• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.10
• /
• pp.602-608
• /
• 2020

Development of Internet technology and the spread of various smart devices provide a convenient computing environment for people, which is becoming common thanks to the Internet of Things (IoT). However, attacks by hackers have caused various problems, such as leaking personal information or violating privacy. In the IoT environment, various smart devices are connected, and network attacks that are used in the PC environment are occurring frequently in the IoT. In fact, security incidents such as conducting DDoS attacks by hacking IP cameras, leaking personal information, and monitoring unspecified numbers of personal files without consent are occurring. Although attacks in the existing Internet environment are PC-oriented, we can now confirm that smart devices such as IP cameras and tablets can be targets of network attacks. Through performance evaluation, the proposed protocol shows 11% more energy efficiency on servers than RSA, eight times greater energy efficiency on clients than Kerberos, and increased efficiency as the number of devices increases. In addition, it is possible to respond to a variety of security threats that might occur against the network. It is expected that efficient operations will be possible if the proposed protocol is applied to the IoT environment.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.23 no.5
• /
• pp.392-399
• /
• 2013

Due to the development of IT technology and the information age, a dependency of the network over the most of our lives have grown to a greater extent. Although it provides us to get various useful information and service, it also has negative effectiveness that can provide network intruder with vulnerable roots. In other words, we need to urgently cope with theses serious security problem causing service disableness or system connected to network obstacle with exploiting various packet information. Many experts in a field of security are making an effort to develop the various security solutions to respond against these threats, but existing solutions have a lot of problems such as lack of storage capacity and performance degradation along with the massive increase of packet data volume. Therefore we propose the packet analysis model to apply issuing Big Data technology in the field of security. That is, we used NoSQL which is technology of massive data storage to collect the packet data growing massive and implemented the packet analysis model based on K-means clustering using MapReudce which is distributed programming framework, and then we have shown its high performance by experimenting.

• The KIPS Transactions:PartC
• /
• v.19C no.2
• /
• pp.99-118
• /
• 2012

In PMIPv6-based network, mobile nodes can be made smaller and lighter because the network nodes perform the mobility management-related functions on behalf of the mobile nodes. The one of the protocols, Fast Handovers for Proxy Mobile IPv6(FPMIPv6)[1] has studied by the Internet Engineering Task Force(IETF). Since FPMIPv6 adopts the entities and the concepts of Fast Handovers for Mobile IPv6(FMIPv6) in Proxy Mobile IPv6(PMIPv6), it reduces the packet loss. Conventional scheme has proposed that it cooperated with an Authentication, Authorization and Accounting(AAA) infrastructure for authentication of a mobile node in PMIPv6, Despite the best efficiency, without begin secured of signaling messages, PMIPv6 is vulnerable to various security threats such as the DoS or redirect attAcks and it can not support global mobility between PMIPv. In this paper, we analyze Kang-Park & ESS-FH scheme, and then propose an Enhanced Security scheme for FPMIPv6(ESS-FP). Based on the CGA method and the pubilc key Cryptography, ESS-FP provides the strong key exchange and the key independence in addition to improving the weaknesses for FPMIPv6. The proposed scheme is formally verified based on Ban-logic, and its handover latency is analyzed and compared with that of Kang-Park scheme[3] & ESS-FH and this paper propose inter-domain fast handover sheme for PMIPv6 using proxy-based FMIPv6(FPMIPv6).

• Convergence Security Journal
• /
• v.12 no.2
• /
• pp.99-106
• /
• 2012

March 11, 2010, in Japan located over East Sea of Korea, due to the strong earthquake tsunami, Fukushima Nuclear Power Plant was ceased and exploded resulting in leaking radioactive substances. Even though it was an accident happened in a nation, leaked radioactive substances were spread across the world moving along ocean currents and air current. Our nation also had terror and confusion about radioactive rain after the accident, and even though a year has been passed by after the accident, the problem on the radioactive contamination isn't solved. So to speak, nuclear accident of neighboring country is a threat to our nation but not only Japan but also Chinese ocean across the West Sea has nuclear power plants. Beside threat of nuclear accident of neighboring countries, North Korea in military confrontation is the world 3rd country holding chemical and biological weapons and can spray the biological weapons to South Korea at any time like Yeonpyeong-do bombard provocation in November, 2010. The study is the strategy confronting such threats and grafted artificial rain technology which is weather control technology. Since radioactive substances on radioactive accidents and North Korean biological weapons can differ in the density by the weather condition, only artificial rain technology can remove the threat perfectly but it is worth to try as the method to reduce damage and in the aspect of psychology. To use the artificial rain technology in the aspect of national security to acquire the public safety, research institutes such ADD should fulfill active and symbolic technology research development.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.513-525
• /
• 2020

