• Journal of Digital Convergence
• /
• v.20 no.2
• /
• pp.9-20
• /
• 2022

Supply chain attacks target critical infrastructure, causing large amounts of damage and evolving into a threat to public safety and national security. Accordingly, when establishing cybersecurity strategies and policies, supply chain risk management is specified to enhance security, and the US Biden administration recently issued the Executive Order on Improving the Nation's Cybersecurity, SBOM was mentioned as part of the guidelines for strengthening software supply chain security. If the government mandates SBOM and uses it as a security verification tool for supply chains, it can be affected by the domestic procurement system in the future and can be referenced when establishing a security system for domestic supply chains according to the progress of policy implementation. Accordingly, in this paper, countries that are promoting the SBOM policy as a way to strengthen the security of the software supply chain were selected and analyzed with a focus on related cases. In addition, through comparison and analysis of foreign SBOM policy trends, methods for using domestic SBOM in terms of technology, policy, and law were considered. As the value of using SBOM as a supply chain integrity/transparency verification tool is expected in the future, it is necessary to continuously identify trends in the establishment of international standardization and policy development for SBOM and study the standard format.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.4
• /
• pp.687-697
• /
• 2023

Botnets, whose attack patterns are becoming more sophisticated and diverse, are recognized as one of the most serious cybersecurity threats today. This paper revisits the experimental results of botnet detection using autoencoder, a semi-supervised deep learning model, for UGR and CTU-13 data sets. To prepare the input vectors of autoencoder, we create data points by grouping the NetFlow records into sliding windows based on source IP address and aggregating them to form features. In particular, we discover a simple power-law; that is the number of data points that have some flow-degree is proportional to the number of NetFlow records aggregated in them. Moreover, we show that our power-law fits the real data very well resulting in correlation coefficients of 97% or higher. We also show that this power-law has an impact on the learning of autoencoder and, as a result, influences the performance of botnet detection. Furthermore, we evaluate the performance of autoencoder using the area under the Receiver Operating Characteristic (ROC) curve.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.5
• /
• pp.801-811
• /
• 2023

With the cyber incidents increasing every year, opinions are being raised that legal system relating to incident reporting needs to be revised to improve the cyber incident reporting rate, etc. Accordingly, this paper suggests a legal improvement to enhance the effectiveness of cyber incident reporting. First, by analyzing domestic media coverage, this paper defines the problems which need to be improved regarding an incident reporting system as "unreported" and "not timely reporting". Then, this paper finds four requirements for legal improvement like "a reporting entity", "a starting point of reporting", "a reporting deadline" and "a protection of reporting information" by analyzing the relationship between reporting relating problems and issues published by overseas institutions and additionally by analyzing the need to revise the law. Finally, through an analysis of legislative cases, this paper suggests a legal improvement for the requirements.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.781-799
• /
• 2024

Recently, the US and EU have been institutionally introducing and promoting Coordinated Vulnerability Disclosure(CVD) to strengthen the response to security vulnerabilities in ICT products and services, based on collaboration with white-hat hackers. In response to these changes in cybersecurity, we propose a three-step approach to introduce CVD through the Information and Communications Network Act(ICNA). In the first step, to comprehend the necessity and requirements for legislating CVD, we survey the current situation in Korea and the trends of CVD in the US, EU, and OECD. In the second step, we analyze the necessity for legislating CVD and derive the requirements for its legislation. In this paper, we analyze the necessity for legislating CVD from three perspectives: the need for introducing CVD, the need for institutionalization based on law, and the suitability of the ICNA as the legislation. The derived requirements for CVD legislation include the establishment and publication of Vulnerability Disclosure Policy(VDP), legal protection for white-hat hackers, and designation and role assignments of coordinator. In the third step, we introduce approaches to apply the requirements for CVD legislation to the ICNA, which is the law governing prevention and response to cybersecurity incidents in private sector.

