• The Journal of the Convergence on Culture Technology
• /
• v.9 no.3
• /
• pp.299-304
• /
• 2023

Recently, drones have been used as a major means of attack drones in major wars around the world, and it seems likely that they will evolve into game changers in the future. Recently, drones have been used as a major means of attack drones in major wars around the world, and it seems likely that they will evolve into game changers in the future. In the major wars of the 21century, attack drones are used for precision fire-guided or self-destruct attacks, For the purpose of cognitive warfare, its territory is expanding not only to land and air, but also to sea and water. These attack drones will perform multi-domain operations, and for this purpose, the level of autonomy will be improved and High-Low Mix We will continue to develop by strengthening concept-based scalability. North Korea has also been making considerable efforts to operate attack drones for a long time, and activities such as third-country-level self-explosive drones, artificial intelligence-based clustered self-explosive drones, and self-destructive stealth unmanned semi-submersible are expected. In addition to North Korea's provocations and attacks, it is hoped that there will be a need for active follow-up research on our military's countermeasures and utilization plans.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.234-237
• /
• 2014

The increasing of Cloud Computing technology among several companies has been a key strategy for IT services to provide desirable IT solutions to consumers of cloud services. More attention is concentrated to these core technologies that enable cloud services and more particularly to the virtualization aspect. The accessibility to a larger number of users is possible because of the usage of the data-intensive, data management and data integrity. Unfortunately, those useful services are vulnerable to kind of attacks by hackers, thus the security of personal information is in critical situation. To solve this to leakage vulnerability, and with the proliferation of cloud services, the cloud service providers adopt a security system with firewall, antivirus software and a large number of virtualized servers and Host. In this paper, a variety of virtualization technologies, threats and vulnerabilities are described with a complement of different security solutions as countermeasures.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.145-152
• /
• 2009

SCADA(Supervisory Control And Data Acquisition) systems are widely used for control and monitoring of critical infrastructures including electricity, gas and transportation. Any compromise in the security of SCADA systems could result in massive chaos and disaster at a national level if a malicious attacker takes the control of the system. Therefore, sound countermeasures must be provided when the SCADA systems are being developed as well as when they are being operated. Unlike general information processing system, SCADA systems have different service responses, communication protocols and network architectures and therefore a different approach should be applied to each SCADA systems that takes into consideration of each system's security characteristics and architectures. In addition, legal basis should be established to ensure the nationwide management of the systems security. This paper examines the vulnerabilites of SCADA systems and proposes action plans to protect the systems against cyber attacks.

• Journal of Industrial Convergence
• /
• v.19 no.6
• /
• pp.37-47
• /
• 2021

Today, people share information and communicate with others using various information and communication media such as e-mail, smartphones, SNS, etc. However, it is being used in malicious attacks to send a large amount of illegal spam or to use it for fraud by using illegally collected personal information and devices that are vulnerable to security. Illegal spam, smishing, and fraudulent mail(SCAM) cause a lot of direct and indirect damage to companies and users, including not only social costs such as mental fatigue, but also unnecessary consumption of IT infrastructure resources and economic losses. Although there are regulations related to spam, violators of the law are still on the rise by circumventing the law, and victims are constantly occurring, so it is necessary to review what the problem is. This study examined domestic and foreign spam-related regulations and spam-related response activities, identified problems, and suggested improvement countermeasures. Through this study, it was intended to suggest directions for improving spam-related systems in order to block illegal spam and prevent fraudulent damage.

• Journal of Information Technology Services
• /
• v.21 no.4
• /
• pp.63-74
• /
• 2022

Globally researchers at medical institutions are actively sharing COHORT data of patients to develop vaccines and treatments to overcome the COVID-19 crisis. OMOP-CDM, a common data model that efficiently shares medical data research independently operated by individual medical institutions has patient personal information (e.g. PII, PHI). Although PII and PHI are managed and shared indistinguishably through de-identification or anonymization in medical institutions they could not be guaranteed at 100% by complete de-identification and anonymization. For this reason the security of the OMOP-CDM database is important but there is no detailed and specific OMOP-CDM security inspection tool so risk mitigation measures are being taken with a general security inspection tool. This study intends to study and present a model for implementing a tool to check the security vulnerability of OMOP-CDM by analyzing the security guidelines for the US database and security controls of the personal information protection of the NIST. Additionally it intends to verify the implementation feasibility by real field demonstration in an actual 3 hospitals environment. As a result of checking the security status of the test server and the CDM database of the three hospitals in operation, most of the database audit and encryption functions were found to be insufficient. Based on these inspection results it was applied to the optimization study of the complex and time-consuming CDM CSF developed in the "Development of Security Framework Required for CDM-based Distributed Research" task of the Korea Health Industry Promotion Agency. According to several recent newspaper articles, Ramsomware attacks on financially large hospitals are intensifying. Organizations that are currently operating or will operate CDM databases need to install database audits(proofing) and encryption (data protection) that are not provided by the OMOP-CDM database template to prevent attackers from compromising.

