs of caused potential cyber threats.

• Journal of Digital Convergence
• /
• v.11 no.3
• /
• pp.273-277
• /
• 2013

Phishing attacks have been implemented in smarter, more advanced ways with the passage of time. Hackers use intelligent phishing attacks to take over computers and to penetrate internal networks in major organizations. So, in this paper, a model for a prevention of phishing attack spread is conceptual designed in order to protect internal users and sensitive or important information from sophisticated phishing attacks. Internal users simultaneously utilize both external web and organizational mail services. And hackers can take the both side equally as a vector. Thus, packets in each service must be monitored and stored to recognize threatening elements from both sides. The model designed in this paper extends the mail server based security structure used in conventional studies for the protection of Internet mail services accessed by intranet users. This model can build a list of phishing sites as the system checks e-mails compared to that of the method that directly intercepts accesses to phishing sites using a proxy server, so it represents no standby time for request and response processes.