• Korea and Global Affairs
• /
• v.3 no.2
• /
• pp.87-130
• /
• 2019

This paper aims to analyze the recent progress(current situation) and tasks of arms control in North and South Korea. To this end the paper is composed of 5 chapters titled instruction; recent progress(current situation) of arms control in South and North Korea; constraints and tasks of arms control on the Korean peninsula; and conclusion. One of the most important tasks for the establishment of a peace structure for the coexistence of the Korean people in the 21st century is the realization of military control in order to resolve the acute military confrontation situation and mutual threats. With the 2018 PyeongChang Winter Olympics, the North-South summit and the subsequent talks for peace and denuclearization on the Korean Peninsula, the North Korea-US summit, and subsequent talks are creating conditions for trust building and arms control between the two Koreas. The military trust between the two Koreas and operational arms control are being achieved through the declaration of the April 27 Panmunjom and the 'Military Agreement for the Implementation of the Panmunjom Declaration.' However, since there are constraints on the control of arms control, such as the persistence of hostility and distrust of the two Koreas, the defense treaty between the two Koreas and neighboring countries, the competition of neighboring countries and the complex interests of the Korean peninsula, Trust Building is important. We should resolve the issue of arms control between the two Koreas, taking into account the trend of international arms control over the internal and external dynamics of the Korean peninsula gradually and carefully, with a vision of long-term unification security.

• Journal of Platform Technology
• /
• v.9 no.3
• /
• pp.3-17
• /
• 2021

Advanced persistent threat (APT) attacks are attacks aimed at a particular entity as a set of latent and persistent computer hacking processes. These APT attacks are usually carried out through various methods, including spam mail and disguised banner advertising. The same name is also used for files, since most of them are distributed via spam mail disguised as invoices, shipment documents, and purchase orders. In addition, such Infostealer attacks were the most frequently discovered malicious code in the first week of February 2021. CDR is a 'Content Disarm & Reconstruction' technology that can prevent the risk of malware infection by removing potential security threats from files and recombining them into safe files. Gartner, a global IT advisory organization, recommends CDR as a solution to attacks in the form of attachments. There is a program using CDR techniques released as open source is called 'Dangerzone'. The program supports the extension of most document files, but does not support the extension of HWP files that are widely used in Korea. In addition, Gmail blocks malicious URLs first, but it does not block malicious URLs in mail systems such as Naver and Daum, so malicious URLs can be easily distributed. Based on this problem, we developed a 'Dangerzone' program that supports the HWP extension to prevent APT attacks, and a Chrome extension that performs URL checking in Naver and Daum mail and blocking banner ads.

• Maritime Security
• /
• v.1 no.1
• /
• pp.311-343
• /
• 2020

Because of the global warming, the Arctic Ocean is expected to be ice-free by the year 2035. When the Arctic Ocean will be opened, a number of national interests will become more salient as experiencing a shortened sailing distance and decreasing navigation expense, possibility of natural resources transport by sea from Arctic Circle, and indirect-profit making by building a herb port in Asia. To secure the national interests and support the free activities of people in this region, R.O.K government is trying to make advanced policies. In order to carry out the naval tasks in the Arctic Ocean, using the operational characteristics(mobility, flexibility, sustainability, presence of capabilities, projection) is necessary. To this end, ROK Navy should analyze the operational environment (O.E.) by its capability(weakness and strength), opportunity, and threat. R.O.K. Navy should make an effort over the following issues to implement the tasks in the Arctic Ocean: first, Navy needs to map out her own plan (Roadmap) under the direction of government policies and makes crews participate in the education·training programs in home and abroad for future polar experts. Third, to develop the forces and materials for the tasks in cold, far operations area, Navy should use domestic well-experienced shipbuilding skills and techniques of the fourth industrial revolution. Next, improving the combined operations capabilities and military trust with other countries in the Arctic region to cover the large area with lack of forces' number and to resolve the ports of call issues. Lastly, preparation in advance to execute a variety of missions against military and non-traditional threats such as epidemics, HA/DR, SOLAS, in the future operation area is required.

