• Korean Security Journal
• /
• no.42
• /
• pp.229-249
• /
• 2015

As the post-cold war era and globalization go on, national security problems which were not traditional national security problems such as terrorism, crime, environmental disasters, economic crises, cyber-terrorism, diseases, and energy problems threat humanity and nations and demands changes. Also, with the change, the concept of "big government" has emerged as the role of nation expanded. The modern society sees every country change from small government to big government in order to realize the establishment of welfare state. A comprehensive interpretation of security is needed in order to comprehensive protection of citizens beyond outside invasion such as crime, new disaster, terrorism. In Korea, incidents such as Cheonan-Ham, Yeonpeyong-Do, foot-and-mouth disease, Ddos terrorism, pirates hostages, mad cow disease, AI are happening and the humanitarian support for North Korea and the summit of South and North Korea are at a standstill. Also, National emergency management system, comprehensive emergency management center, countrol tower, national security system, cooperation with citizens, establishment of legal and institutional system are needed. The importance of this research is on the reestablishment of new national security and emergency management system according to the comparison between the national security and counter-terrorism system of Korea and that of the United States which is a leading country in this field. Also, the establishment of national emergency management act is needed as a statute for effective function as currently various laws and administrative organizations are dispersed.

• Korean Security Journal
• /
• no.39
• /
• pp.319-353
• /
• 2014

Cyber-based technologies are now ubiquitous around the glob and are emerging as an "instrument of power" in societies, and are becoming more available to a country's opponents, who may use it to attack, degrade, and disrupt communications and the flow of information. The globe-spanning range of cyberspace and no national borders will challenge legal systems and complicate a nation's ability to deter threats and respond to contingencies. Through cyberspace, competitive powers will target industry, academia, government, as well as the military in the air, land, maritime, and space domains of our nations. Enemies in cyberspace will include both states and non-states and will range from the unsophisticated amateur to highly trained professional hackers. In much the same way that airpower transformed the battlefield of World War II, cyberspace has fractured the physical barriers that shield a nation from attacks on its commerce and communication. Cyberthreats to the infrastructure and other assets are a growing concern to policymakers. In 2013 Cyberwarfare was, for the first time, considered a larger threat than Al Qaeda or terrorism, by many U.S. intelligence officials. The new United States military strategy makes explicit that a cyberattack is casus belli just as a traditional act of war. The Economist describes cyberspace as "the fifth domain of warfare and writes that China, Russia, Israel and North Korea. Iran are boasting of having the world's second-largest cyber-army. Entities posing a significant threat to the cybersecurity of critical infrastructure assets include cyberterrorists, cyberspies, cyberthieves, cyberwarriors, and cyberhacktivists. These malefactors may access cyber-based technologies in order to deny service, steal or manipulate data, or use a device to launch an attack against itself or another piece of equipment. However because the Internet offers near-total anonymity, it is difficult to discern the identity, the motives, and the location of an intruder. The scope and enormity of the threats are not just focused to private industry but also to the country's heavily networked critical infrastructure. There are many ongoing efforts in government and industry that focus on making computers, the Internet, and related technologies more secure. As the national intelligence institution's effort, cyber counter-intelligence is measures to identify, penetrate, or neutralize foreign operations that use cyber means as the primary tradecraft methodology, as well as foreign intelligence service collection efforts that use traditional methods to gauge cyber capabilities and intentions. However one of the hardest issues in cyber counterintelligence is the problem of "Attribution". Unlike conventional warfare, figuring out who is behind an attack can be very difficult, even though the Defense Secretary Leon Panetta has claimed that the United States has the capability to trace attacks back to their sources and hold the attackers "accountable". Considering all these cyber security problems, this paper examines closely cyber security issues through the lessons from that of U.S experience. For that purpose I review the arising cyber security issues considering changing global security environments in the 21st century and their implications to the reshaping the government system. For that purpose this study mainly deals with and emphasis the cyber security issues as one of the growing national security threats. This article also reviews what our intelligence and security Agencies should do among the transforming cyber space. At any rate, despite of all hot debates about the various legality and human rights issues derived from the cyber space and intelligence service activity, the national security should be secured. Therefore, this paper suggests that one of the most important and immediate step is to understanding the legal ideology of national security and national intelligence.