• The Korean Journal of Emergency Medical Services
• /
• v.7 no.1
• /
• pp.65-80
• /
• 2003

Various disasters have been continuously occurred in Korea from 1990s to now. However, there is no substantial improvement against damages as compared with the past due to various reasons such as lack of fundamental recognition, ineffective response systems and widespread insensitivity to safety. More worse, new types of disasters have been frequently generated due to rapid changes in social structures and industrial development, unusual changes in weather and changes of international situations. These disasters request comprehensive countermeasures. In particular, while material damages by disasters can be recovered, the losses of precious lives cannot be recuperated in any ways. Thus, it is critical to set effective disaster medical plans. The first way to minimize damages by disasters is the prevention and the next is to set the disaster medical plans focusing on preliminarily activating the emergency medical system to rapidly rescue and take appropriate emergency medical services for casualties in the early stage when any disaster occurs. Nevertheless, no sufficient researches or references do not exist up to now. Even worse, effective emergency medical systems that play critical roles in increasing survival rates of casualties in actual disaster areas is not deployed. For the United States, the consistent countermeasure system is established in FEMA through a close cooperative system with relevant organizations for serious accidents including terrorists' attacks or natural disasters. For the emergency medical services in disasters, the disaster medical plan is set to cope with any disasters in perfect order by special area as operating the National Disaster Medical SystemESF#8 Role by FEMA. Accordingly, we need to set the extensive and integrated disaster prevention system for rapid and flexible operation against various kinds of serious accidents. This study identified overall problems in disaster control plans in Korea and suggested how to improve the emergency medical service system in disaster areas. Furthermore, it aims to prepare the basic data to set the effective emergency medical service plans when substantial casualties break out and more reasonable and systematic disaster control plans to cope with the future occurrence of serious disasters.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.4 s.42
• /
• pp.231-241
• /
• 2006

When current cyber attacks to information and communication facilities are examined, technologies such as chase evasion technology and defense deviation technology have been rapidly advanced and many weak systems worldwide are often used as passages. And when newly-developed cyber attack instruments are examined, technologies for prefect crimes such as weakness attack, chase evasion and evidence destruction have been developed and distributed in packages. Therefore, there is a limit to simple prevention technology and according to cases, special procedures such as real-time chase are required to overcome cyber crimes. Further, cyber crimes beyond national boundaries require to be treated in international cooperation and relevant procedural arrangements through which the world can fight against them together. However, in current laws, there are only regulations such as substantial laws including simple regulations on Punishment against violation. In procedure, they are treated based on the same procedure as that of general criminal cases which are offline crimes. In respect to international cooperation system, international criminal private law cooperation is applied based on general criminals, which brings many problems. Therefore, this study speculates the procedural law on cyber crimes and presents actual problems of our country and its countermeasures.

• Journal of Digital Convergence
• /
• v.12 no.9
• /
• pp.219-223
• /
• 2014

In line with the advanced wireless communication technology, M2M (Machine-to-Machine) communication has drawn attention in industry. M2M communication features are installed and operated in the fields where human accessibility is highly limited such as disaster, safety, construction, health and welfare, climate, environment, logistics, culture, defense, medical care, agriculture and stockbreeding. In M2M communication, machine replaces people for automatic communication and countermeasures as part of unmanned information management and machine operation. Wireless M2M inter-device communication is likely to be exposed to intruders' attacks, causing security issues, which warrants proper security measures including cross-authentication of whether devices are legitimate. Therefore, research on multiple security protocols has been conducted. The present study applied SessionKey, HashFunction and Nonce to address security issues in M2M communication and proposed a safe protocol with reinforced security properties. Notably, unlike most previous studies arguing for the security of certain protocols based on mathematical theorem proving, the present study used the formal verification with Casper/FDR to prove the safety of the proposed protocol. In short, the proposed protocol was found to be safe and secure.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.775-784
• /
• 2019

Malware infringement attacks are continuously increasing in various environments such as mobile, IOT, windows and mac due to the emergence of new and variant malware, and signature-based countermeasures have limitations in detection of malware. In addition, analytical performance is deteriorating due to obfuscation, packing, and anti-VM technique. In this paper, we propose a system that can detect malware based on machine learning by using similarity hashing-based pattern detection technique and static analysis after file classification according to packing. This enables more efficient detection because it utilizes both pattern-based detection, which is well-known malware detection, and machine learning-based detection technology, which is advantageous for detecting new and variant malware. The results of this study were obtained by detecting accuracy of 95.79% or more for benign sample files and malware sample files provided by the AI-based malware detection track of the Information Security R&D Data Challenge 2018 competition. In the future, it is expected that it will be possible to build a system that improves detection performance by applying a feature vector and a detection method to the characteristics of a packed file.

• Convergence Security Journal
• /
• v.15 no.6_2
• /
• pp.107-119
• /
• 2015

The key objective of terrorism is to create favorable conditions for certain political, ideological, or religious interests through deliberate social chaos and the spread of fear. Accordingly, terrorist groups rally the means and methods capable of spreading fear among the public through shocking violence. Consequently, as terrorism manifests the progress in modern civilization and the structure of international community, its concepts, means, and methods evolve organically with the progress. The characteristics of the modern terrorism include that it has evolved as a means of war against countries by non-state militant groups, and suicide terrorism is spreading like epidemic as it fits the strategies of Islamic extremist and terrorist organizations as a part of international politics based on terrorism. The humanity's efforts to eliminate the threat of terrorism led to decades of implementing premature policies of military force, but they were found ineffective and resulted in the spread of extreme threat of suicide terrorism. For prevention of suicide terrorism, the efforts must be made to dismantle the basis of suicide attacks through addressing religious alienation and antipathy against a civilization using the notions similar to treatment of pathology considering psychological motives of suicide terrorists.