• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• 제15권4호
• /
• pp.19-24
• /
• 2015

Security has been a major concern in software development. Security tactics are reusable building blocks providing a general solution for recurring security concerns at the architectural level. They are often used together with architectural patterns which provide a general solution for architecting software systems. However, use of security tactics in architectural patterns has been understood only conceptually without concrete understanding of how their involved elements should be structurally and behaviorally co-designed. In this paper, we present model-driven analyses of security tactics in the context of Broker architectural patterns and provide evidences of the analyses in real world case studies.

• Journal of the Korea Institute of Military Science and Technology
• /
• 제24권6호
• /
• pp.664-675
• /
• 2021

Air force air-to-air combat tactics are occurring at a high speed in three-dimensional space. The specification of the tactics requires dealing with a quite amount of information, which makes it a challenge to accurately describe the maneuvering procedure of the tactics. The specification of air-to-air tactics using natural languages is not suitable because of the intrinsic ambiguity of natural languages. Therefore, this paper proposes an approach of using UML Sequence Diagram to describe air-to-air combat tactics. Since the current Sequence Diagram notation is not sufficient to express all aspects of the tactics, we extend the syntax of the Sequence Diagram to accommodate the required features of air-to-air combat tactics. We evaluate the applicability of the extended Sequence Diagram to air-to-air combat tactics using a case example, that is the manned-unmanned teaming combat tactic. The result shows that Sequence Diagram specification is more advantageous than natural language specification in terms of readability, conciseness, and accuracy. However, the expressiveness of the Sequence Diagram is evaluated to be less powerful than natural language, requiring further study to address this issue.

• Journal of the Korea Institute of Military Science and Technology
• /
• 제25권4호
• /
• pp.401-411
• /
• 2022

As the role of high-value air assets(e.g., AWACS, JSTARS, Rivet Joint, E-2) becomes more critical in modern warfare, the air escort for these assets blocking attacks from any potential enemy fighter also becomes vital. Without the escort, the operations of the assets become restricted. However, such an escort is not always possible due to the limited flight time of the escort fighters. In this paper, we introduce an escort tactics for high-value air assets performed by the manned-unmanned teaming composed of a transport aircraft and UAVs(unmanned aerial vehicles). In this tactics, the transport aircraft plays the role of an aircraft carrier, which carries, launches, and retrieves the UAVs. The missions of UAVs in this tactics are to detect and engage enemy fighters. We also introduce the simulation result of this tactics to identify the UAVs' required capabilities and optimal maneuvering.

• Journal of Positioning, Navigation, and Timing
• /
• 제12권4호
• /
• pp.437-445
• /
• 2023

A space system refers to a network of sensors, ground systems, and space-craft operating in space. The security of space systems relies on information systems and networks that support the design, launch, and operation of space missions. Characteristics of space operations, including command and control (C2) between space-craft (including satellites) and ground communication, also depend on wireless frequency and communication channels. Attackers can potentially engage in malicious activities such as destruction, disruption, and degradation of systems, networks, communication channels, and space operations. These malicious cyber activities include sensor spoofing, system damage, denial of service attacks, jamming of unauthorized commands, and injection of malicious code. Such activities ultimately lead to a decrease in the lifespan and functionality of space systems, and may result in damage to space-craft and, lead to loss of control. The Cybersecurity Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) matrix, proposed by Massachusetts Institute of Technology Research and Engineering (MITRE), consists of the following stages: Reconnaissance, Resource Development, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Command & Control, Exfiltration, and Impact. This paper identifies cybersecurity activities in space systems and satellite navigation systems through the National Institute of Standards and Technology (NIST)'s standard documents, former U.S. President Trump's executive orders, and presents risk management activities. This paper also explores cybersecurity's tactics attack techniques within the context of space systems (space-craft) by referencing the Sparta ATT&CK Matrix. In this paper, security threats in space systems analyzed, focusing on the cybersecurity attack tactics, techniques, and countermeasures of space-craft presented by Space Attack Research and Tactic Analysis (SPARTA). Through this study, cybersecurity attack tactics, techniques, and countermeasures existing in space-craft are identified, and an understanding of the direction of application in the design and implementation of safe small satellites is provided.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권4호
• /
• pp.1825-1844
• /
• 2019

Political campaigns circulate manipulative opinions in online communities to implant false beliefs and eventually win elections. Not only is this type of manipulation unfair, it also has long-lasting negative impacts on people's lives. Existing tools detect political manipulation based on a supervised classifier, which is accurate when trained with large labeled data. However, preparing this data becomes an excessive burden and must be repeated often to reflect changing manipulation tactics. We propose a practical detection system that requires moderate groundwork to achieve a sufficient level of accuracy. The proposed system groups opinions with similar properties into clusters, and then labels a few opinions from each cluster to build a classifier. It also models each opinion with features deduced from raw data with no additional processing. To validate the system, we collected over a million opinions during three nation-wide campaigns in South Korea. The system reduced groundwork from 200K to nearly 200 labeling tasks, and correctly identified over 90% of manipulative opinions. The system also effectively identified transitions in manipulative tactics over time. We suggest that online communities perform periodic audits using the proposed system to highlight manipulative opinions and emerging tactics.

