• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.515-530
• /
• 2013

The results of investigations into marine incidents have become an important basis in determining not only possible causes, but also the extent of negligence between the perpetrator and victim. However, marine incidents occur under special circumstances i.e. the marine environment, and this leads to difficulties in identifying causes due to problems in scene preservation, reenactment and acquisition of witnesses. Given the aforementioned characteristic of marine incidents, the International Convention for the Safety of Life at Sea (SOLAS) has adopted mandatory regulations on the carriage of Voyage Data Recorders (VDRs) and Automatic Identification Systems (AIS) for ships of a certain gross tonnage and upwards, so as to reflect recent developments in radio communication and marine technology. Adopted to provide an international standard for investigations and to promote cooperation, the Code of the International Standards and Recommended Practices for a Safety Investigation into a Marine Casualty or Marine Incident (Casualty Investigation Code) recommends member states to build capacity for analysis of VDR data. Against this backdrop, this paper presents methods for efficient investigations into the causes behind marine incidents based on data analysis of VDR, which serves as the black box of ships, as well as digital forensic techniques.

• The Journal of the Korea Contents Association
• /
• v.21 no.2
• /
• pp.631-640
• /
• 2021

The purpose of this study focuses on and explain the policy-determining factors that emerged in the process of revising customized wages for the National Basic Livelihood Security Act on December 30, 2014. This is an analysis of the reasons why the rapid revision of the welfare system could have been made at a certain time in a situation that did not progress despite the specific demand for revision of the law surrounding the blind spot. To this end, using Kingdon's policy flow model, which emphasizes the contingency of policy decisions, the flow of problems, political flows, and policy alternatives were reviewed respectively. In the course of each of these flows, the suicide incident of mother and 2 daughters in Songpa served as a major medium that played a large role in the policy-making process and the window of policy could be opened. As a result, This incident triggered social and policy interest in the issue of the National Basic Livelihood Security Act. It was found that the law was revised quickly, causing a great wave of waves as a social issue.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.5
• /
• pp.1909-1928
• /
• 2021

At present, the Colombian government shares information on threats or vulnerabilities in the area of cybersecurity and cyberdefense, from other government agencies or departments, on an ad-hoc basis but not in real time, with the surveillance entities of the Government of the Republic of Colombia such as the Joint Command of Cybernetic Operations (CCOCI) and the Cybernetic Emergencies Response Team of Colombia (ColCERT). This research presents the MS-CSIRT (Management System Computer Security Incident Response Teams) methodology, that is used to unify the guidelines of a CSIRT towards a joint communication command in cybersecurity for the surveillance of Information Technology (IT), Technological Operations (TO), Internet Connection Sharing (ICS) or Internet of Things (IoT) infrastructures. This methodology evaluates the level of maturity, by means of a roadmap, to establish a CSIRT as a reference framework for government entities and as a guide for the areas of information security, IT and TO to strengthen the growth of the industry 4.0. This allows the organizations to draw a line of cybersecurity policy with scope, objectives, controls, metrics, procedures and use cases for the correct coordination between ColCERT and CCOCI, as support entities in cybersecurity, and the different companies (ICS, IoT, gas and energy, mining, maritime, agro-industrial, among others) or government agencies that use this methodology.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.487-498
• /
• 2023

Security incidents using vulnerabilities in cloud services occur, but it is difficult to collect and analyze traces of incidents in cloud environments with complex and diverse service models. As a result, the importance of cloud forensics research has emerged, and infringement response scenarios must be designed from the perspective of cloud service users (CSUs) and cloud service providers (CSPs) based on representative security threat cases in the public cloud service model. This simulated hacking-based proactive cloud infringement response framework can be used to respond to the cloud service critical resource attack process from the viewpoint of vulnerability detection before cyberattacks occur on the cloud, and can also be expected for data acquisition. Therefore, in this paper, we propose a framework for preventive cloud infringement based on simulated hacking by analyzing and utilizing Cloudfox, a cloud penetration test tool.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.10a
• /
• pp.401-404
• /
• 2019

