• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.12
• /
• pp.471-480
• /
• 2016

Recently, the damage of cyber attack toward infra-system, national defence and security system is gradually increasing. In this situation, military recognizes the importance of cyber warfare, and they establish a cyber system in preparation, regardless of the existence of threaten. Thus, the study of Intrusion Detection System(IDS) that plays an important role in network defence system is required. IDS is divided into misuse and anomaly detection methods. Recent studies attempt to combine those two methods to maximize advantagesand to minimize disadvantages both of misuse and anomaly. The combination is called Hybrid IDS. Previous studies would not be inappropriate for near real-time network environments because they have computational complexity problems. It leads to the need of the study considering the structure of IDS that have high detection rate and low computational cost. In this paper, we proposed a Hybrid IDS which combines C4.5 decision tree(misuse detection method) and Weighted K-means algorithm (anomaly detection method) hierarchically. It can detect malicious network packets effectively with low complexity by applying mutual information and genetic algorithm based efficient feature selection technique. Also we construct upgraded the the hierarchical structure of IDS reusing feature weights in anomaly detection section. It is validated that proposed Hybrid IDS ensures high detection accuracy (98.68%) and performance at experiment section.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.47 no.2
• /
• pp.103-112
• /
• 2010

In sensor networks, because sensors are deployed in an unprotected environment, they are prone to be targets of compromise attack, If the number of compromised nodes increases considerably, the key management in the network is paralyzed. In particular, compromise of Cluster Heads (CHs) in clustered sensor networks is much more threatening than that of normalsensors. Recently, rekeying schemes which update the exposed keys using the keys unknown to the compromised nodes are emerging. However, they cause some security and efficiency problems such as single group key employment in a cluster, passive eviction of compromised nodes, and excessive communication and computation overhead. In this paper, we present a proactive rekeying scheme using renewals of duster organization for clustered sensor networks. In the proposed scheme, each sensor establishes individual keys with neighbors at network boot-up time, and these keys are employed for later transmissions between sensors and their CH. By the periodic cluster reorganization, the compromised nodes are expelled from network and the individual keys employed in a cluster are changed continuously. Besides, newly elected CHs securely agree a key with sink by informing their members to sink, without exchangingany keying materials. The simulation results shows that the proposed scheme remarkably improves the confidentiality and integrity of data in spite of the increase of compromised nodes. Also, they show that the proposed scheme exploits the precious energy resource more efficiently than SHELL.

• Journal of the Korean Society of Radiology
• /
• v.12 no.6
• /
• pp.719-725
• /
• 2018

After 9/11 attacks in the U.S, Terrorism has increased the number of unspecified casualties through multi-use facility terror attacks compared to the past. The subsequent London bombings and the self-destruction of Pakistan increased people's fear and social anxiety. As international events have been held in Korea recently, awareness and concern over radioactive terrorism and security management of radioactive materials are increasing. In this paper, we compared the results of different meteorological conditions using HotSpot Code. After creating a possible terror scenario in Korea, sources likely to be use in RDD and Dirty bomb were investigated. The meteorological condition was selected by comparing the Pasquill-Gifford stability class with the most stable condition F and the most unstable condition A. The result value of the A and F condition through simulation were shown not to cause citizens to die from acute effects due to radiological effects. The range of radioactivity is different according to the wind speed and the meteorological stability, and the degree of radioactivity dilution is different according to meteorological conditions. Analysis results are expected to be used for initial response in the event of a radioactive terrorist attack.

• Journal of Platform Technology
• /
• v.9 no.3
• /
• pp.3-17
• /
• 2021

Advanced persistent threat (APT) attacks are attacks aimed at a particular entity as a set of latent and persistent computer hacking processes. These APT attacks are usually carried out through various methods, including spam mail and disguised banner advertising. The same name is also used for files, since most of them are distributed via spam mail disguised as invoices, shipment documents, and purchase orders. In addition, such Infostealer attacks were the most frequently discovered malicious code in the first week of February 2021. CDR is a 'Content Disarm & Reconstruction' technology that can prevent the risk of malware infection by removing potential security threats from files and recombining them into safe files. Gartner, a global IT advisory organization, recommends CDR as a solution to attacks in the form of attachments. There is a program using CDR techniques released as open source is called 'Dangerzone'. The program supports the extension of most document files, but does not support the extension of HWP files that are widely used in Korea. In addition, Gmail blocks malicious URLs first, but it does not block malicious URLs in mail systems such as Naver and Daum, so malicious URLs can be easily distributed. Based on this problem, we developed a 'Dangerzone' program that supports the HWP extension to prevent APT attacks, and a Chrome extension that performs URL checking in Naver and Daum mail and blocking banner ads.