Until today, the personal information of subjects has been centralized in many companies or institutions. However, in recent days, the paradigm has gradually changed in the direction that subjects control their personal information and persue their self-sovereignty. Globally, individual data sovereignty is strengthened by the European Union's General Data Protection Regulation(GDPR) and the US California Consumer Privacy Act(CCPA). In Korea, a few alliances consist of various companies are creating technology research and service application cases for decentralized ID service model. In this paper, the current decentralized ID service model and its limitations are studied, and a improved decentralized ID service model that can solve them is proposed. The proposed model has a function of securely storing decentralized ID to the third party and a linkage function that can be interoperated even if different decentralized ID services are generated. In addition, a more secure and convenient model by identifying the security threats of the proposed model and deriving the security requirements, is proposed. It is expected that the decentralized ID technology will be applied not only to the proof of people but also to the device ID authentication management of the IoT in the future.

• Strategy21
• /
• s.44
• /
• pp.5-27
• /
• 2018

The purpose of this paper is to look at USN's efforts to rebuild its combat power in the face of a reemergence of great powers competition, and to propose some recommendations for the ROKN. In addition to the plan to augment its fleet towards a 355-ships capacity, the USN is pursuing to improve exponentially combat lethality(quality) of its existing fleet by means of innovative science and technology. In other words, the USN is putting its utmost efforts to improve readiness of current forces, to modernize maintenance facilities such as naval shipyards, and simultaneously to invest in innovative weapons system R&D for the future. After all, the USN seems to pursue innovations in advanced military Science & Technology as the best way to ensure continued supremacy in the coming strategic competition between great powers. However, it is to be seen whether the USN can smoothly continue these efforts to rebuild combat strength vis-a-vis its new competition peers, namely China and Russian navy, due to the stringent fiscal constraints, originating, among others, from the 2011 Budget Control Act effective yet. Then, it seems to be China's unilateral and assertive behaviors to expand its maritime jurisdiction in the South China Sea that drives the USN's rebuild-up efforts of the future. Now, some changes began to be perceived in the basic framework of the hitherto regional maritime security, in the name of declining sea control of the USN as well as withering maritime order based on international law and norms. However, the ROK-US alliance system is the most excellent security mechanism upon which the ROK, as a trading power, depends for its survival and prosperity. In addition, as denuclearization of North Korea seems to take significant time and efforts to accomplish in the years to come, nuclear umbrella and extended deterrence by the US is still noting but indispensible for the security of the ROK. In this connection, the naval cooperation between ROKN and USN should be seen and strengthened as the most important deterrents to North Korean nuclear and missile threats, as well as to potential maritime provocation by neighboring countries. Based on these observations, this paper argues that the ROK Navy should try to expand its own deterrent capability by pursuing selective technological innovation in order to prevent this country's destiny from being dictated by other powers. In doing so, however, it may be too risky for the ROK to pursue the emerging, disruptive innovative technologies such as rail gun, hypersonic weapon... etc., due to enormous budget, time, and very thin chance of success. This paper recommends, therefore, to carefully select and extensively invest on the most cost-effective technological innovations, suitable in the operational environments of the ROK. In particular, this paper stresses the following six areas as most potential naval innovations for the ROK Navy: long range precision strike; air and missile defense at sea; ASW with various unmanned maritime system (UMS) such as USV, UUV based on advanced hydraulic acoustic sensor (Sonar) technology; network; digitalization for the use of AI and big data; and nuclear-powered attack submarines as a strategic deterrent.

• Korean Security Journal
• /
• no.61
• /
• pp.9-38
• /
• 2019

As the scales & density of the Korean national infrastructures have been increased, they will be identified as rich and attractive potential targets for intensified North Korea's attack in the rear region and terrorism attack. In addition, due to changes in security environment such as drone threats and lack of security forces under the 52-hour workweek law, I think that it is the proper time point to reevaluate the effectiveness and appropriateness of the current physical protection system and its shift to a new system. In this study, the direction and improvement of the perimeter physical protection systems of the national infrastructures are to be studied from the viewpoints of its concepts of operations and design methodology, focusing on the nuclear power plant. The reason why we focus on nuclear power plants is because they cause wide-range and long-term damages caused by radioactive materials disperal and pollution, along with short-term damage caused by the interruption of electricity generation in the event of damage to nuclear power plants. With the aim of extracting improvement directions, as we will comprehensively review domestic research trends and domestic·overseas related laws, and consider Korea's specificity, we try to reframe the concept of operation - systematization, mobilization and flexibility -, and establish criteria on system change. In order to improve the technical performance of the new perimeter physical protection system, we study on high-fidelity·multi-methodology based integrated design methodology, breaking from individual silo-type design methods, and I suggest improvement of government procurement, its expansion to export business and other national infrastructure.

