• Journal of National Security and Military Science
• /
• s.8
• /
• pp.239-270
• /
• 2010

This thesis is to make an appropriate national defense policy of Republic of Korea through studying the Hegemony Strategy of United States. I searched the theory of hegemony. The hegemony was differently defined by the point of time and region. The strong power nations with the hegemony have been making efforts to maintain their hegemony everytime. I have conclusion that the presence of hegemony once emerged, it brought regional stability in place whether it is coercive or beneficial. The stability and instability of international order IS not exclusively dependent on hegemony. Even if the safety of hegemony cannot guarantee absolute stability of international order, there IS on doubt that the hegemony has enormous impact on that. According to the hegemonic theory, the history of mankind equals to the history of rising and falling hegemony. The international order was changed as the hegemony changes. The United States has been making efforts to maintain her global hegemony during the post cold-war era as well. Taking all these into consideration, relevant military strategy direction able to pursue national interest is that to make up for the relative weakness in the strategic environment. South Korea have to prepare security policy response as following. First, South Korea should build the military force equipped with advanced weapons in military technology sector and solidify military diplomatic relation able to form cooperative relation in wartime. Second, South Korea should make solid Alliance of Korea and U.S. Third, develop and maintain multilateral security cooperation of East Asia. Forth, we could realize that there are means that can neutralize opponent's strong point by seeking one or two and more asymmetry in the aspect of strategy, tactics, and means through asymmetric strategy. Than the military force of South Korea should develop into a force that is able to overcome to the traditional North Korea's threat and new type of conflicts. And the force should have sufficient strength and be deployed to effectively defend the Korean Peninsula. So, we need to establish a denial and defense system against any hostile neighboring country. Therefore, ROK military forces preparing for the future should try to construct a future military power to gradually establish enough strength for self-defense to prepare for a uncertain security environment and when the Korean Peninsula is unified in a future.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1271-1283
• /
• 2019

The fourth industrial revolution and digital transformation are also bringing major changes to the financial ecosystem in Korea. Already, global financial firms overseas are opening their financial markets and exploring new financial businesses by seeking ways to co-prosperity with fintech firms. However, it is also true that the domestic financial environment has failed to respond to the changes due to its monopolistic and closed structure. In response, the government began pushing for the introduction of open banking in December 2019 with the aim of fully opening the financial settlement system. However, unlike the existing simple financial transaction structure, open banking still has an unresolved part due to the unclear relationship of responsibilities between interested parties in the event of financial accidents due to the complex linkage structure of transactions such as financial firms, fintech firms and customers. This study analyzed the security threat of open banking in depth. By doing so, the government and financial firms want to present policy proposals that need to be improved to enhance the safety of open banking in korea and protect financial consumers, as well as new financial models that have improved the vulnerable parts of existing models.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1405-1417
• /
• 2017

Researches that apply the acceleration signal due to user's gait measured at the wearable device to the authentication technology are being introduced recently. The gait acceleration signal based authentication technologies introduced so far have assumed that an attacker can obtain a user's gait acceleration signal only by attaching accelerometer directly to user's body. And the practical attack method for gait acceleration signal based authentication technology is mimic attack and it uses a person whose physical condition is similar to the victim or identifies the gait characteristics through the video of the gait of the victim. However, mimic attack is not effective and attack success rate is also very low, so it is not considered a serious threat. In this paper, we propose Video Gait attack as a new attack method for gait acceleration signal based authentication technology. It is possible to know the position of the wearable device from the user's gait video signal and generate a signal that is very similar to the accelerometer's signal using dynamic equation. We compare the user's gait acceleration signal and the signal that is calculated from video of user's gait and dynamic equation with experiment data collected from eight subjects.

• Journal of Legislation Research
• /
• no.54
• /
• pp.155-192
• /
• 2018

As the 'hyper-connected society' has emerged through the 'Fourth Industrial Revolution, public interests as well as social dangers have increased. Above all, the risk of infringement of information, including confidential personal information, is dramatically increasing. As the hyper-connected society has been realized, even if only one of the internet devices is hacked, there would be a danger that the ripple effect of such a hacking spreads to the whole network. Therefore, the necessity and importance of information security, including cybersecurity, has been increasing. In other words, the stability of cyberspace and internet space is becoming more important. As a result, the Korean government is seeking to build a legal system related to information security, which would be able to cope with the information infringement problem in the hyper-connected society. However, it seems that the government is still struggling with the direction of building such a legal system. In this context, a comparative review examining the legal systems of advanced foreign countries will provide meaningful implications as to what kinds of legal policies we should devise and implement for information security. In particular, the U.S. legislative act that actively responds to the cybersecurity violations is worthy of reference. For this reason, this article systematically analyzes the current status of the U.S. cybersecurity laws. Especially, this article focuses on the "Cybersecurity Information Sharing Act of 2015"(hereinafter "CISA"), that was recently enacted by the U.S. congress. The CISA prescribes the systemic and detailed information-sharing between national and private entities. The CISA, that actively promotes information-sharing, is full of suggestions for us, in that information-sharing is an effective way to properly realize information security in today's hyper-connected society.

