• Journal of Information Processing Systems
• /
• v.20 no.1
• /
• pp.38-52
• /
• 2024

The 5G is the 5th generation mobile network that provides enhanced mobile broadband, ultra-reliable & low latency communications, and massive machine-type communications. New services can be provided through multi-access edge computing, network function virtualization, and network slicing, which are key technologies in 5G mobile communication. However, these new technologies provide new attack paths and threats. In this paper, we analyzed the overall threats of 5G mobile communication through a literature review. First, defines 5G mobile communication, analyzes its features and technology architecture, and summarizes possible security issues. Addition, it presents security threats from the perspective of user devices, radio access network, multi-access edge computing, and core networks that constitute 5G mobile communication. After that, security requirements for threat factors were derived through literature analysis. The purpose of this study is to conduct a fundamental analysis to examine and assess the overall threat factors associated with 5G mobile communication. Through this, it will be possible to protect the information and assets of individuals and organizations that use 5G mobile communication technology, respond to various threat situations, and increase the overall level of 5G security.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.14 no.4
• /
• pp.219-228
• /
• 2018

The utilization of NFC has been continuously increasing due to the spread of smart phones and the development of short-range wireless communication networks. However, it has been suggested that stability and security of convenient NFC short-range wireless communications can be unstable and problematic. The unstable causes for NFC are the lack of security technologies for NFC, the controversy about personal information infringement, and the lack of social awareness on security breach against data settlement. NFC service can be conveniently used by simply touching other NFC devices and NFC tags through the NFC device. This thesis analyzes that NFC authentication technology, which is convenient for user are one of the unstable causes of security of NFC. This thesis suggest that ministry should research countermeasures and promote how users can use NFC safely. It also suggests that users should have awareness when they use payment and authentication service through NFC to prevent from security threat.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.4
• /
• pp.15-31
• /
• 2001

In this paper we classify security threat elements of satellite communication into four parts; Level-0(satellite propagation signal), Level-1(satellite control data), Level-2(satellite application data) and ground network security level according to the personality and data of the satellite communication network. And we analyze each security levels. Using analyzed security threat elements, we divide security requirements into signal security level and information security level separately. And then above the existent signal security level countermeasure, we establish the countermeasure on the basis of information security policy such as satellite network security policy, satellite system security policy and satellite data security policy in information security level. In this paper we propose secure satellite communication network through the countermeasure based on information security policy.

• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.67-73
• /
• 2006

The method which research a standardization from real time cyber threat is finding the suspicious indication above the attack against cyber space include internet worm, virus and hacking using analysis the event of each security system through correlation with the critical point, and draft a general standardization plan through statistical analysis of this evaluation result. It means that becomes the basis which constructs the effective cyber attack response system. Especially at the time of security accident occurrence, It overcomes the problem of existing security system through a definition of the event of security system and traffic volume and a concretize of database input method, and propose the standardization plan which is the cornerstone real time response and early warning system. a general standardization plan of this paper summarizes that put out of threat index, threat rating through adding this index and the package of early warning process, output a basis of cyber threat index calculation.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.260-280
• /
• 2020

Cyber-attacks emerge in a more intelligent way, and various security technologies are applied to respond to such attacks. Still, more and more people agree that individual response to each intelligent infringement attack has a fundamental limit. Accordingly, the cyber threat intelligence analysis technology is drawing attention in analyzing the attacker group, interpreting the attack trend, and obtaining decision making information by collecting a large quantity of cyber-attack information and performing relation analysis. In this study, we proposed relation analysis factors and developed a system for establishing cyber threat intelligence, based on malicious code as a key means of cyber-attacks. As a result of collecting more than 36 million kinds of infringement information and conducting relation analysis, various implications that cannot be obtained by simple searches were derived. We expect actionable intelligence to be established in the true sense of the word if relation analysis logic is developed later.