• Maritime Security
• /
• v.1 no.1
• /
• pp.241-271
• /
• 2020

The military technology currently receiving the most attention is the hypersonic missile. hypersonic is faster than the speed of sound or Mach 5+. The vast majority of the ballistic missiles that it inspired achieved hypersonic speeds as they fell from the sky. Rather than speed, today's renewed attention to hypersonic weapons owes to developments that enable controlled flight. These new systems have two sub-varieties: hypersonic glide vehicles and hypersonic cruise missiles. Hypersonic weapons could challenge detection and defense due to their speed, maneuverability, and low altitude of flight. The fundamental question of this study is: 'What effect will the hypersonic missile have on the maritime strategy?' It is quite prudent to analyze and predict the impact of technology in the development stage on strategy in advance. However, strategy is essential because it affect future force construction. hypersonic missiles act as a limiting factor in securing sea control. The high speed and powerful destructive power of the hypersonic missile are not only difficult to intercept, but it also causes massive ship damage at a single shot. As a result, it is analyzed that the Securing sea control will be as difficult as the capacity of sea denial will be improved geographically and qualitatively. In addition, the concept of Fortress Fleet, which was criticized for its passive strategy in the past, could be reborn in a modern era. There are maritime power projection/defence, SLOC attack/defence in exploiting sea control. The effects of hypersonic missiles on exploiting sea control could be seen as both limiting and opportunity factors.

• Journal of the Institute of Convergence Signal Processing
• /
• v.23 no.4
• /
• pp.194-199
• /
• 2022

Preprocessing for high-quality data is required for high accuracy and usability in various and complex image data-based industries. However, when a contaminated hostile example that combines noise with existing image or video data is introduced, which can pose a great risk to the company, it is necessary to restore the previous damage to ensure the company's reliability, security, and complete results. As a countermeasure for this, restoration was previously performed using Defense-GAN, but there were disadvantages such as long learning time and low quality of the restoration. In order to improve this, this paper proposes a method using adversarial examples created through FGSM according to image segmentation in addition to using the VQ-VAE model. First, the generated examples are classified as a general classifier. Next, the unsegmented data is put into the pre-trained VQ-VAE model, restored, and then classified with a classifier. Finally, the data divided into quadrants is put into the 4-split-VQ-VAE model, the reconstructed fragments are combined, and then put into the classifier. Finally, after comparing the restored results and accuracy, the performance is analyzed according to the order of combining the two models according to whether or not they are split.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.10
• /
• pp.67-76
• /
• 2023

Although deep learning models are making innovative achievements in the field of computer vision, the problem of vulnerability to adversarial examples continues to be raised. Adversarial examples are attack methods that inject fine noise into images to induce misclassification, which can pose a serious threat to the application of deep learning models in the real world. In this paper, we propose a model that detects adversarial examples using differences in predictive values between edge-learned classification models and underlying classification models. The simple process of extracting the edges of the objects and reflecting them in learning can increase the robustness of the classification model, and economical and efficient detection is possible by detecting adversarial examples through differences in predictions between models. In our experiments, the general model showed accuracy of {49.9%, 29.84%, 18.46%, 4.95%, 3.36%} for adversarial examples (eps={0.02, 0.05, 0.1, 0.2, 0.3}), whereas the Canny edge model showed accuracy of {82.58%, 65.96%, 46.71%, 24.94%, 13.41%} and other edge models showed a similar level of accuracy also, indicating that the edge model was more robust against adversarial examples. In addition, adversarial example detection using differences in predictions between models revealed detection rates of {85.47%, 84.64%, 91.44%, 95.47%, and 87.61%} for each epsilon-specific adversarial example. It is expected that this study will contribute to improving the reliability of deep learning models in related research and application industries such as medical, autonomous driving, security, and national defense.