• Journal of National Security and Military Science
• /
• s.1
• /
• pp.71-111
• /
• 2003

The key lessons of the very complex modern war can be dangerously misleading to the outsiders. The efforts trying to draw lessons learned from the Iraq War (OIF : Operation Iraqi Freedom) may be biased by the view of point by Americans, because most of war episodes have been come from the Western media coverage. More serious bias can be committed thanks to the differences of warfighting doctrines and military technology between US forces and ROK forces. However, OIF-fought allied commanders and outside military experts said this campaign exemplified 21st-century warfare: swift, agile and decisive, employing overpowering technology to bring relentless violence to bear in many places at once. Even though the campaign evolved differently than anticipated, allied forces regrouped and regained the initiative remarkably quickly, thanks in large part to a new command flexibility, tied to new technology that made possible the more rapid sharing of data. These factors permitted "new air-land dynamic". The things that compel that are good sensors networked with good intelligence disseminated through a robust networking system, which then yields speed. Speed turns out to be a very important factor for conducting "Rapid Decisive Operations" relied on joint "Mass of Effects". ROK forces facing the heaviest ground threat in the world may learn more from Cold War era-typed US Army 3rd Infantry Division (3ID), which operating considerably beyond existing doctrine. 3ID flew its personnel into Kuwait to meet up with equipment already located in the region as pre-positioned stock. During OIF, the division conducted continuous offensive operations over 230km deep battlespace for 21 days. The lessons learned for ROK army to prepare tomorrow's war may be found from 3ID in its training, command and control, task organization, firepower and battlespace management, and logistics.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.1
• /
• pp.149-157
• /
• 2003

Recently, the Internet enhanced by development of IT makes the processing and exchanging of information, As the Internet is sending and receiving digitized documents over the Internet e-mail system. The security of document information is being threated when exchanging digitized documents over an open network such as the Internet. The degree of threat is even higher when sensitive documents are involved Therefore, in this paper, the secure e-mail system on a client is designed and implemented in order to make secure exchanging of digitized documents. By using the public key infrastructure in which encrypted mail transmission, proof of delivery and integrity of the message are garanted, unauthorized manipulation, illegal acquisition and mutual authentication problem can be prevented in order to secure the document information which is crucial and sensible when exchanging the digitized document over the Internet. Futhenmore, by using the SET protocol based on public key cryptography, the secure mail system is designed and implemented in order for the users not having any professional knowledge to deal with the system easily and friendly in GUI environment.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.5
• /
• pp.1122-1127
• /
• 2014

WLAN is affordability, flexibility, and ease of installation, use the smart device due to the dissemination and the AP (Access Point) to the simplification of the Office building, store, at school. Wi-Fi radio waves because it uses the medium of air transport to reach areas where security threats are always exposed to illegal AP installation, policy violations AP, packet monitoring, AP illegal access, external and service access, wireless network sharing, MAC address, such as a new security threat to steal. In this paper, signature-based of wireless intrusion detection system for Snort to suggest how to develop. The public can use hacking tools and conduct a mock hacking, Snort detects an attack of hacking tools to verify from experimental verification of the suitability of the thesis throughout.

• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.313-317
• /
• 2014

Smart-phone, PC or tablet platforms, such as smart terminals spread to the masses trying to capitalize. Smart TV also is increasing. In Korea, market size of TV is growing fast with growth of risk of hacking. In this paper, several kinds of Smart TV hacking cases are presented with the possibility of attacks against the vulnerability analysis and countermeasures. Most of the Linux operating system is open. Thus, it is vulnerable for latest hacking techniques. Most are based on the Linux OS to enhance security mount Sand-Box. However, bypass procedure using the technique, or APT attacks can avoid San-Box technique. New hacking techniques and a variety of ways will occur in the future. Therefore, this paper will develop Smart TV, and it analysis of a security threat and establishes better prepared in the future because new hacking attacks are expected to prepare more.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.44 no.11
• /
• pp.67-77
• /
• 2007

In sensor networks, it is very important to refresh communication keys of sensors in a periodic or on-demand manner. To perform a dynamic key management efficiently, sensor networks usually employ cluster architecture and each CH (Cluster Head) is responsible for key management within its cluster. In cluster-based sensor networks, CHs are likely to be targets of capture attacks, and capture of CHs threatens the survival of network significantly. In this paper, we propose a periodical key refreshment scheme which counteracts against capture of CHs. First, the proposed scheme reduces the threat caused by compromise of CHs by forcing each CH to manage a small number of sensors and changing CH role nodes periodically. Second, the proposed scheme flings attackers into confusion by involving other nodes in a key establishment between BS (Base Station) and a CH. Our numerical analyses showed that the proposed scheme is more secure than other schemes and robust against compromise of CHs.

• Journal of the Korea Convergence Society
• /
• v.3 no.3
• /
• pp.7-12
• /
• 2012

mVoIP (mobile Voice over Internet Protocol) service is a technology to transmit voice data through an IP network using mobile device. mVoIP provides various supplementary services with low communication cost. It can maximize the availability and efficiency by using IP-based network resources. In addition, the users can use voice call service at any time and in any place, as long as they can access the Internet on mobile device easily. However, SIP on mobile device is exposed to IP-based attacks and threats. Observed cyber threats to SIP services include wiretapping, denial of service, and service misuse, VoIP spam which are also applicable to existing IP-based networks. These attacks are also applicable to SIP and continuously cause problems. In this study, we analysis the threat and vulnerability on mVoIP service and propose several possible attack scenarios on existing mobile VoIP devices. Based on a proposed analysis and vulnerability test mechanism, we can construct more enhanced SIP security mechanism and stable mobile VoIP service framework after eliminating its vulnerability on mobile telephony system.