• Convergence Security Journal
• /
• v.21 no.4
• /
• pp.77-85
• /
• 2021

Cyber protection is an activity that protects the information systems we operate from cyber attacks and threats. To know the level of protection of the currently operating cyber protection system, it is necessary to update the current state of attack technology by reflecting the constantly evolving cyber threats and to analyze whether it is possible to respond with the protection function. Therefore, in this paper, we analyze the relationship between the attack procedures and defense types of the cyber kill chain with the defense technology(Mitigation ID) of MITRE and present the cyber protection level for each military unit type with a focus on defensive cyber activities. In the future, it is expected that the level of cyber protection will be improved through real-time analysis of the response capabilities of cyber protection systems operating in the defense sector to visualize the level of protection for each unit, investigate unknown cyber threats, and actively complement vulnerabilities.

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.11-16
• /
• 2022

Development of science technology make integrated CPS(Cyber-Physical System) appear. In CPS era, cyberspace and physical-space are hard to separate anymore, that is developing toward integrated CPS. The reality is not stopping, that is consistently changing and the concept of space is developing too. But several articles are considering for cyberspace and physical-space separately, and they are developing tailed alternative each case. The theorical approaching that is not considering reality is dwelled on past, and is dangerous from dropping down to floating cloud that is not considering progressed reality. This article is suggested to consider rimland theory to control measures in cyberspace. That is dedicated to integrated approaching from physical-space to cyberspace. And that is developing concreted controling measures in cyberspace. Especially, this article is suggested to policy alternative by analyzing north korea cyber warfare from rimland theory including human sources. Simplicity is the ultimate sophistication. This article make integrated approaching effects about cyberspace and physical-space to preparing in the CPS era.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.35-45
• /
• 2020

Cyber attacks on the aviation weapon system, a state-of-the-art asset, have become a reality and are approaching as a constant threat. However, due to the characteristics of embedded software of the current aviation weapon system, it is managed and operated without connection to the network in peacetime, so the response management to cyber attacks is relatively weak. Therefore, when a cyber attack becomes a reality, it is urgent to prepare and evaluate measures for the adverse effects that such attack will have on the execution of the Air Tasking Order(ATO). In this paper, we propose a framework for operational impact assessment in order to avoid confusion in ATO execution and systematic response to cyber attacks on aviation weapons systems. The proposed framework is designed to minimize the negative impact on operations against cyber attacks that may occur under no warning by analyzing the impact on air operations for each aviation weapon system and standardizing countermeasures for this. In addition, it supports the operational commander to make a quick decision to command for the execution of the operation even in a situation where a cyber attack occurs.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.6
• /
• pp.802-808
• /
• 2020

The IoT(Internet of Things) is based on the development of sensor technology and high-speed communication infrastructure, and the number of IoT connected to the network is increasing more than the number of people, and the increase is also very fast. In the field of defense, IoT is being deployed in various fields such as operations, military, base defense, and informatization, and the need is also increasing. Unlike the existing PC/server information protection system, cyber threats are also increasing as IoT sensors, which are vulnerable to information protection, are increasing in the network, so it is necessary to study the platform to protect the defense information and communication network. we investigated the case of connecting wired and wireless IoT to the defense network, and presented an efficient interlocking design method of the IoT integrated independent network with enhanced security by minimizing the contact point with the defense network.

• Annual Conference of KIPS
• /
• 2017.11a
• /
• pp.178-181
• /
• 2017

정보통신 기술의 발전으로 개인뿐만 아니라 경제, 행정, 국방 등 사회 전반에서 사이버 공간의 중요성이 대두되고 있다. 특히 국방부에서는 사이버 관련 공격들에 관한 피해를 평가하는 연구가 활발히 진행되고 있다. 본 논문에서는 사이버 전투 피해평가 프레임워크를 제안한다. 사이버 전투 피해평가 프레임워크는 아군이 사이버 공격에 의해 피해를 입은 뒤 지휘 통제실에게 아군의 피해를 알리고 장비의 손상도는 얼마인지 작전에 이상을 미치는 영향은 얼마인지 계산하여 제공한다. 본 프레임워크를 사용하면 현 상황을 아군의 사령부가 파악할 수 있게 되어 지휘 결심을 하는데 도움을 주어서 작전을 성공 시킬 수 있게 도와준다.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.4
• /
• pp.119-126
• /
• 2022

In this paper, we present important factors and methodologies that we have to follow for secure and efficient package management systems in a closed network. By analyzing previous works, we present several security considerations for the existing package management systems. Based on the consideration, we propose guidelines regarding the use of package management systems in the closed network. More specifically, we propose the development of new package management tools, utilization of physical storage media, utilization of local backup repositories, package updates, and downgrade batches for secure and efficient package management.