• IEIE Transactions on Smart Processing and Computing
• /
• v.5 no.2
• /
• pp.94-99
• /
• 2016

Application layer attacks have for years posed an ever-serious threat to network security, since they always come after a technically legitimate connection has been established. In recent years, cyber criminals have turned to fully exploiting the web as a medium of communication to launch a variety of forbidden or illicit activities by spreading malicious automated software (auto-ware) such as adware, spyware, or bots. When this malicious auto-ware infects a network, it will act like a robot, mimic normal behavior of web access, and bypass the network firewall or intrusion detection system. Besides that, in a private and large network, with huge Hypertext Transfer Protocol (HTTP) traffic generated each day, communication behavior identification and classification of auto-ware is a challenge. In this paper, based on a previous study, analysis of auto-ware communication behavior, and with the addition of new features, a method for classification of HTTP auto-ware communication is proposed. For that, a Not Only Structured Query Language (NoSQL) database is applied to handle large volumes of unstructured HTTP requests captured every day. The method is tested with real HTTP traffic data collected through a proxy server of a private network, providing good results in the classification and detection of suspicious auto-ware web access.

• Korean Security Journal
• /
• no.38
• /
• pp.57-82
• /
• 2014

The purpose of this paper is to introduce the industrial security policies in Germany and to look for the implication for the development of korean industrial security. Due to highly developed economy and industrial technology, Germany has become the main stage for the industrial espionage for a long time. In Germany industrial espionage is classified into two categories; Economy-espionage and Competition-espionage. While economy-espionage is related to the Espionage of foreign intelligence agencies, Competition-espionage means the act of espionage, that is implemented by the private sector. When it comes to economy-espionage, prevention of economy-espionage is the duty of the State, because it threat the national interest. Otherwise, the private sector has to take the responsibility of prevention of competition-espionage. It goes without saying that, the state has to investigate the crime, when espionage happens. But Prevention is more important than investigation in this regard. For the realization of Public-Private-Partnership, the private sector should be the genuine counterpart of the Public through the sharing responsibility of industrial-espionage prevention. Another talking point this paper suggest, is the national ethic in connection with economy-espionage. The State could be not only a actor of espionage prevention, but also a perpetrator. The economy-espionage for the purpose of national interest would not be justified, unless it has nothing to do with national security.

• Convergence Security Journal
• /
• v.18 no.1
• /
• pp.117-128
• /
• 2018

The purpose of this paper is to analyze the behavior of North Korea's cyber attack against South Korea since 2009 based on major international security theories and suggest South Korea's policy option. For this purpose, this paper applied the behavioral domain and characteristics of 'cyber power' and 'coercion dynamics' model, which are attracting attention in international security studies. The types of cyber attacks from North Korea are classified into the following categories: power-based incarceration, leadership attacks and intrusions, military operations interference, and social anxiety and confusion. In terms of types and means of cyber power, North Korean GPS disturbance, the Ministry of Defense server hacking and EMP are hard power with high retaliation and threat and cyber money cashing and ransomware are analyzed by force in the act of persuasion and incentive in the point of robbing or asking for a large amount of money with software pawns. North Korea 's cyber attack has the character of escape from realistic sanctions based on the second nuclear test. It is important for South Korea to clearly recognize that the aggressive cyberpower of North Korea is changing in its methods and capabilities, and to ensure that North Korea's actions result in far greater losses than can be achieved. To do this, it is necessary to strengthen the cyber security and competence to simultaneously attack and defend through institutional supplement and new establishment such as cyber psychological warfare, EMP attack preparation, and enhancement of security expertise against hacking.

• The Korean Journal of Air & Space Law and Policy
• /
• v.20 no.1
• /
• pp.87-107
• /
• 2005

Land Remote Sensing' is defined as the science (and to some extent, art) of acquiring information about the Earth's surface without actually being in contact with it. Narrowly speaking, this is done by sensing and recording reflected or emitted energy and processing, analyzing, and applying that information. Remote sensing technology was initially developed with certain purposes in mind ie. military and environmental observation. However, after 1970s, as these high-technologies were taught to private industries, remote sensing began to be more commercialized. Recently, we are witnessing a 0.61-meter high-resolution satellite image on a free market. While privatization of land remote sensing has enabled one to use this information for disaster prevention, map creation, resource exploration and more, it can also create serious threat to a sensed nation's national security, if such high resolution images fall into a hostile group ie. terrorists. The United States, a leading nation for land remote sensing technology, has been preparing and developing legislative control measures against the remote sensing industry, and has successfully created various policies to do so. Through the National Oceanic and Atmospheric Administration's authority under the Land Remote Sensing Policy Act, the US can restrict sensing and recording of resolution of 0.5 meter or better, and prohibit distributing/circulating any images for the first 24 hours. In 1994, Presidential Decision Directive 23 ordered a 'Shutter Control' policy that details heightened level of restriction from sensing to commercializing such sensitive data. The Directive 23 was even more strengthened in 2003 when the Congress passed US Commercial Remote Sensing Policy. These policies allow Secretary of Defense and Secretary of State to set up guidelines in authorizing land remote sensing, and to limit sensing and distributing satellite images in the name of the national security - US government can use the civilian remote sensing systems when needed for the national security purpose. The fact that the world's leading aerospace technology country acknowledged the magnitude of land remote sensing in the context of national security, and it has made and is making much effort to create necessary legislative measures to control the powerful technology gives much suggestions to our divided Korean peninsula. We, too, must continue working on the Korea National Space Development Act and laws to develop the necessary policies to ensure not only the development of space industry, but also to ensure the national security.