• Korean Security Journal
• /
• no.12
• /
• pp.149-175
• /
• 2006

The purpose of this study is to understand and analyze the character of Islamic fundamentalism and Middle-Ease Terrorism. The aim of Islamic fundamentalism is reconstruction of Ummah(Muslim Unity), thee early society of Muhammad's age. Islamic movement insist to restore the spirit of Islam and purify the society of Islam from the United State and Western world. Now, Islamic fundamentalism movement as a new ideology, appeals to muslim in the world. The concept of modern national state from the Western countries do not accord with the traditional Islamic principles of reign and a spirit of nationalism. On the other hand, Islamic movement have no legitimacy in the system of modern state which govern the Arab world, regardless of the form of government. For this reasons, Islamic fundamentalist have an insecure position and their political activities. It is yet far from their purpose, to reconstruct the muslim unity, to realize the Islamic political principle close to their practical methods. Yet Islamic fundamental movement have not overcome the system of secular state. The Middle East terrorism supported by government might be eradicated by America's anti-terrorism policy. However, it will be serious and spread all over the world that the terrorist attack against the U. S. and western countries is acted by militant warriors of Islamic fundamentalism, uniting Arab and Islamic people's emotions against America and western countries. There are some reasons that we need to focus on the Arab and Islamic fundamentalism. We need to get out of misunderstanding and discrimination about Islamic religion and culture from America's and Western' standard Which are only their new world order. The discrimination of America and western nations against muslim could make other ideologies, opposite to the world peace. There are a lot of foreign workers from Islam countries in Korea. We need to give consideration and attention to them for the our globalization and world peace. It is time to consider what to do for the nation's profit(economical, political, strategic)with right understanding. We are not safe and free from the terrorism yet.

• Korean Security Journal
• /
• no.28
• /
• pp.153-179
• /
• 2011

Korea has been a victim of State supporting terrorism by North Korea even before international society realize the terrorism threats because of 9.11 in US. However, state supporting terrorism against South Korea by North Korea went along with East/West Cold War System by US and the Soviet Union. It is because socialism that Kim Il-sung who established a separate government in North Korea with the political, economic, social and military support of the Soviet Union selected as his political ideology justifies terrorism as the tool to complete the proletariat revolution. North Korea's state supporting terrorism is being operated systematically and efficiently by military of North Korea. It gives big worries to international society not only by performing terrorism against Korea but also by dispatching terrorists and exporting terrorism strategies to the third world countries. In this situation, terrorism against Korea has met a new transition point at 9${\cdot}$11 in US. As South Korea is confronting North Korea and the war has not ended but suspended, the alliance between US and Korea is more important than anything else. Because of this Korea decided to support the anti-terrorism wars against Afghanistan and Iraq of US and other western countries and send military force there. The preface of the anti-terrorism war has begun as such. On October 7, 2001, US and UK started to attack Afghanistan and Taleban government in Afghanistan was dethroned on December 7, 2001. US and western countries started a war against Iraq on March 20, 2003. On April 9, 2003 Baghdad, the capital of Iraq fell, and Saddam Hussein al-Majid al-Awja government was expelled. During the process, the terrorism threat against South Korea has expanded to Arab terrorists and terrorism organizations as well as North Korea. Consequently, although Korean government, scholars and working level public servants made discussions and tried to seek countermeasures, the damages are extending. Accordingly, terrorism against Korean companies in overseas after 9${\cdot}$11 were analyzed focusing on Nation, Region, Victimology, and Weapons used for the attacks. Especially, the trend of terrorism against the Korean companies in overseas was discussed by classifying them chronologically such as initiation and termination of anti-terrorism wars against Afghanistan and Iraq, and from the execution of Iraqi President, Saddam Hussein al-Majid al-Awja to December 2010. Through this, possible terrorism incidents after the execution of Osama bin Laden, the leader of Al-Qaeda, on May 2, 2011 were projected and proposals were made for the countermeasures.

• Journal of National Security and Military Science
• /
• s.13
• /
• pp.687-738
• /
• 2016