• The Transactions of the Korean Institute of Electrical Engineers P
• /
• v.66 no.2
• /
• pp.76-81
• /
• 2017

In this paper, the risk analysis of smart home services was implemented by applying threat modeling. Identified possible threats for safe deployment of smart home services and identified threats through the STRIDE model. Through the creation of the Attack Tree, the attackable risk was analyzed and the risk was measured by applying the DREAD model. The derived results can be used to protect assets and mitigate risk by preventing security vulnerabilities from compromising and identifying threats from adversely affecting services. In addition, the modeled result of the derived threat can be utilized as a basis for performing the security check of the smart home service.

• The KIPS Transactions:PartD
• /
• v.13D no.1 s.104
• /
• pp.67-74
• /
• 2006

The security requirements identification in the software development has received some attention recently. However, previous methods do not provide clear method and process of security requirements identification. We propose a process that software developers can build application specific security requirements from state transition diagrams at the security threat location. The proposed process consists of building model and identifying application specific security requirements. The state transition diagram is constructed through subprocesses i) the identification of security threat locations using security failure data based on the point that attackers exploit software vulnerabilities and attack system assets, ii) the construction of a state transition diagram which is usable to protect, mitigate, and remove vulnerabilities of security threat locations. The identification Process of application specific security requirements consist of i) the analysis of the functional requirements of the software, which are decomposed into a DFD(Data Flow Diagram; the identification of the security threat location; and the appliance of the corresponding state transition diagram into the security threat locations, ii) the construction of the application specific state transition diagram, iii) the construction of security requirements based on the rule of the identification of security requirements. The proposed method is helpful to identify the security requirements easily at an early phase of software development.

• Korean Security Journal
• /
• no.7
• /
• pp.61-93
• /
• 2004

The terrorism threat against aviation industry is increasing after 9/11 incidents. As the way of preventing the future threat, this study is to review current status and make practical suggestions on Incheon International Airport security screening. The Library research method is utilized for this study. Chapter 1 is an introduction part and describes the general instruction. Chapter 2 describes the importance of aviation security and cases of aviation terrorism. Screening history is described in chapter 3 detailing operations and equipment. Status of IIAC(Incheon International Airport Corporation) security screening and prevention measures are described in chapter 4 and chapter 5 describes the final conclusion. In conclusion, if the introduction of state-of-the-art security equipment and modification of inadequate regulations come in first, whatever the threat exists, aviation terrorism can be prevented with the positive prevention efforts.

• The Journal of Information Systems
• /
• v.24 no.3
• /
• pp.1-19
• /
• 2015

Purpose This study discusses the contradictory behavior of smart-phone users who consider security is important, but they do not follow the security recommendations. We found through literature research that this contradictory behavior is resulted from a low level of efficacy. Design/methodology/approach Research hypotheses were set based on Extended Parallel Process Model, Control Theory, and Self Efficacy Mechanism. The data were collected from undergraduate students. Total of 178 data were used for the analysis. Findings Results of the analysis, first, showed that the relationship between threat and security attitude varies with the level of coping efficacy. Second, showed that the relationship between threat and fear does not vary with the level of coping efficacy. Both the groups with high coping efficacy and low coping efficacy had a statistically significant effect on the relationship between threat and fear.

• Maritime Security
• /
• v.7 no.1
• /
• pp.1-29
• /
• 2023

For the last 70 years, the U.S.-led bilateral security system, or "Hub-and-Spokes" system, has been applied to Northeast Asia, and the system has been successfully settled in terms of stability and economic achievements of the region. Given the increasing complexity of the security environment of East Asia, it is plausible to consider the possibility of a security system shift from bilateral alliances to collective security. In order to analyze the driver of collective security system, this study developed three factors of formation and development of collective security system - main threat, intensity of the threat, and confidence among countries in the system - by reviewing international political theories related to security cooperation. Comparing the formation, development, and achievements of NATO and SEATO, the study figures out that the existence of the main threat, the high intensity of the threat, and the strong confidence among countries in the security system are the primary drivers for a successful collective security system. Based on the result, the study also analyzed the possibility of a security system shift in East Asia. Considering contemporary international conflicts such as U.S.-China strategic competition, Russia-Ukraine War, and growing threats posed by North Korean nuclear and missiles, the study anticipates that the necessity of a collective security system that will replace the current security system of the region would arise. Still, although some issues between countries should be overcome, the growing intensity of the threats will promote cooperation among countries by improving their confidence.