• Journal of Software Assessment and Valuation
• /
• v.16 no.1
• /
• pp.65-79
• /
• 2020

As Programmable Logic Controllers (PLCs), popular components in industrial control systems (ICS), are incorporated with the technologies such as micro-controllers, real-time operating systems, and communication capabilities. As the latest PLCs have been connected to the Internet, they are becoming a main target of cyber threats. This paper proposes two sanitizers that improve the security of uC/OS-II based firmware for a PLC. That is, we devise BU sanitizer for detecting out-of-bounds accesses to buffers and UaF sanitizer for fixing use-after-free bugs in the firmware. They can sanitize the binary firmware image generated in a desktop PC before downloading it to the PLC. The BU sanitizer can also detect the violation of control flow integrity using both call graph and symbols of functions in the firmware image. We have implemented the proposed two sanitizers as a prototype system on a PLC running uC/OS-II and demonstrated the effectiveness of them by performing experiments as well as comparing them with the existing sanitizers. These findings can be used to detect and mitigate unintended vulnerabilities during the firmware development phase.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.1-13
• /
• 2022

As the information and communication environment develops, the environment of military facilities is also development remarkably. In proportion to this, cyber threats are also increasing, and in particular, APT attacks, which are difficult to prevent with existing signature-based cyber defense systems, are frequently targeting military and national infrastructure. It is important to identify attack groups for appropriate response, but it is very difficult to identify them due to the nature of cyber attacks conducted in secret using methods such as anti-forensics. In the past, after an attack was detected, a security expert had to perform high-level analysis for a long time based on the large amount of evidence collected to get a clue about the attack group. To solve this problem, in this paper, we proposed an automation technique that can classify an attack group within a short time after detection. In case of APT attacks, compared to general cyber attacks, the number of attacks is small, there is not much known data, and it is designed to bypass signature-based cyber defense techniques. As an attack model, we used MITRE ATT&CK® which modeled many parts of cyber attacks. We design an impact score considering the versatility of the attack techniques and proposed a group similarity score based on this. Experimental results show that the proposed method classified the attack group with a 72.62% probability based on Top-5 accuracy.

• Smart Media Journal
• /
• v.12 no.9
• /
• pp.9-18
• /
• 2023

Black box cryptography is a cryptographic scheme based on a hardware encryption device, operating under the assumption that the device and the user can be trusted. However, with the increasing use of cryptographic algorithms on unreliable open platforms, the threats to black box cryptography systems have become even more significant. As a consequence, white box cryptography have been proposed to securely operate cryptographic algorithms on open platforms by hiding encryption keys during the encryption process, making it difficult for attackers to extract the keys. However, unlike traditional cryptography, white box-based encryption lacks established specifications, making challenging verify its structural security. To promote the safer utilization of white box cryptography, CHES organizes The WhibOx Contest periodically, which conducts safety analyses of various white box cryptographic techniques. Among these, the Differential Computation Analysis (DCA) attack proposed by Bos in 2016 is widely utilized in safety analyses and represents a powerful attack technique against robust white box block ciphers. Therefore, this paper analyzes the research trends in white box block ciphers and provides a summary of DCA attacks and relevant countermeasures. adhering to the format of a research paper.

• The Journal of the Convergence on Culture Technology
• /
• v.10 no.2
• /
• pp.267-272
• /
• 2024

Recently, major advanced countries are fostering megacities through policy for reasons such as solving population problems, political and economic issues, and strengthening national competitiveness. The trend of change is accelerating. In Korea, following Seoul and Gyeonggi, mega city policies are being promoted in Busan, Ulsan, Gyeongnam, Daegu and Gyeongbuk, Gwangju and Jeonnam, and Daejeon, Sejong, South Chungcheong and North Chungcheong areas. Due to this urbanization phenomenon, military experts predict that the future battlefield environment will be space or a large city (mega city). From this perspective, Korea will not be able to effectively respond to the threats facing megacities if it does not prepare in advance. Therefore, underground facility operation capabilities optimized for the huge scale of the mega city and the characteristics of the underground operational environment are required. Against this background, the characteristics of the underground operational environment of mega cities and cases of preparation for underground facility operations in advanced military countries such as the United States and Israel were analyzed. Based on this, the capabilities required for underground facility operations suitable for the underground operational environment within Korean megacities are developed from an idea perspective to military organization and combat system, securing special equipment and materials to ensure combatant survival, developing small unit combat techniques, and establishing a training system. It was presented with priority given to.

