• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.107-109
• /
• 2022

This paper proposes a new security system to detect cyber-attacks based on message authentication in a in-vehicle network. In the in-vehicle network, when a sending node transmits messages in a broadcast manner, it only uses a message identifier, rather than a node's identifier. It leads to a problem not identifying the source. In the proposed system, the sending node generates a message authentication code (MAC) using a cryptographic hash function to the control data and transmits it with the control data. When generating the MAC for each message, a multidimensional chaotic map is applied to increase the randomness of the result. The receiving node compares its MAC generated from the control data in the received message with the MAC of the received message to detect whether the message transmitted from the sending node is forged or not. We evaluate the performance of the proposed system by using CANoe and CAPL (Communication Access Programming Language). Our system shows a 100% of detection rate against cyber-attacks injected.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.6
• /
• pp.39-51
• /
• 2024

This paper proposes a novel approach to enhance the security of container-based systems by analyzing system calls to dynamically detect race conditions without modifying the kernel. Container escape attacks allow attackers to break out of a container's isolation and access other systems, utilizing vulnerabilities such as race conditions that can occur in parallel computing environments. To effectively detect and defend against such attacks, this study utilizes eBPF to observe system call patterns during attack attempts and employs a AdaBoost model to detect them. For this purpose, system calls invoked during the attacks such as Dirty COW and Dirty Cred from popular applications such as MongoDB, PostgreSQL, and Redis, were used as training data. The experimental results show that this method achieved a precision of 99.55%, a recall of 99.68%, and an F1-score of 99.62%, with the system overhead of 8%.

• Smart Media Journal
• /
• v.12 no.11
• /
• pp.36-47
• /
• 2023

Industrial Control System(ICS), which controls facilities at major industrial sites, is increasingly connected to other systems through networks. With this integration and the development of intelligent attacks that can lead to a single external intrusion as a whole system paralysis, the risk and impact of security on industrial control systems are increasing. As a result, research on how to protect and detect cyber attacks is actively underway, and deep learning models in the form of unsupervised learning have achieved a lot, and many abnormal detection technologies based on deep learning are being introduced. In this study, we emphasize the application of preprocessing methodologies to enhance the anomaly detection performance of deep learning models on time series data. The results demonstrate the effectiveness of a Wavelet Transform (WT)-based noise reduction methodology as a preprocessing technique for deep learning-based anomaly detection. Particularly, by incorporating sensor characteristics through clustering, the differential application of the Dual-Tree Complex Wavelet Transform proves to be the most effective approach in improving the detection performance of cyber attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.3
• /
• pp.39-52
• /
• 1999

In this paper we propose a new watermarking technique for copyright protection of images. The proposed technique is based on a spatial masking method with a spatial scale parameter. In general it becomes more robust against various attacks but with some degradations on the image quality as the amplitude of the watermark increases. On the other hand it becomes perceptually more invisible but more vulnerable to various attacks as the amplitude of the watermark decreases. Thus it is quite complex to decide the compromise between the robustness of watermark and its visibility. We note that watermarking using the spread spectrum is not robust enought. That is there may be some areas in the image that are tolerable to strong watermark signals. However large smooth areas may not be strong enough. Thus in order to enhance the invisibility of watermarked image for those areas the spatial masking characteristics of the HVS(Human Visual System) should be exploited. That is for texture regions the magnitude of the watermark can be large whereas for those smooth regions the magnitude of the watermark can be small. As a result the proposed watermarking algorithm is intend to satisfy both the robustness of watermark and the quality of the image. The experimental results show that the proposed algorithm is robust to image deformations(such as compression adding noise image scaling clipping and collusion attack).

• Korean Security Journal
• /
• no.22
• /
• pp.37-64
• /
• 2010

Since the September 11, 2001, the motives and objectives of terrorism that have been targeted at hard targets such as key national facilities have now shifted towards soft targets such as subways, department stores, and tourist hotels; the attacks on these soft targets are steadily increasing. Simultaneous, unconventional, and indiscriminate terrorist attacks on civilians has also increased. In November, 2010, nearly forty states of the G20 and B20 (Business 20) will join in international summits to be hosted in Seoul. This coming July, an additional 350 troops will be deployed to Afghanistan for the sustainment of public security. Such events are sensitive topics, and there is the possibility of terrorist movement. Korea has successfully hosted various international events such as the APEC and ASEM Summits, and the 2002 Korea-Japan World Cup. The experiences from these events must be applied to ensure the safety of public facilities against the dangers of terrorism. First, counter-terrorism center must be established for the long-term, above the General Officer level to ensure the safety and efficiency of multilateral, international summits, as well as promoting policies and legislation aimed at preventing terrorism. Second, a terrorist threat management system must be secured and safety measures must be emphasized. Third, a fundamental structure must be established for the prevention of terrorism on public facilities, as well as legal and government action against the new threat of IED. Fourth, the police and fire fighting networks' must have a firm rapid response posture on the scene of an attack. Fifth, the state of mentality on the recognition of terrorist threats must be changed and restructured by promoting to and educating the population. Sixth, prevention measures must be established via research and academia. Seventh, for the guarantee of security in public facilities, safety management should employ cutting edge technology such as the 3D SICS and further develop and apply such technology. All methods and resources must be fully utilized for the establishment and strengthening terrorism prevention measures.