최근 국가기반시설 산업제어시스템은 시나리오를 기반으로 시뮬레이션 훈련을 진행한다. 그러나 국내 ICS 보안 기술은 외부 경계 보호에 중점을 둔 시나리오가 대다수였기 때문에 내부에서 발생할 수 있는 시나리오 가이드라인이 상대적으로 부족하고 이를 평가하는 기준 또한 제대로 정의되어 있지 않다. 내부 공격이 증가함에 따라 국내에서도 사회공학적 기법에 초점을 둔 시뮬레이션 훈련을 진행할 필요가 있다. 이에 본 논문은 NEI 08-09 의 운영·관리항목 중 가장 빈번하게 발생하는 위협을 바탕으로 한 시나리오 및 구성요소를 개발하고, 이를 평가할 수 있는 명확한 기준을 제시하여 효과적인 비상대응 훈련을 수행할 수 있도록 한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38C no.8
• /
• pp.651-662
• /
• 2013

In this study, we suggest the selecting evaluation method considering 6 major factors like Compliance system application (Development language conformance, Platform Compliance), threat evaluation (criticality of security incident, possibility of security incident), application benefit (Reliability / quality improvement, Modify Cost) for appropriate secure coding rule selecting evaluation. Using this method, we selected and make a set consist of 197 secure coding rules for Battlefield Management System Software. And calculated the application priority for each rules.

• Convergence Security Journal
• /
• v.19 no.1
• /
• pp.87-95
• /
• 2019

The damage is increasing due to many encroachment accidents caused by increasingly sophisticated cyber attacks. Many institutions and businesses lack early response to invest a lot of resources in the infrastructure for incident detection. The initial response of an intrusion is to identify the route of attack, and many cyber attacks are targeted at software vulnerabilities. Therefore, analyzing the artifacts of a Windows system against software vulnerabilities and classifying the analyzed data can be utilized for rapid initial response. Therefore, the remaining artifacts upon entry of attacks by software are classified, and artifact grouping is presented for use in analysis of encroachment accidents.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.49-60
• /
• 2015

Smart Grid devices are the major components of the Smart Grid. They collect and process a variety informations relating power services and support intelligent power services by exchanging informations with other SG devices or systems. However, If a SG device is attacked, the device can provide attack route to attacker and attacker can attack other SG devices or systems using the route. It may cause problem in power services. So, when cyber incident is happened, we need to acquire and examine digital evidence of SG device quickly to secure availability of SG. In this paper, we designed remote evidence acquisition system to acquire digital evidences from SG devices to response quickly to incidents of SG devices. To achieve this, we analyzed operating environment of SG devices and thought remote digital evidence acquisition system of SG devices will be more effective than remote digital evidence acquisition system targeted general IT devices. So, we introduce design method for SG devices remote evidence acquisition system considered operating environment of SG devices.

• Journal of Korean Society of Disaster and Security
• /
• v.6 no.1
• /
• pp.47-53
• /
• 2013

Standard Incident Command System in Korea is that Incident Command System for Emergency Rescue Operation, which is commanded only by Fire Fighting Agencies. However, in the event of a disaster such as the flood, storm, or landslide disaster, there are many disaster response activities performed by the General Public Officers at the disaster on-scene. Yet, there isn't an Natural Disaster Command System for the General Public Officers in Korea. Thus, we have studied the response activities needed cooperation among agencies and proposed some considerations of the Natural Disaster Command System for General Public Officers. The system will be useful to response and recover disaster rapidly, seamlessly, and cooperatively among General Public Officers and the related agencies.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.285-288
• /
• 2010

Chinese hackers hack the e-commerce site by bypass South Korea IP to connect to the third country, finance damaging a violation incident that fake account. 7.7.DDoS attack was the case of a hacker attack that paralyzed the country's main site. In this paper, the analysis is about vulnerabilities that breaches by hackers and DDoS attacks. Hacker's attacks and attacks on the sign of correlation analysis is share the risk rating for in real time, Red, Orange, Yellow, Green. Create a blacklist of hackers and real-time attack will be studied security and air conditioning systems that attacks and defend. By studying generate forensic data and confirmed in court as evidence of accountability through IP traceback and detection about packet after Incident, contribute to the national incident response and development of forensic techniques.