• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.507-522
• /
• 2014

Domestic CERTs are carrying out monitoring and response against cyber attacks using security devices(e.g., IDS, TMS, etc) based on signatures. Particularly, in case of public and research institutes, about 30 security monitoring and response centers are being operated under National Cyber Security Center(NCSC) of National Intelligence Service(NIS). They are mainly using Threat Management System(TMS) for providing security monitoring and response service. Since TMS raises a large amount of security events and most of them are not related to real cyber attacks, security analyst who carries out the security monitoring and response suffers from analyzing all the TMS events and finding out real cyber attacks from them. Also, since the security monitoring and response tasks depend on security analyst's know-how, there is a fatal problem in that they tend to focus on analyzing specific security events, so that it is unable to analyze and respond unknown cyber attacks. Therefore, we propose automated verification method of security events based on their empirical analysis to improve performance of security monitoring and response.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.76
• /
• pp.1-20
• /
• 2017

The industrial technology (including trade secrets), which is commonly understood as systematic and applied technical knowledge, can be transferred to third parties by contracting for the transfer of technology or by granting of a licence. The activity of industrial espionage, due to the gradual increase of the economic interests of intellectual property, is displaying intensively in order to gain advanced technology information. With our outstanding high technology, but compared to the level of the advanced countries, the technical protection systems, the legal protection measures and the systematic management thereof may still be insufficient. Our industrial technology outflow abroad, due to the vulnerability to the security control system in our country, has been increasing since the 2000. Computer software and SNS, such as smart devices, appear as a rapid change in the technical information environment. In order to minimize the dead zone of a new industrial security, the country's organic activity is being conducted. In 2006, Industrial Technology Outflow Prevention and Protection Law was enacted, which emphasized the responsibilities of the country. In this paper for the economic entity's efforts to prevent technology leakage oversea, I have looked to how the industrial technology can be protected in terms of national security and economic benefits of our enterprises. To solve the above-mentioned problems hereof, Korean government should willingly establish a reliable legal system for supporting to enterprise's operations, and Korean companies should autonomously introduce a synthetic technology protection system and incorporate the confidentiality clauses in an international transfer of technology agreement with third parties.

• Journal of Convergence for Information Technology
• /
• v.10 no.5
• /
• pp.16-22
• /
• 2020

In this paper, the technology and capabilities required for the job of developing security software recommended by the Cybersecurity Human Resources Development Framework of the National Initiative for Cybersecurity Education (NICE) were studied. In this paper, we describe what security skills are needed for the task of developing security software and what security capabilities should be held. The focus of this paper is to analyze the consistency between security technologies (core and specialized technologies) required for security software development tasks and the curriculum of information protection-related departments located in Seoul, Korea. The reason for this analysis is to see how the curriculum at five universities in Seoul is suitable for performing security software development tasks. In conclusion, if the five relevant departments studied are to intensively train developers of development tasks for security software, they are commonly required to train security testing and software debugging, how secure software is developed, risk management, privacy and information assurance.

• Convergence Security Journal
• /
• v.17 no.2
• /
• pp.3-13
• /
• 2017

In the knowledge-information society, many domestic companies put lots of investment in technical development to possess core technologies and intellectual property. However, in the results of passive investment in security to protect their technologies compared to the active investment in technical development, the technology leaks from many companies and research institutes are rapidly increasing. Such increase of technology leaks not only causes damage to companies, but also has harmful effects on national economy directly and indirectly. Even though it has been perceived that a lot of industrial technology leak crimes are committed by former/current workers of small and medium-sized businesses, it is hard to find researches that mainly compare and analyze them. Therefore, this study aimed to understand the actual status of industrial technology leaks by analyzing cases of industrial technology leaks from 2014 to 2016 based on the type of victimized companies, corporate internal leakers' positions, matter of complicity, tools used for technology leaks, and motivation for technology leaks. Through the analysis in each type, the patterns and characteristics of industrial technology leaks were researched, and also the exploratory research on industrial security for the prevention of industrial technology leaks was conducted.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.89-97
• /
• 2020

Recently, security issues on industrial technology are undergoing rapid changes around the world. Developed countries are establishing response strategies to protect their own core technologies while creating conflicts with global value chains and foreign capital movement. Also in Korea, we are approaching industrial security issues in the mid- to long-term industrial competitiveness. The purpose of this study is to survey on the awareness of the industrial security ecosystem and derive key policy issues. Based on a three round survey, four policies were suggested as followings : systemization of industrial security control tower, enhancement of security company's technical skills and training of security specialists, improvement of technology leakage prevention system through retirement personnel and M&A, reinforcement of research security in R&D process and proactive technology protection. It is hoped that this study will serve as a basis for policy-making as an evidence-based study reflecting the policy demands of industrial security.

