• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.3
• /
• pp.605-612
• /
• 2011

Recently, cyber attacks against public communications networks are getting more complicated and varied. Moreover, in some cases, one country could make systematic attacks at a national level against another country to steal its confidential information and intellectual property. Therefore, the issue of cyber attacks is now regarded as a new major threat to national security. The conventional way of operating individual information security systems such as IDS and IPS may not be sufficient to cope with those attacks committed by highly-motivated attackers with significant resources. In this paper, we discuss the technologies and standard trends about actual cyber threat and response methods, design the collaborative response framework based on the security information sharing in the inter-domain environments. The computation method of network threat level based on the collaborative response framework is proposed. The network threats are be quickly detected and real-time response can be executed using the proposed computation method.

• The Journal of the Convergence on Culture Technology
• /
• v.7 no.1
• /
• pp.216-222
• /
• 2021

COVID-19 pandemic brings attentions to the nonmilitary and transnational non-traditonal security threats, as the scales of such damage by these threats are beyond expectation. The Republic of Korea Army tries to forecast non-traditional security threat which may be occurred in Korean peninsula by using collective intelligence platform. In coming years, climate change, social changes and technology development caused by the 4th industrial revolution will diversify non-traditional security threat. Considering urbanization, internet distribution rate, and geopolitical location where atmosphere from continent and ocean meet, Korea would may face the most lethal ones compared to those of other countries may face. Therefore, to predict such threats in pangovernment scale using collective intelligence platforms which embrace civil, public, military, industry, academy and research center is the most important than anything.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.06a
• /
• pp.765-768
• /
• 2007

In this paper, the security evaluation method about mobile web services message is suggested in the method for improving the safety an reliability about the mobile web services message. In order that the goal of this paper is accomplished, the security threat and the security vulnerability which can be occurred in the mobile web services message are defined. The evaluation method for performing the security evaluation about the mobile web services message is defined. Also, the requirements for the mobile web services message security evaluation are defined. Finally, the evaluation framework for performing the mobile web services message security evaluation is constituted, and the evaluation scenario example is suggested. By using the mobile web services message security evaluation defined in the paper, before the mobile web services is deployed, the security threats and security vulnerability can be verified. Also, the countermeasure for the security threat and security vulnerability discovered in the verification result can be prepared. Therefore, the sorority and reliability about the mobile web services can be improved.

• Convergence Security Journal
• /
• v.20 no.2
• /
• pp.3-13
• /
• 2020

Organizations are facing a new, diverse security threat as ICT based industrial environment arises. As a way of effective countermeasure for security threat, organizations are making an effort to establish internalization of security culture, targeting a organizational members. However, members' awareness toward security receptiveness is low as inconvenience exists in business process and existing security culture focuses on controlling and regulating. Accordingly, this research desires to develop a participatory security culture which can higher the efficiency of security work process and induce members' voluntary participation. A comparative analysis on security culture related prior researches is conducted and based on a drawn components, statistical verification is accomplished. It is expected to contribute on future research on measuring a security culture level.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.2
• /
• pp.1-10
• /
• 2014

In this study, I analyzed the increased threat of cyber warfare and the threat of reality about what is happening around the currently. And to prepare for it, I proposed the fact how main developed countries deal with cyber warfare. Also, I presented North Korea's cyber warfare threat which is equipped with world's top 3 cyber warfare performance and the way how their strategy influence to South Korea's national security. Moreever, I studied the existing North Korea's cyber warfare threat and the way how, how South Korea deal with it and prepare to against expected threat of cyber warfare in future.

• Journal of Navigation and Port Research
• /
• v.36 no.1
• /
• pp.9-14
• /
• 2012

Maritime security incidents by pirates and by terrorists increase, but maritime incidents investigation models are limited to figure out the maritime security incidents. This paper provides the analysis model for maritime security incidents. To develop this analysis model, this categorizes five threat factors, the ship, the cargo type, port system, human factor, information flow system, makes the risk assessment matrix to quantify the risk related to threat factors and classifies four priority categories of risk assessment matrix. Also, this model makes from the frameworks which include a variety of security initiatives implementing in stakeholder levels like international organizations, individual governments, shipping companies, and the ship. Therefore, this paper develops the Analysis for Maritime Security Management model based on various security initiatives responding to the stakeholder levels of maritime security management and top-bottom/bottom-up decision trees, and shows the validity through verifying the real maritime security incident of M/V Petro Ranger.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.51-59
• /
• 2016

