• International Journal of Fuzzy Logic and Intelligent Systems
• /
• v.11 no.4
• /
• pp.229-237
• /
• 2011

As smart phones have become widely adopted, they have brought about changes in individual lifestyles, as well as significant changes in the industry. As the mobile technology of smart phones has become associated with all areas of industry, it is not only accelerating innovation in other industries such as shopping, healthcare service, education, and finance, but is also creating new markets and business opportunities. The preparation of thorough security measures for smart phones is increasing in demand. While offering excellent mobility and convenience, smart phones can be exposed to a range of violation threats. In particular, it is necessary to make efforts to develop a security system that can preemptively cope with potential security threats in the banking service area, which requires a high level of reliability. This paper suggests a security reference model that is considered for the smart phone-based joint mobile banking development project being undertaken by the Bank of Korea in 2010. The purpose of this study is to make a security reference model for a reliable smart phone-based mobile financial service, by recognizing the specific security threats directed toward smart phones, and providing countermeasures to these security threats. The proposed mobile banking security reference model is useful in improving system security by systematically analyzing information security threats to the mobile financial service, and by presenting the guideline for the preparation of countermeasures.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.95-105
• /
• 2015

In this paper, we propose the security requirements for developing the security functions of server virtualization system. The security requirements are based on the security threats of server virtualization system, and we verified the validity by defending the security threats of server virtualization system. For inducting the security threats damaging server virtualization system from cloud computing security threats, we analyze and suggest the relations between security threats and security issue of server virtualization system.

• Journal of Korea Multimedia Society
• /
• v.19 no.1
• /
• pp.51-59
• /
• 2016

Physical security protecting people from physical threats, such as a person or vehicle, has received a great attention. However, it has many risks of hacking and other security threats because it is highly dependent on automated management systems. In addition, a representative system of physical security, a CCTV control system has a high risk of hacking, such as video interceptions or video modulation. So physical security needs urgent security measures in accordance with these threats. In this paper, we examine the case of security threats that have occurred in the past, prevent those from threatening the physical security, and analyze the security problem with the threats. Then we study the countermeasures to prevent these security threats based on the problems found in each case. Finally we study for the method to apply these countermeasures.

• Convergence Security Journal
• /
• v.15 no.6_2
• /
• pp.3-10
• /
• 2015

Recent massive data breaches or major security incidents show that threats posed by insiders have greatly increased over time. Especially, authorized insiders can cause more serious problems than external hackers can. Therefore there is a growing need to introduce a system that can monitor the insider threats in real time and prevent data breaches or security incidents in early-stage. In this paper, we propose a EITMS(Enterprise Insider-Threats Management System). EITMS detects the abnormal behaviors of authorized insiders based on the normal patterns made from their roles, duties and private activities. And, in order to prevent breaches and incidents in early-stage, a scoring system that can visualize the insider threats is also included.

• Journal of Information Processing Systems
• /
• v.14 no.6
• /
• pp.1361-1384
• /
• 2018

Recently, Cyber Physical System (CPS) is one of the core technologies for realizing Internet of Things (IoT). The CPS is a new paradigm that seeks to converge the physical and cyber worlds in which we live. However, the CPS suffers from certain CPS issues that could directly threaten our lives, while the CPS environment, including its various layers, is related to on-the-spot threats, making it necessary to study CPS security. Therefore, a survey-based in-depth understanding of the vulnerabilities, threats, and attacks is required of CPS security and privacy for IoT. In this paper, we analyze security issues, threats, and solutions for IoT-CPS, and evaluate the existing researches. The CPS raises a number challenges through current security markets and security issues. The study also addresses the CPS vulnerabilities and attacks and derives challenges. Finally, we recommend solutions for each system of CPS security threats, and discuss ways of resolving potential future issues.

• Strategy21
• /
• s.31
• /
• pp.220-250
• /
• 2013

South Korean national security strategy should be developed to effectively handle and counter increasing maritime threats and challenges. There are three major maritime threats South Korea faces today; maritime disputes on the EEZ boundary and Dokdo islet issues, North Korean threats, and international maritime security. Maritime disputes in the region are getting intensified and turned into a military confrontation after 2010. Now regional countries confront each other with military and police forces and use economic leverage to coerce the others. They are very eager to create advantageous de facto situations to legitimize their territorial claims. North Korean threat is also increasing in the sea as we witnessed in the Cheonan incident and Yeonpyoung shelling in 2010. North Korea resorts to local provocations and nuclear threats to coerce South Korea in which it may enjoy asymmetric advantages. The NLL area of the west sea would be a main hot spot that North Korea may continue to make a local provocation. Also, South Korean national economy is heavily dependent upon foreign trade and national strategic resources such as oil are all imported. Without an assurance on the safety of sea routes, these economic activities cannot be maintained and expanded. This paper argues that South Korea should make national maritime strategy and enhance the strength of naval forces. As a middle power, its national security strategy needs to consider all the threats and challenges not only from North Korea but also to maritime security. This is not a matter of choice but a mandate for national survival and prosperity. This paper discusses the importance of maritime security, changing characteristics of maritime threats and challenges, regional maritime disputes and its threat to South Korea's security, and South Korea's future security strategy and ways to enhance the role of naval forces. Our national maritime strategy needs to show middle and long term policy directions on how we will protect our maritime interests. Especially, it is important to build proper naval might to carry out all the roles and missions required to the military.