• Journal of Digital Convergence
• /
• v.12 no.8
• /
• pp.351-359
• /
• 2014

The log data generated by security equipment have been synthetically analyzed on the ESM(Enterprise Security Management) base so far, but due to its limitations of the capacity and processing performance, it is not suited for big data processing. Therefore the another way of technology on the big data platform is necessary. Big Data platform can achieve a large amount of data collection, storage, processing, retrieval, analysis, and visualization by using Hadoop Ecosystem. Currently ESM technology has developed in the way of SIEM (Security Information & Event Management) technology, and to implement security technology in SIEM way, Big Data platform technology is essential that can handle large log data which occurs in the current security devices. In this paper, we have a big data platform Hadoop Ecosystem technology for analyzing the security log for sure how to implement the system model is studied.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.139-145
• /
• 2016

Recently, The attack on the USB and network are increasing in many domestic infrastructure. These attacks are the most independent of insider intention, caused by the Anthropogenic Manipulation. These attacks are Anthropogenic Response Measures for Physical Security. and Representative Technology has CCTV, Access Control System, Sensor Technology. However, Physical Security, it is represented by several Product family according to the Market, has become an obstacle but rather a variety of Physical Security Technology Development and Application. As the Anthropogenic Attacks have occur continually in the network, it need to the proper Physical Response Techniques in this situation. Therefore, In this paper, we will find out about the awareness and demand trends of Physical Security. And The Physical Vulnerable Factors of Network. Thereby this is expected to be utilized as a basis for the domestic Physical Security Technology development and deployment Road-map in a future.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.7 no.2
• /
• pp.175-188
• /
• 2017

Radio-frequency identification (RFID) is being used in various fields as a technology for identifying objects (people, things etc.) using radio frequencies. In the past, there was an attempt to apply RFID into national defense, but failed to spread RFID in the defense field because of some limitations of RFID in a specific situation (e.g., low recognition rate). Therefore, in this paper, we propose how to overcome the limitation of RFID by adopting the Internet of Things (IoT) technology which is considered as an important technology of the future. Furthermore, we propose four scenarios (i.e., healcare band and RFID, identification and anormal state detection, access control, and confidential document management) that can be used for enhancing national defense security. In addition, we analyze the basic characteristics and security requirements of RFID and IoT in order to effectively apply each technology and improve security level.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.12
• /
• pp.265-270
• /
• 2019

In order to protect the advancement of defense technology that has a tremendous e?ect on both the national security and the economy, the Republic of Korea established the Defense Technology Security Act in 2015. As the new enactment brought changes to the landscape of the defense industry and defense industrial security, a new examination of the concept of the defense industrial security has now become necessary. Even after taking into consideration the undisclosed nature of defense industrial security research, and the fact that only the limited number of firms participates in the subject matter, scientific studies related to the topic have not been active. However, with the new enactment of the Defense Technology Security Act, it is necessary to expand the scope of security and to redefine the concept of defense industrial security. In this paper, we analyzed the research works on related technology protection policies and our environment of the defense industry in order to conceptualize defense industrial security. The established concepts are expected to provide a systematic way to protect the confidential and defense technology.

• Convergence Security Journal
• /
• v.14 no.1
• /
• pp.71-76
• /
• 2014

In modern society, a social economic change is brought about, because time space limitation regarded to be restrictive in times past was overcome owing to its rapid development on the basis of IT technology. The creation of new knowledge became the basis of competitiveness of nations and companies. As competition intensifies among nations and countries in relation to the development of core technology, companies make investment with placing much weight on the development of new technology, but on the other hand, technology leakage incident continuously occurs due to a lack of understanding to protect technology. This is the largest cause of impeding the competitiveness of nations and companies. And now, it is urgent to take security measures against this. Therefore, this paper analyzes institution and system weakness in the physical security area in the integrated security environment, and then identifies all problems about this, and proposes a plan for solving these.