• Strategy21
• /
• s.34
• /
• pp.58-92
• /
• 2014

Even after S. Korea took 5.24 Measure(24 May 2014), N. Korea has not stopped raising provocations such as the shelling of Yeonpyeong Island, electronic and cyber attacks. To make matters worse, the communist country lunched long-range missiles(twice) and conducted 3rd nuclear test, escalating tensions which could possibly lead to an all-out war. Korean Government failed to respond properly. However, escalation into an all-out war was deterred by the CFC immediately carrying out its peacetime duty(CODA). The US made a rapid dispatch of its augmentation forces(Aircraft carrier, nuclear-powered submarine, strategic bomber, F-22) to the Korean Peninsula. In recognition of the importance of the Combined Forces Command, since May 2013 the Park Geun-Hye Administration has been pushing ahead with re-postponement of Wartime Operational Control Transfer(which initially meant the disassembling of the CFC as of 1 December 2015) More recently, there has been a series of unusual indicators from the North. Judging from its inventory of 20 nuclear weapons, 1,000 ballistic missiles and biochemical weapons, it is safe to say that N. Korea has gained at least war deterrence against S. Korea. Normally a nation with nuclear weapons shrink its size of conventional forces, but the North is pursuing the opposite, rather increasing them. In addition, there was a change of war plan by N. Korea in 2010, changing 'Conquering the Korean Peninsula' to 'Negotiation after the seizure of the Greater Seoul Metropolitan Area(GSMA)' and establishing detailed plans for wartime projects. The change reflects the chain reaction in which requests from pro-north groups within the South will lead to the proclamation of war. Kim, Jeong-Un, leader of N. Korean regime, sent threatening messages using words such as 'exercising a nuclear preemptive strike right' and 'burning of Seoul'. Nam, Jae-June, Director of National Intelligence Service, stated that Kim, Jung-Un is throwing big talks, saying communization of the entire Korean Peninsula will come within the time frame of 3 years. Kim, Gwan-Jin, Defense Minister, shared an alarming message that there is a high possibility that the North will raise local provocations or a full-fledged war whenever while putting much emphasis on defense posture. As for the response concept of the Korean Government, it has been decided that 'ROK·US Combined Local Provocation Counter-Measure' will be adopted to act against local provocations from the North. Major provocation types include ▲ violation of the Northern Limit Line(NLL) with mobilization of military ships ▲ artillery provocations on Northwestern Islands ▲ low altitude airborne intrusion ▲ rear infiltration of SOF ▲ local conflicts within the Military Demarcation Line(MDL) ▲ attacking friendly ships by submarines. Counter-measures currently established by the US involves the support from USFK and USFJ. In order to keep the sworn promise, the US is reinforcing both USFK and USFJ. An all-out war situation will be met by 'CFC OPLAN5027' and 'Tailored Expansion Deterrence Forces' with the CFC playing a central role. The US augmentation forces stands at 690,000 troops, some 160 ships, 2,000 aircraft and this comprise 50% of US total forces, which is estimated to be ninefold of Korean forces. The CFC needs to be in center in handling both local provocations and an all-out war situation. However, the combat power of S. Korean conventional forces is approximately around 80% of that of N. Korea, which has been confirmed from comments made by Kim, Gwan-Jin, Defense Minister, during an interpellation session at the National Assembly. This means that S. Korean forces are not much growing. In particular, asymmetric capabilities of the North is posing a serious threat to the South including WMD, cyber warfare forces, SOF, forces targeting 5 Northwestern Islands, sub-surface and amphibious assault forces. The presence of such threats urgently requires immediate complementary efforts. For complementary efforts, the Korean Government should consider ① reinforcement of Korean forces; putting a stoppage to shrinking military, acquisition of adequate defense budget, building a missile defense and military leadership structure validity review, ② implementation of military tasks against the North; disciplinary measures on the sinking of ROKS Cheon-an/shelling of Yeonpyeong Islands, arrangement of inter-Korean military agreements, drawing lessons from studies on the correlation between aid for N. Korea, execution of inter-Korean Summit and provocations from the North, and ③ bolstering the ROK·US alliance; disregarding wartime operational control transfer plan(disassembling of CFC) and creation of a combined division.