• Convergence Security Journal
• /
• v.20 no.1
• /
• pp.49-57
• /
• 2020

It is no exaggeration to say that we live with cyber threats every day. Nevertheless, it is difficult for us to obtain objective information about cyber threats and attacks because it is difficult to clearly identify the attacker, the purpose of attack, and the range of damage, and rely on information from a single source. In the preceding research of this study, we proposed the new approach for establishing Database (DB) for cyber attacks using Open Source Intelligence(OSINT). In this research, we present the evaluation factors for cyber threats among cyber attack DB and analyze the priority of those factors in oder to quantify cyber threats. We select the purpose of attack, attack category, target, ease of attack, attack persistence, frequency of OSINT DB, and factors of the lower layer for each factor as the evaluation factors for cyber threats. After selection, the priority of each factor is analyzed using the Analytic Hierarchy Process(AHP).

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.9-17
• /
• 2024

This paper examines the security threats to enterprise Generative Artificial Intelligence systems and proposes countermeasures. As AI systems handle vast amounts of data to gain a competitive edge, security threats targeting AI systems are rapidly increasing. Since AI security threats have distinct characteristics compared to traditional human-oriented cybersecurity threats, establishing an AI-specific response system is urgent. This study analyzes the importance of AI system security, identifies key threat factors, and suggests technical and managerial countermeasures. Firstly, it proposes strengthening the security of IT infrastructure where AI systems operate and enhancing AI model robustness by utilizing defensive techniques such as adversarial learning and model quantization. Additionally, it presents an AI security system design that detects anomalies in AI query-response processes to identify insider threats. Furthermore, it emphasizes the establishment of change control and audit frameworks to prevent AI model leakage by adopting the cyber kill chain concept. As AI technology evolves rapidly, by focusing on AI model and data security, insider threat detection, and professional workforce development, companies can improve their digital competitiveness through secure and reliable AI utilization.

• Strategy21
• /
• s.41
• /
• pp.232-260
• /
• 2017

The purpose of this paper is to open a debate about what kind of deterrent strategy the ROK military should pursue in the era of NK's weapons of mass destruction and missile threats. I argue that the ROK military needs a comprehensive deterrent strategy that reflects the international security situations and trends and that builds on clear understanding of the basic concepts and how deterrence operates. The paper starts with surveying the basic knowledge of deterrence from the perspectives of both theory and practice. Then, it provides explanations on why deterrence against NK can be particularly difficult given the security environment in and around the Korean peninsula. For example, South Korea and North Korea hardly share 'common knowledge' that serves as a basic element for the operation of deterrence. Deterrence against North Korea involves complex situations in that both deterrence and compellence strategies may be relevant particularly to North Korea's WMD and missile threats. It also involves both immediate and general deterrence. Based on the discussion, I suggest several ideas that may serve as guidelines for establishing a deterrent strategy against NK. First, our threats for deterrence should be the ones that can be realized, particularly in terms of the international norms. In other words, they must be considered appropriate among other nations in the international community. Second, there should be separate plans for the different kinds of threats: one is conventional, local provocations and the other is WMD/missile related provocations. Third, we should pursue much closer cooperative relations with the U.S. military to enhance the effectiveness of immediate deterrence in the Korean peninsula. Fourth, the ROK military should aim to accomplish 'smart deterrence' maximizing the benefits of technological superiority. Fifth, the ROK military readiness and structure should be able to deny emerging North Korean military threats such as the submarine-launched ballistic missiles and intercontinental ballistic missiles. Lastly, in executing threats, we should consider that the current action influences credibility and reputation of the ROK, which in turn affect the decisions for future provocations. North Korea's WMD/missile threats may soon become critical strategic-level threats to South Korea. In retrospect, the first debate on building a missile defense system in South Korea dates back to the 1980s. Mostly the debate has centered on whether or not South Korea's system should be integrated into the U.S. missile defense system. In the meantime, North Korea has become a small nuclear power that can threaten the United States with the ballistic missiles capability. If North Korea completes the SLBM program and loads the missiles on a submarine with improved underwater operation capability, then, South Korea may have to face the reality of power politics demonstrated by Thucydides through the Athenians: "The strong do what they have the power to do, the weak accept what they have to accept."

• Asian Journal of Innovation and Policy
• /
• v.9 no.1
• /
• pp.56-78
• /
• 2020

Changes in our lives due to Artificial Intelligence (AI) are currently ongoing, and there is little refutation of the effectiveness of AI. However, there have been active discussions to minimize the side effects of AI and use it responsibly, and publishing the AI Charter of Ethics (AICE) is one result of it. This study examines how our society is responding to threats from AI that may emerge in the future by examining various AIECs in the Republic of Korea. First, we summarize seven AI threats and classify these into three categories: AI's value judgment, malicious use of AI, and human alienation. Second, from Korea's seven AICEs, we draw fourteen topics based on three categories: protection of social values, AI control, and fostering digital citizenship. Finally, we review them based on the seven AI threats to evaluate any gaps between the threats and our responses. The analysis indicates that Korea has not yet been able to properly respond to the threat of AI's usurpation of human occupations (jobs). In addition, although Korea's AICEs present appropriate responses to lethal AI weapons, these provisions will be difficult to realize because the competition for AI weapons among military powers is intensifying.