• Journal of the Korean Society of Marine Environment & Safety
• /
• v.30 no.3
• /
• pp.263-274
• /
• 2024

The digitization of ship environments has increased the risk of cyberattacks on ships. The smartization and automation of ships are also likely to result in cyber threats. The International Maritime Organization (IMO) has discussed the establishment of regulations at the autonomous level and has revised existing agreements by dividing autonomous ships into four stages, where stages 1 and 2 are for sailors who are boarding ships while stages 3 and 4 are for those not boarding ships. In this study, the level of a smart ship was classified into LEVELs (LVs) 1 to 3 based on the autonomous levels specified by the IMO. Furthermore, a risk assessment for smart ships at various LVs in different risk scenarios was conducted The cyber threats and vulnerabilities of smart ships were analyzed by dividing them into administrative, physical, and technical security; and mitigation measures for each security area were derived. A total of 22 cyber threats were identified for the cyber asset (target system). We inferred that the higher the level of a smart ship, the greater the hyper connectivity and the remote access to operational technology systems; consequently, the greater the attack surface. Therefore, it is necessary to apply mitigation measures using technical security controls in environments with high-level smart ships.

• Strategy21
• /
• s.40
• /
• pp.82-114
• /
• 2016

The purpose of this article is to analyze the progress of North Korea's SLBM threat, and to assess the technological capacity and threat level of its SLBMs. Currently, North Korea has approximately 1000 ballistic missiles, such as the SCUD, Musudan, and Nodong, in stock. This article pays close attention to the background and strategical implication behind North Korea's obsession with developing SLBMs despite possessing sufficient means to launch provocations with its current arsenal of ground based ballistic missiles and conventional weapons. Based on the abovementioned analysis, this article will recommend possible response directions for the ROK Armed Forces to North Korea's SLBM threat. It is highly difficult to detect SLBMs due to its stealthy nature, as it is launched underwater after covert infiltration. North Korea's SLBM is considered a game changer in that even one SLBM can significantly change the strategic balance of North East Asia. North Korea's SLBM test launch in August has made a 500km flight, landing 80km inside the JADIZ (Japan Air Defense Identification Zone), and as such, it is assessed that North Korea already possesses underwater ejection and cold launch capabilities. The most realistic response to North Korea's imminent SLBM threat is bolstering anti-submarine capabilities. ROK Armed Forces need to upgrade its underwater kill-chain by modernizing and introducing new airborne anti-submarine assets and nuclear-powered submarines, among many options. Moreover, we should integrate SM-3 missiles with the Aegis Combat system that possess strong detection capabilities and flexibility, thereby establishing a sea-based Ballistic Missle Defense (BMD) system centered around the Aegis Combat System, as sea-based ballistic missile threats are best countered out in the seas. Finally, the capabilities gap that could arise as a result of budgetary concerns and timing of fielding new assets should be filled by establishing firm ROK-US-Japan combined defense posture.

• Convergence Security Journal
• /
• v.16 no.4
• /
• pp.25-34
• /
• 2016

This paper shall suggest the improvement model for invigorating cyber threat information sharing from the national level, which includes, inter alia, a comprehensive solutions such as the legislation of a guideline for information sharing, the establishment of so-called National Center for Information Sharing, the construction and management of a integrated information system, the development of techniques for automatizing all the processes for gathering, analyzing and delivering cyber threat information, and the constitution of a private and public joint committee for sharing information, so much so that it intends to prevent cyber security threat to occur in advance or to refrain damage from being proliferated even after the occurrence of incidents.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.27-37
• /
• 2022

Virtual private network (VPN) services are used in various environments related to national security, such as defense companies and defense-related institutions where digital communication environment technologies are diversified and access to network use is increasing. However, the number of cyber attacks that target vulnerable points of the VPN has annually increased through technological advancement. Thus, this study identified security requirements by performing STRIDE threat modeling to prevent potential and new vulnerable points that can occur in the VPN. STRIDE threat modeling classifies threats into six categories to systematically identify threats. To apply the proposed security requirements, this study analyzed functions of the VPN and formed a data flow diagram in the VPN service process. Then, it collected threats that can take place in the VPN and analyzed the STRIDE threat model based on data of the collected threats. The data flow diagram in the VPN service process, which was established by this study, included 96 STRIDE threats. This study formed a threat scenario to analyze attack routes of the classified threats and derived 30 security requirements for each element of the VPN based on the formed scenario. This study has significance in that it presented a security guideline for enhancing security stability of the VPN used in facilities that require high-level security, such as the Ministry of National Defense (MND).