• Convergence Security Journal
• /
• 제23권5호
• /
• pp.165-172
• /
• 2023

Nation-state social engineering attacks are steadily being carried out as they are highly effective attacks, primarily to gain an advantage over secret information, diplomatic negotiations or future policy changes. As The Ukraine-Russia war prolongs, the activities of global hacking organizations are steadily increasing, and large-scale cyberattack attempts against major infrastructure or global companies continue, so a countermeasure strategy is needed. To this end, we determined that the social engineering attack cycle excluding physical contact among various social engineering models is the most suitable model, and analyzed the preferred social engineering attack method by comparing it with geopolitical tactics through case analysis. AS a result China favors phishing attacks, which prefer quantity over quality, such as man-made tactics, Russia prefers covert and complex spear phishing reminiscent of espionage warfare, and North Korea uses geopolitical tactics such as spear phishing and watering holes for attacks on the US and South Korea Most of the other countries aimed to secure funds with ransomware. Accordingly, a Clean Pass policy for China, periodic compulsory education in Russia, and international sanctions against North Korea were presented as countermeasure strategies.

• International Journal of Computer Science & Network Security
• /
• 제22권6호
• /
• pp.97-108
• /
• 2022

The video-assisted human action recognition [1] field is one of the most active ones in computer vision research. Since the depth data [2] obtained by Kinect cameras has more benefits than traditional RGB data, research on human action detection has recently increased because of the Kinect camera. We conducted a systematic study of strategies for recognizing human activity based on deep data in this article. All methods are grouped into deep map tactics and skeleton tactics. A comparison of some of the more traditional strategies is also covered. We then examined the specifics of different depth behavior databases and provided a straightforward distinction between them. We address the advantages and disadvantages of depth and skeleton-based techniques in this discussion.

• Journal of the Society of Disaster Information
• /
• 제3권2호
• /
• pp.79-93
• /
• 2007

With international urgence of terror situation, many methods of terror techniques and skills are appearing and more intense and threatening terror is braking out not only in the air(plane), but also in the sea(ship). Korea is surrounded by 3 sides of sea and is a proud maritime nation that should advance to foreign country through the sea because South Korea and North Korea are confronting. Korea depend on the maritime transportation, 99.7% of exporting, importing material resources. Therefore, acquisition of the marine safety has the great affect on national security and economical life. On the high tension of situation about threat and possibility of maritime terroism, the potential ways of the improvement policy for counter-tactics against big maritime terror are the following. First, we should construct clear and well-organized network for accurate information about maritime terrorism Second, we should have the information of all domestic, foreign passenger's ships Third, national important facilities such as atomic energy plant, thermo-electric power plant, shipyard need policies to manage all emergency situation Fourth, government authorities should improve tactic abilitities by competing with support and budget inside of nation as well as outside of nation. To develop big maritime terror of our country, we will have to hold cooperative training & tactics contest of big maritime terror by cooperating educational industry organization with similar institute, improve the ability of members of big terror and acquire tactics information by excavating and exchanging a new technique through tactics seminar and public hearing.

• Journal of Information Processing Systems
• /
• 제15권4호
• /
• pp.865-889
• /
• 2019

The need for cyber resilience is increasingly important in our technology-dependent society where computing devices and data have been, and will continue to be, the target of cyber-attackers, particularly advanced persistent threat (APT) and nation-state/sponsored actors. APT and nation-state/sponsored actors tend to be more sophisticated, having access to significantly more resources and time to facilitate their attacks, which in most cases are not financially driven (unlike typical cyber-criminals). For example, such threat actors often utilize a broad range of attack vectors, cyber and/or physical, and constantly evolve their attack tactics. Thus, having up-to-date and detailed information of APT's tactics, techniques, and procedures (TTPs) facilitates the design of effective defense strategies as the focus of this paper. Specifically, we posit the importance of taxonomies in categorizing cyber-attacks. Note, however, that existing information about APT attack campaigns is fragmented across practitioner, government (including intelligence/classified), and academic publications, and existing taxonomies generally have a narrow scope (e.g., to a limited number of APT campaigns). Therefore, in this paper, we leverage the Cyber Kill Chain (CKC) model to "decompose" any complex attack and identify the relevant characteristics of such attacks. We then comprehensively analyze more than 40 APT campaigns disclosed before 2018 to build our taxonomy. Such taxonomy can facilitate incident response and cyber threat hunting by aiding in understanding of the potential attacks to organizations as well as which attacks may surface. In addition, the taxonomy can allow national security and intelligence agencies and businesses to share their analysis of ongoing, sensitive APT campaigns without the need to disclose detailed information about the campaigns. It can also notify future security policies and mitigation strategy formulation.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제9권12호
• /
• pp.5116-5134
• /
• 2015

In this paper, due to the network security defense is mainly static defense, a dynamic classification network security defense strategy model is proposed by analyzing the security situation of complex computer network. According to the network security impact parameters, eight security elements and classification standard are obtained. At the same time, the dynamic classification algorithm based on fuzzy theory is also presented. The experimental analysis results show that the proposed model and algorithm are feasible and effective. The model is a good way to solve a safety problem that the static defense cannot cope with tactics and lack of dynamic change.