• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.12 no.2
• /
• pp.29-42
• /
• 2004

This paper performs a historical review on aviation threats through a statistical survey. The impact factor, as a criterion to measure the seriousness of the threats occurred, is introduced and evaluated based on annual totals of hijacking and fatalities against aircraft 1948 through 2004. Also, the paper suggests processes of evaluating the level of threats and key functions for an effective management of the aviation security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1133-1151
• /
• 2019

Insider threats in the field of information security are so important that the research is continuing centering on the institutes attached to the Carnegie Mellon University. On the other hand, we do not have any separate research institutes. In particular, insider threat research on the defense IT environment directly connected with the survival of the country is not proceeding in depth. In addition, due to the specificity of the military, defense IT security has limited research as an academic discipline, and even the establishment of concepts has not been achieved properly. In addition, because of differences in the environment, the US standard can not be borrowed as it is. This paper analyzes the defense IT environment and defines an insider (threat) suitable for the Korea military environment. I'd like to suggest the type of insider threat and how to mitigate it.

• Journal of Korea Multimedia Society
• /
• v.20 no.2
• /
• pp.279-288
• /
• 2017

Nowadays, nations cyber security capabilities play an important role in a nation's defense. Security-critical infrastructures such as national defenses, public services, and financial services are now exposed to Advanced Persistent Threats (APT) and their resistance to such attacks effects the nations stability. Currently Cyber Threat Intelligence (CTI) is widely used by organizations to mitigate and deter APT for its ability to proactively protect their assets by using evidence-based knowledge. The evidence-based knowledge information can be exchanged among organizations and used by the receiving party to strengthen their cyber security management. This paper will discuss on the business process reengineering of the CTI information exchange management for a nationwide scaled control and governance by the government to better protect their national information security assets.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1722-1737
• /
• 2019

We developed an insider threat detection model to be used by organizations that repeat tasks at regular intervals. The model identifies the best combination of different feature selection algorithms, unsupervised learning algorithms, and standard scores. We derive a model specifically optimized for the organization by evaluating each combination in terms of accuracy, AUC (Area Under the Curve), and TPR (True Positive Rate). In order to validate this model, a four-year log was applied to the system handling sensitive information from public institutions. In the research target system, the user log was analyzed monthly based on the fact that the business process is processed at a cycle of one year, and the roles are determined for each person in charge. In order to classify the behavior of a user as abnormal, the standard scores of each organization were calculated and classified as abnormal when they exceeded certain thresholds. Using this method, we proposed an optimized model for the organization and verified it.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.26 no.3
• /
• pp.281-301
• /
• 2023

The shipboard combat system is a key system for naval combat that supports a command and control process cycle consisting of Detect - Control - Engage in real time to ensure ship viability and conduct combat missions. Modern combat systems were developed on the basis of Open Architecture(OA) to maximize acceptance of latest technology and interoperability between systems, and actively introduced the COTS(Commercial-of-the-shelf). However, as a result of that, vulnerabilities inherent in COTS SW and HW also occurred in the combat system. The importance of combat system cybersecurity is being emphasized but cybersecurity research reflecting the characteristics of the combat system is still lacking in Korea. Therefore, in this paper, we systematically identify combat system threats by applying Data Flow Diagram, Microsoft STRIDE threat modelling methodology. The threats were analyzed using the Attack Tree & Misuse case. Finally we derived the applicable security requirements which can be used at stages of planning and designing combat system and verified security requirements through NIST 800-53 security control items.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.437-447
• /
• 2018

Virtual Reality (VR) is becoming a new standard in the game industry. PokeMon GO is a representative example of VR technology. The day after the launch of PokeMon Go in the U.S, It has achieved the highest number of iOS App Store downloads. This is an example of the power of VR. VR comprises gyroscopes, acceleration, tactile sensors, and so on. This allow users could be immersed in the game. As new technologies emerge, new and different threats are created. So we need to research the security of VR technology and game system. In this paper, we conduct a threat analysis for information assurance of VR device (Oculus Rift) and game system (Quake). We systematically analyze the threats (STRIDE, attack library, and attack tree). We propose security measures through DREAD. In addition, we use Visual Code Grepper (VCG) tool to find out logic errors and vulnerable functions in source code, and propose a method to solve them.

• Journal of Convergence for Information Technology
• /
• v.8 no.6
• /
• pp.149-157
• /
• 2018

In this paper, we propose an attack detection technology using SDN Controller to study security threats in IoT environment. The research methodology has been developed by applying IoT security threat management technology to the IoT layer and analyzing the research trend of applied security technology. The study results show that the effectiveness of the detection method using the sampling method is studied by adding OpenFlow based SDN Controller to the network switch equipment of the existing IoT network. This method can detect the monitoring and attack of the whole network by interworking with IDS and IPS without affecting the performance of existing IoT devices. By applying such improved security threat countermeasure technology, we expect to be able to relieve anxiety of IoT security threat and increase service reliability.

• Journal of Advanced Navigation Technology
• /
• v.27 no.1
• /
• pp.16-22
• /
• 2023

Terrorists have been attacking in the vulnerable points of aviation sector with the diverse methods of attacks. Recently, Vulnerability is increasing because the Modus Operandi of Terrorism is carried out by exploitation of people in the form of employee working in aviation sector whose role provides them with privileged access to secured locations, secured items or security sensitive information. Furthermore, cases of insider threat are rising across the world with the phenomenon of personal radicalization through internet and social network service. The government of ROK must respond to insider threat could exploit to acts of unlawful interference and the security regulations should be established to prevent from insider threat in advance refer to the acts of unlawful interference carried out in foreign countries and the recommendations by USA, UK and ICAO.

• Journal of Advanced Navigation Technology
• /
• v.11 no.2
• /
• pp.203-208
• /
• 2007

Because the networks and systems become more complex, the implementation of the security countermeasures for important Information Systems becomes more critical consideration. The designers and developers of the security policy should recognize the importance of building security countermeasures by using both technical and non-technical methods, such as personnel and operational facts. Security countermeasures may be made for formulating an effective overall security solution to address threats at all layers of the information infrastructure. But all these works can be done after assuming who is the threat agent. In this paper we identify the treat agents for information systems, summarize the characteristics of threat agents, and apply weighting factors to them.

• Journal of Information Technology Applications and Management
• /
• v.16 no.3
• /
• pp.73-86
• /
• 2009

To establish an effective security strategy, business enterprises need a security benchmarking tool. The strategy helps to lessen an impact and a damage in any threat. This study analyses many aspects of information security management and suggests a way to deal with security investments by considering important factors that affect security manager's decision. To address the different threats resulting from a major cause of accidents inside an enterprise, we investigate an approach that followed ISO17799. We unfold a criminology theory that has designated many measures against the threat as suggested by General Deterrence Theory. The study proposes a coherent model of the theory to improve the security measures especially in handling and protecting company assets and human lives as well.