• Korean Security Journal
• /
• no.59
• /
• pp.217-242
• /
• 2019

Nowadays, Terrorism has become bloodier. Unlike the past, the recent terrorism has been indiscriminate in the purpose of mass- killing. Given this aspect, the threat of a CBRN attack is the biggest one to modern society. Notably, the possibility of terrorist attacks in Korea by international terrorist groups such as ISIL is higher than ever in consideration of its allusion; crusades and the devil's allied forces. To overcome these circumstances, various measures have been taken for counter terrorism at the state level including anti-terrorist legislation. Under the anti-terrorist act, police have to lead relevant inter agencies when it comes to the CBRN terror. At first glance, current countermeasures would work well. However, in order to respond quickly, the standing cooperations system of related departments need to be set up. In this sense, this article proposed a coagulatory body that could not only consider institutional-oriented organizational restructuring and response but also integrate and operate functions of various specialized institutions. It also stressed that the council should move toward a consultative body of information gathering, distribution and working- level consultation. With this cooperation system, counter-terrorism agencies can respond rapidly, stop wasting their effort and assets by about 30%. Also, they could design the atypical aspect of terrorism into standardized.

• The Korean Journal of Air & Space Law and Policy
• /
• v.1
• /
• pp.87-123
• /
• 1989

The purpose of this thesis is to do a research on suppression of peacetime international terrorism and penal system of terrorists by political and economic means. International terrorism means wanton killing, hostage taking, hijacking, extortion or torture committed or threatened to be comitted against the innocent civilian in peacetime for political motives or purposes provided that international element is involved therein. This research is limited to international terrorism of political purposes in peacetime, especially, hijacking of civil aircraft. Hijacking of civil aircraft include most of international terrorism element in its criminal act and is considered to be typical of international terrorism in view of multinationality of its crews, passengers and transnational borders involved in aircraft hijacking. Civil air transportation of today is a indispensable part of international substructure, as it help connect continuously social cultural and economic network of world community by dealing with massive and swift transportation of passengers and all kinds of goods. Current frequent hijacking of civil aircraft downgrade the safety and trust of air travel by mass slaughter of passengers and massdestruction of goods and endanger indispensable substructure of world community. Considering these facts, aircraft hijacking of today poses the most serious threat and impact on world community. Therefore, among other thing, legal, political, diplomatic and economic sanctions should be imposed on aircraft hijacking. To pursue an effective research on this thesis aircraft hijacking by six Chineses on 5th May, 1983, from mainland China to Seoul, Korea, is chosen as main theme and the Republic of Korea's legal, political and diplomatic dealing and settlement of this hijacking incident along with six hijackers is reviewed to find out legal, political diplomatic means of suppression and solution of international terrorism. Research is focused on Chinese aircraft hijacking, Korea-China diplomatic negotiation, Korea's legal diplomatic handling and settlement of Tak Chang In, mastermind of aircraft hijacking and responses and position of three countries, Korea, China and Taiwan to this case is thoroughly analyzed through reviewing such materials as news reportings and comments of local and international mass media, Korea-China Memorandum, statements of governments of Korea, China and Taiwan, verdicts of courts of Korea, prosecution papers and oral argument by the defendants and lawyers and three antiaircraft hijacking conventions of Hague, Tokyo and Montreal and all the other instruments of international treaties necessary for the research. By using above-mentioned first-hand meterials as yardsticks, legal and political character of Chinese aircraft hijacking is analyzed and reviewed and close cooperation among sovereign states based on spirit of solidarity and strict observance of international treaties such as Hague, Tokyo and Montreal Conventions is suggested as a solution and suppressive means of international terrorism. The most important and indispensable factor in combating terrorism is, not to speak, the decisive and constant resolution and all-out effort of every country and close cooperation among sovereign states based on "international law of cooperation."

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.12
• /
• pp.99-109
• /
• 2018

Tampering involves illegally removing technologies from a protected system through reverse engineering or developing a system without proper authorization. As tampering of a weapon system is a threat to national security, anti-tampering measures are required. Precedent studies on anti-tampering have discussed the necessity, related trends, application cases, and recent cybersecurity-based or other protection methods. In a domestic situation, the Defense Technology Protection Act focuses on how to prevent technology leakage occurring in related organizations through personnel, facilities and information systems. Anti-tampering design needs to determine which technologies are protected while considering the effects of development cost and schedule. The objective of our study is to develop methods of how to select target technologies and determine counter-measures to protect these technologies. Specifically, an evaluation matrix was derived based on the risk analysis concept to select the protection of target technologies. Also, based on the concept of risk mitigation, the classification of anti-tampering techniques was performed according to its applicability and determination of application levels. Results of the case study revealed that the methods proposed can be systematically applied for anti-tampering in weapon system development.