• Journal of Internet Computing and Services
• /
• v.17 no.6
• /
• pp.81-91
• /
• 2016

VANET is one of the most developed technologies many people have considered a technology for the next generation. It basically utilizes the wireless technology and it can be used for measuring the speed of the vehicle, the location and even traffic control. With sharing those information, VANET can offer Cooperative ITS which can make a solution for a variety of traffic issues. In this way, safety for drivers, efficiency and mobility can be increased with VANET but data between vehicles or between vehicle and infrastructure are included with private information. Therefore alternatives are necessary to secure privacy. If there is no alternative for privacy, it can not only cause some problems about identification information but also it allows attackers to get location tracking and makes a target. Besides, people's lives or property can be dangerous because of sending wrong information or forgery. In addition to this, it is possible to be information stealing by attacker's impersonation or private information exposure through eavesdropping in communication environment. Therefore, in this paper we propose Privacy Assurance Architecture for VANET to ensure privacy from these threats.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.63-69
• /
• 2017

In the early 1990s, IETF(Internet Engineering TaskForce) had started the discussion on new address protocol that can modify and supplement various drawbacks of existing IPv4 address protocol with the introduction of CIDR(Classless Inter-Domain Routing) which is a temporary solution for IPv4 address depletion, NAT, private IP address. While various standards related to new address protocol has been proposed, the SIPP(Simple Internet Protocol Plus) was adopted among them because it is regarded as the most promising solution. And this protocol has been developed into current IPv6. The new concepts are introduced with modifying a lot of deficiencies in the exisitng IPv4 such as real-time data processing, performance on QoS, security and the efficiency of routing. Since many security threats in IPv6 environment still exist, the necessity of stable data communication environment has been brought up continuously. This paper deveopled one-way communication algorithm in IPv6 based on the high possibility of protecting the system from uncertain and potential risk factors if the data is transmitted in one way. After the analysis of existing IPv6 and ICMPv6, this paper suggests one-way communication algorithm as a solution for existing IPv6 and ICMPv6 environment.

• Maritime Security
• /
• v.1 no.1
• /
• pp.93-117
• /
• 2020

Four cargo ships were ambushed by bombs in 2019 while navigating in the Strait of Hormuz. It was not clear who attacked those ships, however, many nations including the United States argued that it was Iran due to several reasons. The United States established the maritime collective defense system named International Maritime Security Construct (IMSC) in order to protect the maritime security in the Strait of Hormuz, without disclosure against whom it is aimed. Persian, who uses the Persian language unlike other countries in the Middle East, is the major ethnic group in Iran, and most of them believe Shi'ah Islam while most of the Arabs in the Gulf countries adhere to Sunni Islam. It seems that historic and religious motives caused the bipolar system in the Middle East, however, it is plausible to analyze the system of international affairs in the Middle East via defensive or structural realism. Iran has attempted to maintain its hegemony in the region by supporting Shi'ah muslims in the neighboring countries as well as in the world by using military and economic means. In this context, Iran's maritime strategy is to maintain its maritime hegemony on the Persian Gulf via countering threats and cooperating with friendly navies by using the Islamic Republic of Iran Navy(IRIN) and the Islamic Revolutionary Guard Corps Navy(IRGCN). IRIN acts like other navies in the world: protecting national interest at sea, expending its operational areas to the outer seas, and enhancing cooperation with other navies. Meanwhile, IRGCN plays a role as an asymmetric force at sea. It is composed of small and fast asymmetric assets, which can ambush ships fast and furious. Considering the poor study for Iran's maritime strategy in Korea, analyzing the strategy is meaningful for the Republic of Korea Navy, which has operated the Cheonghae Unit for more than ten years since it has extended its operational area over the Strait of Hormuz. In order not to be drawn into the conflict in the Strait, research on the maritime strategy of Iran and other countries in the Middle East should be started.