• The Journal of the Convergence on Culture Technology
• /
• v.10 no.2
• /
• pp.167-172
• /
• 2024

In major wars of the 21st century, drones are expanding beyond surveillance and reconnaissance to include land and air as well as sea and underwater for purposes such as precision strikes, suicide attacks, and cognitive warfare. These drones will perform multi-domain operations, and to this end, they will continue to develop by improving the level of autonomy and strengthening scalability based on the High-Low Mix concept. Recently, drones have been used as a major means in major wars around the world, and there seems to be a good chance that they will evolve into game changers in the future. North Korea has also been making significant efforts to operate reconnaissance and attack drones for a long time. North Korea has recently continued to engage in provocations using drones, and its capabilities are gradually becoming more sophisticated. In addition, with the recent emergence of new strategic Drones, wartime and peacetime threats such as North Korea's use of these to secure surveillance, reconnaissance and early warning capabilities against South Korea and new types of provocations are expected to be strengthened. Through this study, we hope to provide implications by analyzing the capabilities of North Korea's strategic Drones, predicting their operation patterns, and conducting active follow-up research on the establishment of a comprehensive strategy, such as our military's drone deployment and counter-drone system solutions.

• Journal of Internet Computing and Services
• /
• v.25 no.1
• /
• pp.147-155
• /
• 2024

Currently, the 4th Industrial Revolution, like other revolutions, is bringing great change and new life to humanity, and in particular, the demand for and use of drones, which can be applied by combining various technologies such as big data, artificial intelligence, and information and communications technology, is increasing. Recently, it has been widely used to carry out dangerous military operations and missions, such as the Russia-Ukraine war and North Korea's reconnaissance against South Korea, and as the demand for and use of drones increases, concerns about the safety and security of drones are growing. Currently, a variety of research is being conducted, such as detection of wireless communication abnormalities and sensor data abnormalities related to drones, but research on real-time detection of threats using radio frequency characteristic data is insufficient. Therefore, in this paper, we conduct a study to determine whether the characteristic data is normal or abnormal signal data by collecting radio frequency signal characteristic data generated while the drone communicates with the ground control system while performing a mission in a HITL(Hardware In The Loop) simulation environment similar to the real environment. proceeded. In addition, we propose an unsupervised learning-based threat detection system and optimal threshold that can detect threat signals in real time while a drone is performing a mission.

• The Journal of the Convergence on Culture Technology
• /
• v.10 no.1
• /
• pp.183-192
• /
• 2024

The purpose of this study is to empirically analyze the determining factors (economy, security, domestic politics, administration, and international politics) that affect the ROK-US defense cost sharing decision. Through this, we will gain a deeper understanding of the defense cost sharing decision process and improve the efficiency of defense cost sharing calculation and execution. The scope of the study is ROK-US defense cost sharing from 1991 to 2021. The data used in the empirical analysis were various secondary data such as Ministry of National Defense, government statistical data, SIPRI, and media reports. As an empirical analysis method, multiple regression analysis using time series was used and the data was analyzed using an autoregressive model. As a result of empirical research through multiple regression analysis, we derived the following results. It was analyzed that the size of Korea's economy, that is, GDP, the previous year's defense cost share, and the number of U.S. troops stationed in Korea had a positive influence on the decision on defense cost sharing. This indicates that Korea's economic growth is a major factor influencing the increase in defense cost sharing, and that the gradual increase in the budget and the negotiation method of the Special Agreement (SMA) for cost sharing of stationing US troops in Korea play an important role. On the other hand, the political tendencies of the ruling party, North Korea's military threats, and China's defense budget were found to have no statistically significant influence on the decision to share defense costs.