• The Korean Journal of Air & Space Law and Policy
• /
• v.1
• /
• pp.47-85
• /
• 1989

The Fundamental purpose of the Warsaw Convention was to establish uniform rules applicable to international air transportation. The emphasis on the benefits of uniformity was considered important in the beginning and continues to be important to the present. If the desire for uniformity is indeed the mortar which holds the Warsaw system together then it should be possible to agree on a worldwide liability limit. This liability limit would not be so unreasonable, that it would be impossible for nations to adhere to it. It would preclude any national supplemental compensation plan or Montreal Agreement type of requirement in any jurisdiction. The differentiation of liability limits by national requirement seems to be what is occurring. There is a plethora of mandated limits and Montreal Agreement type 'voluntary' limits. It is becoming difficult to find more than a few major States where an unmodified Warsaw Convention or Hague Protocol limitation is still in effect. If this is the real world in the 1980's, then let the treaty so reflect it. Upon reviewing the Warsaw Convention, its history and the several attempts to amend it, strengths become apparent. Hijackings of international flights have given rise to a number of lawsuits by passengers to recover damages for injuries suffered. This comment is concerned with the liability of an airline for injuries to its passengers resulting from aviation terrorism. In addition, analysis is focused on current airline security measures, particularly the pre-boarding screening system, and the duty of air carriers to prevent weapons from penetrating that system. An airline has a duty to exercise a high degree of care to protect its passengers from the threat of aviation terrorism. This duty would seemingly require the airline to exercise a high degree of care to prevent any passenger from smuggling a weapon or explosive device aboard its aircraft. In the case an unarmed hijacker who boards having no instrument in his possession with which to promote the hoax, a plaintiff-passenger would be hard-pressed to show that the airline was negligent in screening the hijacker prior to boarding. In light of the airline's duty to exercise a high degree of care to provide for the safety of all the passengers on board, an acquiescene to a hijacker's demands on the part of the air carrier could constitute a breach of duty only when it is clearly shown that the carrier's employees knew or plainly should have known that the hijacker was unarmed. A finding of willful misconduct on the part of an air carrier, which is a prerequisite to imposing unlimited liability, remains a question to be determined by a jury using the definition or standard of willful misconduct prevailing in the jurisdiction of the forum court. Through the willful misconduct provision of the Warsaw Convention, air carrier face the possibility of unlimited liability for failure to implement proper preventive precautions against terrorist. Courts, therefore, should broadly construe the willful misconduct provision of the Warsaw Convention in order to find unlimited liability for passenger injuries whenever air carrier security precautions are lacking. In this way, the courts can help ensure air carrier safety and prevention against terrorist attack. Air carriers, therefore, would have an incentive to increase, impose and maintain security precautions designed to thwart such potential terrorist attacks as in the case of Korean Air Lines Flight No.858 incident having a tremendous impact on the civil aviation community. The crash of a commercial airliner, with the attending tragic loss of life and massive destruction of property, always gives rise to shock and indignation. The general opinion is that the legal system could be sufficient, provided that the political will is there to use and apply it effectively. All agreed that the main responsibility for security has to be borne by the governments. I would like to remind all passengers that every discovery of the human spirit may be used for opposite ends; thus, aircraft can be used for air travel but also as targets of terrorism. A state that supports aviation terrorism is responsible for violation of International Aviation Law. Generally speaking, terrorism is a violation of international law. It violates the soverign rights of the states, and the human rights of the individuals. I think that aviation terrorism as becoming an ever more serious issue, has to be solved by internationally agreed and closely co-ordinated measures. We have to contribute more to the creation of a general consensus amongst all states about the need to combat the threat of aviation terrorism.