An internal and external threat against an information system has increased, and to reduce it, organization has spent a great deal of money and manpower. However, in spite of such investment, security threat and trouble have happened continuously. Organization has conducted information security activity through various policies. The study classified such activities into prevention-oriented activity and control-oriented activity, and researched how information security activity of organization affects members of an organization and obeys information security policy by using health belief model. As a result of the study, prevention-oriented activity has a meaningful impact on seriousness, and this seriousness affects compliance intention for information security. Control-oriented activity has a meaningful impact on benefits, and the benefits have an effect on compliance intention. When an organization conducts prior activities such as education, PR, and monitoring, this organization should emphasize negative results that can happened because of deviation. In addition, in case of exposure and punishment through post activities such as inspection and punishment, if the organization emphasizes the positive effects of exposure and punishment rather than emphasis of negative parts, information security activity will be more effective.

• Journal of the Society of Disaster Information
• /
• v.1 no.1
• /
• pp.27-42
• /
• 2005

Recently the demand for civil security and security guards shows rapid growth. However the supply and training system have some limitations. Educational and training systems for civil body and security guards are in the basic level and private organizations trained the professional work force. So this paper is showing what a social dominant factor and a divice of development of the private security. Capitalism is based on a material desire of the human being. the social control of capital value and the management of capital ability reflects the actual condition of the capitalism well. The unconstrained growing and the expansion of capitalism, it finally lost social meaning and an importance of human being element and the safety of the civilian life, began to threat the security of citizen by forming over the material center structure of society. Improving human life quality and material richness on their life leads positive factor of capitalism whereas is causing several crimes through the society which is being threatened around a human being life for a negative factor of the capitalism. Therefore capitalistic social system has offered both a positive factor 'growing' and 'richness' and that of a negative 'structural poverty' and 'lack of security' and they have been remaining the assignment of capitalism 'poverty' and 'security' by settlement in the society for a extremely phenomenon of both sides. In Korea because their recognition of the study approach and the social safety for social security control function is still staying first step and our daily life is annoying from various threat of the society. many studies and the realistic necessity of experience related with social security is being studied. In addition. The development possibility of the civil guard and defense at the civil field which will be keep the social security has a wide position but its study approach and realistic comprehension is still in insufficient condition.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.235-255
• /
• 2019

Recent technological advances and industry changes, the game industry is maximizing fun by supporting cross-play that can be enjoyed by different platform users in PC, Mobile and Console games. If the boundaries are lost through the cross play, unexpected security threats can occur due to new services, even if existing security is maintained above a certain level. The existing online game security researches are mostly fraud detection that can occur in PC and mobile environment, but it is also necessary to study the security of the console game as cross play becomes possible. Therefore, this paper systematically identifies the security threats that can occur when enjoying cross play against console game users using STRIDE and LINDDUN threat modeling, derives security requirements using the international common evaluation standard.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.312-318
• /
• 2021

Lack of knowledge and digital skills is a threat to the information security of the state and society, so the formation and development of organizational culture of information security is extremely important to manage this threat. The purpose of the article is to assess the state of information security of the state and society. The research methodology is based on a quantitative statistical analysis of the information security culture according to the EU-27 2019. The theoretical basis of the study is the theory of defense motivation (PMT), which involves predicting the individual negative consequences of certain events and the desire to minimize them, which determines the motive for protection. The results show the passive behavior of EU citizens in ensuring information security, which is confirmed by the low level of participation in trainings for the development of digital skills and mastery of basic or above basic overall digital skills 56% of the EU population with a deviation of 16%. High risks to information security in the context of damage to information assets, including software and databases, have been identified. Passive behavior of the population also involves the use of standard identification procedures when using the Internet (login, password, SMS). At the same time, 69% of EU citizens are aware of methods of tracking Internet activity and access control capabilities (denial of permission to use personal data, access to geographical location, profile or content on social networking sites or shared online storage, site security checks). Phishing and illegal acquisition of personal data are the biggest threats to EU citizens. It have been identified problems related to information security: restrictions on the purchase of products, Internet banking, provision of personal information, communication, etc. The practical value of this research is the possibility of applying the results in the development of programs of education, training and public awareness of security issues.