• 한국방재학회:학술대회논문집
• /
• 2008.02a
• /
• pp.389-392
• /
• 2008

Warning phase of disaster is a critical period in determining the likely survival of threatened citizens. Elderly requires special attention primarily because they tend to be uncompliant and less likely to cooperate with authorities. But there is much less research on how elderly respond to disaster warnings, while there is a strong consistent empirical literature on older citizen in the recovery periods of disaster. The purpose of this study is to examine coping behavior of elderly when they are at risk of disaster. Data were collected from 130 senior citizens aged over 60 who are residing in Pyungchang and Injae in Kangwon province which had damaged due to heavy rain in 2006. Perry & Lindell(1997)'s index, a series of six categories that represent coping behaviors which progressively approximate the action of evacuating was used : do nothing(1), check environmental cues for evidence of a threat(2), engage in threat-specific property protection(3), engage in protective action for personal safety(4), prepare to evacuate(5), evacuate the areas as instructed in the warning(6). Almost respondents(69.2%) chose the level 6(51.5%) and level 5(17.7%). This proves the elderly are not uncompliant or uncooperative population. Furthermore, this finding emphasizes the importance of public warning in case of disasters. And 13.8% of total respondent checked level 1 for their reaction.

• Korean Security Journal
• /
• no.53
• /
• pp.283-303
• /
• 2017

This study which was started to identify the factors that change the security level of military organizations, analyzed the data collected from articles written by the active officers in the Defense Daily Journal hoping to improve the military security level by the qualitative research method called Grounded Theory, and establish causal relationship how organizational members respond to insider security threats. As a result of the analysis, the causal condition is 'the security threat of the insider', the contextual condition is 'the specificity of the military organization', the central phenomenon is 'the conflict of values as a soldier', the arbitrary condition is 'the security consciousness', Strategy is 'the responds to security threats', and the result was 'security level change'. The core categories can be presented as 'the degree of conflict of values on insider security threats' and two hypotheses have been derived. First, the members of the military organization strongly felt the conflict of values about security threat as the tendency to emphasize security was strong, and they helped to develop the security level of organization by responding strongly. Second, the stronger the tendency to focus on colleagues, respond weakly to security threats. And it undermines the security level of the organization. Finally, in order to improve the security level of the organization, it is necessary to establish a solid security consciousness and to make institutional development to support it.

• Proceedings of the Korean Society for Cognitive Science Conference
• /
• 2006.06a
• /
• pp.39-41
• /
• 2006

A modifiedPosner cue-target paradigm in which neutral, positive and negative (threat) words were presented in peripheral location for cue was used to investigate the difference of engagement component of attention across emotional valence and anxiety level of participants. Results showed an interaction effect between anxiety level of participants and emotional valence of cue in valid trial. This indicates that the engage component of attention is not encapsulated and influenced by anxiety level of participant.

• Korean Journal of Cognitive Science
• /
• v.30 no.3
• /
• pp.157-174
• /
• 2019

Motivation of human individuals to perform on intellectual tasks can be hampered by identity threat from intellectual machines. A laboratory experiment examined whether individuals' performance loss on intellectual tasks appears under human identity threat. Additionally, by affirming alternative attributes of human identity, researchers checked whether group-affirmation alleviate the performance loss on intellectual tasks. This research predicted that under high social identity threat, individuals' performance loss on the intellectual tasks would be moderated by valuing alternative attributes of human identity. Experiment shows that when social identity threat is increased, human individuals affirmed alternative human attributes show higher performance on intellectual tasks than individuals non-affirmed. This effect of human-group level affirmation on performance loss did not appear in the condition of low social identity threat. Theoretical and practical implications were discussed.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.5
• /
• pp.19-26
• /
• 2014

The advent of smart phones brought adverse effect between devices recently. For example, adverse effects of info-communication with advent of computer. Also, hacking threat aiming cyber space that is getting more advanced is spreading in terms of range and danger, so that it reaches the level that the nation has to concern. In this circumstance, crimes involving info-technology is now problem in society. As internet technology advances, it enlarges the range of hacker's threat to not only smart phones, but ships, aircrafts, buildings, and cars. It could be seen as social threat of between human and human, between machine and machine, and between human and machine. This study discuss these problems.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.3 no.4
• /
• pp.210-220
• /
• 2008

Insider threat is becoming a very serious issue in most organizations and management is responsible for security implementation. This study is to develop a personnel security management indicators in the areas of Personnel Assurance, Personnel Competence, and Security Environment and protection against insider threats. In this study, the information security management system and related papers are examined by reviewing the existing researches and cases. Proposed indicators are verified by pilot test, empirically analyzed to expose experts' perception and the validity, importance, and risk level of each indicators through a questionnaire. Result were encouraging, but additional study focused on personnel security management using factor analysis is needed in the future.