• The Korean Journal of Air & Space Law and Policy
• /
• v.32 no.2
• /
• pp.155-188
• /
• 2017

On the one hand, the 4th Industrial Revolution provides a positive opportunity to build a new civilization paradigm for mankind. However, on the other hand, due to the 4th Industrial Revolution, artificial intelligence such as 'Goggle Alpha Go' revolutionized and even the human ability was replaced with a 'Silicon Chip' as the opportunity to communicate decreases, the existence of human beings is weakened. And there is a growing concern that the number of violent crimes, such as psychopath, which hunts humans as games, will increase. Moreover, recent international terrorism is being developed in a form similar to 'Psychopathic Violent-Crime' that indiscriminately attacks innocent people. So, the probability that terrorist organizations abuse the positive effects provided by the Fourth Industrial Revolution as means of terrorism is increasing. Therefore, the paradigm of aviation terrorism is expected to change in a way that attacks airport facilities and users rather than aircraft. Because airport facilities are crowded, and psychopathic terrorists are easily accessible. From this point of view, our counter terrorism system of aviation has many weak points in various aspects such as: (1) limitations of counter-terrorism center (2) inefficient on-site command and control system (3) separated organization for aviation security consultation (4) dispersed information collection function in government (5) vulnerable to cyber attack (6) lack of international cooperation network for aviation terrorism. Consequently, it is necessary to improve the domestic counter terrorism system of aviation so as to preemptively respond to the international terrorism. This study propose the following measures to improve the aviation security system by (1) create 'Aviation Special Judicial Police' (2) revise the anti-terrorism law and aviation security law (3) Strengthening the ability respond to terrorism in cyberspace (4) building an international cooperation network for aviation terrorism.

• Strategy21
• /
• s.33
• /
• pp.65-112
• /
• 2014

Recent trends show that the PRC has stepped aside its "army-centered approach" and placed greater emphasis on its Navy and Air Force for a wider range of operations, thereby reducing its ground force and harnessing its economic power and military technology into naval development. A quantitative growth of the PLA Navy itself is no surprise as this is not a recent phenomenon. Now is the time to pay closer attention to the level of PRC naval force's performance and the extent of its warfighting capacity in the maritime domain. It is also worth asking what China can do with its widening naval power foundation. In short, it is time to delve into several possible scenarios I which the PRC poses a real threat. With this in mind, in Section Two the paper seeks to observe the construction progress of PRC's naval power and its future prospects up to the year 2020, and categorize time frame according to its major force improvement trends. By analyzing qualitative improvements made over time, such as the scale of investment and the number of ships compared to increase in displacement (tonnage), this paper attempts to identify salient features in the construction of naval power. Chapter Three sets out performance evaluation on each type of PRC naval ships as well as capabilities of the Navy, Air Force, the Second Artillery (i.e., strategic missile forces) and satellites that could support maritime warfare. Finall, the concluding chapter estimates the PRC's maritime warfighting capability as anticipated in respective conflict scenarios, and considers its impact on the Korean Peninsula and proposes the directions ROK should steer in response. First of all, since the 1980s the PRC navy has undergone transitions as the focus of its military strategic outlook shifted from ground warfare to maritime warfare, and within 30 years of its effort to construct naval power while greatly reducing the size of its ground forces, the PRC has succeeded in building its naval power next to the U.S.'s in the world in terms of number, with acquisition of an aircraft carrier, Chinese-version of the Aegis, submarines and so on. The PRC also enjoys great potentials to qualitatively develop its forces such as indigenous aircraft carriers, next-generation strategic submarines, next-generation destroyers and so forth, which is possible because the PRC has accumulated its independent production capabilities in the process of its 30-year-long efforts. Secondly, one could argue that ROK still has its chances of coping with the PRC in naval power since, despite its continuous efforts, many estimate that the PRC naval force is roughly ten or more years behind that of superpowers such as the U.S., on areas including radar detection capability, EW capability, C4I and data-link systems, doctrines on force employment as well as tactics, and such gap cannot be easily overcome. The most probable scenarios involving the PRC in sea areas surrounding the Korean Peninsula are: first, upon the outbreak of war in the peninsula, the PRC may pursue military intervention through sea, thereby undermining efforts of the ROK-U.S. combined operations; second, ROK-PRC or PRC-Japan conflicts over maritime jurisdiction or ownership over the Senkaku/Diaoyu islands could inflict damage to ROK territorial sovereignty or economic gains. The PRC would likely attempt to resolve the conflict employing blitzkrieg tactics before U.S. forces arrive on the scene, while at the same time delaying and denying access of the incoming U.S. forces. If this proves unattainable, the PRC could take a course of action adopting "long-term attrition warfare," thus weakening its enemy's sustainability. All in all, thiss paper makes three proposals on how the ROK should respond. First, modern warfare as well as the emergent future warfare demonstrates that the center stage of battle is no longer the domestic territory, but rather further away into the sea and space. In this respect, the ROKN should take advantage of the distinct feature of battle space on the peninsula, which is surrounded by the seas, and obtain capabilities to intercept more than 50 percent of the enemy's ballistic missiles, including those of North Korea. In tandem with this capacity, employment of a large scale of UAV/F Carrier for Kill Chain operations should enhance effectiveness. This is because conditions are more favorable to defend from sea, on matters concerning accuracy rates against enemy targets, minimized threat of friendly damage, and cost effectiveness. Second, to maintain readiness for a North Korean crisis where timely deployment of US forces is not possible, the ROKN ought to obtain capabilities to hold the enemy attack at bay while deterring PRC naval intervention. It is also argued that ROKN should strengthen its power so as to protect national interests in the seas surrounding the peninsula without support from the USN, should ROK-PRC or ROK-Japan conflict arise concerning maritime jurisprudence. Third, the ROK should fortify infrastructures for independent construction of naval power and expand its R&D efforts, and for this purpose, the ROK should make the most of the advantages stemming from the ROK-U.S. alliance inducing active support from the United States. The rationale behind this argument is that while it is strategically effective to rely on alliance or jump on the bandwagon, the ultimate goal is always to acquire an independent response capability as much as possible.