• Korea Trade Review
• /
• v.46 no.3
• /
• pp.99-117
• /
• 2021

Korea's FTA e-commerce regulations are evolving into a standardized norm. However, "location of computing facilities", which was not covered by Korea's existing FTA, was newly established in Korea's first Mega FTA, RCEP. China, a member of RCEP, restricts data movement and requires data localization through its Cybersecurity law. These facts have led to start this study with interest in data-related regulations. It examined country-specific and regulatory characteristics in the process of forming digital trade norms, using the TAPED established by Burri et al. (2020). It also analyzed the current status of introducing norms related to 'data flow', 'data localization' and 'data protection' of the EU, USA and China, which are leading the formation of e-commerce trade norms. Finally, the legal review was conducted to compare the exact meaning of the wording expressed in each agreement for the six recently enacted Mega FTAs and Digital Economic Agreements. These findings are meaningful in that they provided implications for the effectiveness of RCEP and the direction of negotiations on Korea's digital trade norms.

• Convergence Security Journal
• /
• v.19 no.2
• /
• pp.21-28
• /
• 2019

The emergence of a hyper-connected-super-intelligence society, called the era of the Fourth Industrial Revolution, brought about a new change in the security environment. With ICT (Information Communication Technology) convergence and high-tech technologies introduced across the board, the person-centered driving force that moved the real space is replaced by the code-oriented cyberspace, and its dependency is constantly increasing. Paradoxically, however, these technological changes serve as another security vulnerability that threatens our society, and have brought about the justification for building a cyber defense system while simultaneously facing the opportunities and challenges brought by technology. In this study, the theory of self-defense was put forward on the basis of the theoretical basis for actively responding to the increasingly intelligent and mass-evolving cyberattacks, and firstly, the need to enact a cybersecurity law, secondly, and thirdly, the need to develop a response cooperation system with the U.S. and other cyber powers.

• Asia-Pacific Journal of Business
• /
• v.11 no.3
• /
• pp.169-184
• /
• 2020

Purpose - This research is intended to analyze the current status and problems of tax benefits in the R&D sector and suggest ways to improve tax credit for research and manpower development expenses when various countries fiercely develop efforts to enhance national competitiveness through increased investment in R&D Design/methodology/approach - This study will examine the current status of the tax support system for domestic and foreign R&D, and suggest improvement measures to expand research and development activities in the future. Findings - First, a plan may be considered to abolish and perpetuate the sunset deadline for tax credit for research and manpower development expenses as in the case of the United States and Japan. This perpetuation can be a proactive measure to actively support long-term R & D investment in companies facing economic decisions under uncertainty. Second, it should be revised to raise the tax credit rate of large corporations, which are shrinking every year, compared to SMEs, so that both large corporations and SMEs can improve their international competitiveness and secure excellent technologies through R & D. Finally, the target technologies for each new growth engine and source technology should be expanded to various fields, including national cybersecurity enhancement technology, aviation engine technology, carbon emission and global cooling technologies, which are areas of interest in major overseas R&D countries, to help active R&D and investment in these areas. Research implications or Originality - This study can find a contribution in comparing and analyzing the national R&D tax support system and presenting improvement measures at a time when the benefits of tax credit for research and manpower development expenses of large companies are decreasing due to frequent tax law revisions and the government's factors of increasing tax revenues. In addition, recent research and development items and research technologies of foreign countries were analyzed by Nature's top 10 major science and technology issues, and advanced technologies that should be applied to target technology areas by new growth engine and source technology were specifically investigated and presented.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.181-186
• /
• 2021

Ensuring national security in cyberspace is becoming an increasingly important issue, given the growing number of cybercrimes due to adaptation to new security and protection technologies. The purpose of this article is to study the features of counteracting, preventing, and detecting crimes in the virtual space of Ukraine on the example of cases and analysis of the State Center for Cyber Defense and Countering Cyber Threats CERT-UA and the Cyber Police Department of the National Police of Ukraine. The research methodology is based on the method of analysis and study of cases of crime detection in the virtual environment of the State Center for Cyber Defense and Countering Cyber Threats CERT-UA and the Cyber Police Department of the National Police of Ukraine. The results show that the consistent development of the legal framework in 2016-2020 and the development of a cyber-defense strategy for 2021-2025 had a positive impact on the institution-building and detection of cybercrime in Ukraine. Establishing cooperation with developed countries (USA) has helped to combat cybercrime by facilitating investigations by US law enforcement agencies. This means that international experience is effective for developing countries as a way to quickly understand the threats and risks of cybercrime. In Ukraine, the main number of incidents concerns the distribution of malicious software in the public sector. In the private sector, cyber police are largely confronted with the misappropriation of citizens' income through Internet technology. The practical value of this study is to systematize the experience of overcoming cybercrime on the example of cases of crime detection in a virtual environment.