To prepare for the complicated international relationship regarding Korean Peninsula after reunification, this thesis started off with the awareness that Unified Korea should build its international posture and national security at an early stage by determining its appropriate military strength for independent defense and military strategies that Unified Korea should aim. The main theme of this thesis is 'The research on appropriate military strength of the Unified Korean military'. To derive appropriate military strength of Unified Korea, this research focuses on conflict scenario and relative balance strategy based on potential threats posed by neighboring countries, and this is the part that differentiates this research from other researches. First of all, the main objective of the research is to decide appropriate military strength for Unified Korea to secure defense sufficiency. For this, this research will decide efficient military strategy that Unified Korea should aim. Than by presuming the most possible military conflict scenario, this research will judge the most appropriate military strength for Unified Korea to overcome the dispute. Second, after deciding appropriate military strength, this research will suggest how to operate presumed military strength in each armed force. The result of this thesis is as in the following. First, Unified Korea should aim 'relative balance strategy'. 'Relative balance strategy' is a military strategy which Unified Korea can independently secure defense sufficiency by maintaining relative balance when conflicts occur between neighboring countries. This strategy deters conflicts in advance by relative balance of power in certain time and place. Even if conflict occurs inevitably, this strategy secures initiative. Second, when analyzing neighboring countries interest and strategic environment after unification, the possibility of all-out war will be low in the Korean Peninsula because no other nation wants the Korean Peninsula to be subordinated to one single country. Therefore appropriate military strength of the Unified Korean military would be enough when Unified Korea can achieve relative balance in regional war or limited war. Third, Northeast Asia is a region where economic power and military strength is concentrated. Despite increasing mutual cooperation in the region, conflicts and competition to expand each countries influence is inherent. Japan is constantly enhancing their military strength as they aim for normal statehood. China is modernizing their military strength as they aspire to become global central nation. Russia is also enhancing their military strength in order to hold on to their past glory of Soviet Union as a world power. As a result, both in quality and quantity, the gap between military strength of Unified Korea and each neighboring countries is enlarged at an alarming rate. Especially in the field of air-sea power, arms race is occurring between each nation. Therefore Unified Korea should be equipped with appropriate military strength in order to achieve relative balance with each threats posed by neighboring countries. Fourth, the most possible conflicts between Unified Korea and neighboring countries could be summarized into four, which are Dokdo territorial dispute with Japan, Leodo jurisdictional dispute with China, territorial dispute concerning northern part of the Korea Peninsula with China and disputes regarding marine resources and sea routes with Russia. Based on those conflict scenarios, appropriate military strength for Unified Korea is as in the following. When conflict occurs with Japan regarding Dokdo, Japan is expected to put JMSDF Escort Flotilla 3, one out of four of its Japan Maritime Self-Defense Force Escort Fleet, which is based in Maizuru and JMSDF Maizuru District. To counterbalance this military strength, Unified Korea needs one task fleet, comprised with three task flotilla. In case of jurisdictional conflict with China concerning Leodo, China is expected to dispatch its North Sea fleet, one out of three of its naval fleet, which is in charge of the Yellow Sea. To response to this military action, Unified Korea needs one task fleet, comprised with three task flotilla. In case of territorial dispute concerning northern part of the Korean Peninsula with China, it is estimated that out of seven Military Region troops, China will dispatch two Military Region troops, including three Army Groups from Shenyang Military Region, where it faces boarder with the Korean Peninsula. To handle with this military strength, Unified Korea needs six corps size ground force strength, including three corps of ground forces, two operational reserve corps(maneuver corps), and one strategic reserve corps(maneuver corps). When conflict occurs with Russia regarding marine resources and sea routes, Russia is expected to send a warfare group of a size that includes two destroyers, which is part of the Pacific Fleet. In order to balance this strength, Unified Korea naval power requires one warfare group including two destroyers. Fifth, management direction for the Unified Korean military is as in the following. Regarding the ground force management, it would be most efficient to deploy troops in the border area with china for regional and counter-amphibious defense. For the defense except the border line with china, the most efficient form of force management would be maintaining strategic reserve corps. The naval force should achieve relative balance with neighboring countries when there is maritime dispute and build 'task fleet' which can independently handle long-range maritime mission. Of the three 'task fleet', one task fleet should be deployed at Jeju base to prepare for Dokdo territorial dispute and Leodo jurisdictional dispute. Also in case of regional conflict with china, one task fleet should be positioned at Yellow Sea and for regional conflict with Japan and Russia, one task fleet should be deployed at East Sea. Realistically, Unified Korea cannot possess an air force equal to neither Japan nor China in quantity. Therefore, although Unified Korea's air force might be inferior in quantity, they should possess the systematic level which Japan or China has. For this Unified Korea should build air base in island areas like Jeju Island or Ullenong Island to increase combat radius. Also to block off infiltration of enemy attack plane, air force needs to build and manage air bases near coastal areas. For landing operation forces, Marine Corps should be managed in the size of two divisions. For island defense force, which is in charge of Jeju Island, Ulleung Island, Dokdo Island and five northwestern boarder island defenses, it should be in the size of one brigade. Also for standing international peace keeping operation, it requires one brigade. Therefore Marine Corps should be organized into three divisions. The result of the research yields a few policy implications when building appropriate military strength for Unified Korea. First, Unified Korea requires lower number of ground troops compared to that of current ROK(Republic of Korea) force. Second, air-sea forces should be drastically reinforced. Third, appropriate military strength of the Unified Korean military should be based on current ROK military system. Forth, building appropriate military strength for Unified Korea should start from today, not after reunification. Because of this, South Korea should build a military power that can simultaneously prepare for current North Korea's provocations and future threats from neighboring countries after reunification. The core of this research is to decide appropriate military strength for Unified Korea to realize relative balance that will ensure defense sufficiency from neighboring countries threats. In other words, this research should precisely be aware of threats posed by neighboring countries and decide minimum level of military strength that could realize relative balance in conflict situation. Moreover this research will show the path for building appropriate military strength in each armed force.