• Korean Security Journal
• /
• no.20
• /
• pp.339-363
• /
• 2009

The 9.11 demonstrated that terrorist attack could be more serious problem than the war in our modern life. No countries in the world have evaded being a target for terrorists today. As well as South Korea, the whole world must share attentions and responsibilities for fighting against the terrorism. Since the international terrorist groups have expanded their targets from Western countries to Koreans, civilian hostages are no longer other's affair; it became a serious threat to public. Increased Korean investment, trade, missionary, and travel overseas also expanded activity regions worldwide. It also result increased terrorist threats and possible abduction. The number of kidnapping crisis has increased since the terrorists use it as an effective method of sending a message. Piracy refers to a broad range of violent acts at sea, and has traditionally been regarded as common enemies. Piracy constitutes a great threat to the security of navigation as well as to the safety of vessels and crews. Lessons from hostage issues such as Korean hostage crisis in Somalia and Afghanistan show that it can cause criticism on moral issues if armed rescue missions fail or hostages are killed, so the governments and related corporations try to solve it by paying ransom. Terrorists and use these advantages in order to put a huge pressure on the governments. In this study we will look at essential characteristics and types of hostage abductions and recognition of national safety, lessons and solutions to previous Korean hostage cases in overseas. At the same time, it provides a guidelines of the direction in the fighting against terrorist groups and Piracy.

• Korean Security Journal
• /
• no.15
• /
• pp.29-50
• /
• 2008

Many countries throughout the world have enacted laws on terrorism in the light of the changes that time has brought to them, geographical features, cultural values, and environmental elements. Especially some advanced European nations prescribe the definition of terrorism, the purpose of terrorism, the behavior of terrorism, and the types of crimes related to terrorism and so on for the following reason that it is more vital for the authorities concerned to investigate and punish terrorists after the rise of terrorism. In this regard, this paper analyzes legislative countermoves against terrorists of advanced countries such as France, Germany, and England and through this sheds light on the need of future anti-terrorism bills. The legislative basic guidelines directly to manipulate future terrors based on theories derived from this study could be summarized as follows. In the first place, providing laws on direct investigative power and harsher punishment to those involved in terrorism is a prerequisite for social security and thus the presidential directive of the state anti-terrorism action guidelines just deals with administrative measures without any effective response to terrorism. Hence it is urgent to make anti-terrorism bill concerning investigation and punishment of terrorists. In the second place, it is associated with the objectives of terror. The expression "all sorts of" stated in Korean law is so quite unclear that it can not fulfill the required conditions for naming it "crime". Comprehending provisoes of the crime that meets the purpose of the terrorists is necessary in order to investigate and inflict punishment on them. Therefore, it is advisable to establish specific and precise principles such as political, social, ideological, and religious purpose of terrorists in the bill. In the third place, to meet the flow of times of technicalization, informatization, such provisoes as destruction of electronic data system, crimes related to nuclear materials, purchases of weapons by terrorists, tax administration for prohibition of sale, and arson should be considered in terror bill. In the fourth place, nonselective attack toward unspecified individuals has become a serious issue in our society. Terrorists leave poisonous foods or beverages to crowded place or dump toxic chemicals into river intentionally. Therefore more strict regulations must be included in terror bill to prevent possible terrorist attacks.