• Review of KIISC
• /
• v.12 no.6
• /
• pp.58-67
• /
• 2002

정보화가 진전되면서 국방ㆍ통신금융ㆍ전력 등 주요사회기반체계의 정보시스템에 대한 의존도가 심화되고 있고 이에 따라 해킹, 컴퓨터바이러스 등의 사이버테러가 국가 안보를 위협하는 새로운 위협요소로 대두되고 있다. 사이버테러가 대규모, 지능화, 첨단화의 양상으로 발전됨에 따라 정보전에 대한 대비책이 무엇보다 시급한 실정이다. 이러한 시대적 요구에 부응하기 위해서는 국가 차원에서의 국방 정보보호기술 체계를 구축하여야 하며 이를 위해 본 논문에서는 현재의 정보보호기술 동향과 앞으로의 발전 전망을 분석하여 향후 발전계획을 수립하는데 필요한 기초 자료를 제시하고자 한다.

• Defense and Technology
• /
• no.11 s.273
• /
• pp.36-47
• /
• 2001

사이버 전 공격 기술 및 무기는 재래식 물리적 공격 기술 및 무기와 미래 사이버 전쟁의 소프트웨어적 공격기술/무기로 구성되어 있으며, 미래 사이버 전에서는 물리적 공격 기술 및 무기보다 소프트웨어적 공격기술이 수십 배로 경제적이고 효과적인 공격 기술 및 무기인 것으로 부각되고 있다. 미래 사이버 전쟁에서 가장 핵심 공격 기술 및 무기는 해커이고 해커의 조기양성 및 획득은 필수적인 사이버 전력 확보 방안이므로 사이버 전을 수행할 수 있는 전투부대의 지식을 제공하는 사이버 전쟁 연구소와 전투부대를 창설하는 것은 피할 수 없는 시대적인 요청에 의하여 절대적으로 필요한 조직일 것으로 판단된다.

• Journal of Internet Computing and Services
• /
• v.25 no.1
• /
• pp.123-136
• /
• 2024

The U.S. Department of Defense, leading global cybersecurity policies, has two main cybersecurity frameworks: the Cybersecurity Maturity Model Certification (CMMC) for external defense industry certification, and the Risk Management Framework (RMF) for internal organizational security assessments. For Republic of Korea military, starting from 2026, the Korean version of RMF (K-RMF) will be fully implemented. Domestic defense industry companies participating in projects commissioned by the U.S. Department of Defense must obtain CMMC certification by October 2025. In this paper, a new standard compliance meta-model (R3C) development methodology that can simultaneously support CMMC and RMF security audit readiness tasks is introduced, along with the implementation results of a compliance solution based on the R3C meta-model. This research is based on practical experience with the U.S. Department of Defense's cybersecurity regulations gained during the joint project by the South Korean and U.S. defense ministries' joint chiefs of staff since 2022. The developed compliance solution functions are being utilized in joint South Korean-U.S. military exercises. The compliance solution developed through this research is expected to be available for sale in the private sector and is anticipated to be highly valuable for domestic defense industry companies that need immediate CMMC certification.

• Convergence Security Journal
• /
• v.8 no.1
• /
• pp.109-115
• /
• 2008

As a new facet of international security realm in 21C, Information Warfare(IW) has rised new way of warfare and demostrated its efficiency in battelfield. With the rapid development of information technology, indeed, it is difficult to estimate the future of IW. While there are a lot of discussion on the clear concep of IW, it is clear that IW has the factor of psychological warfare, so-called cyber psychological warfare. Considering the security environment of Republic of Korea(ROK), the cyber psychological warfare has the significant importance for national security. While it has to deal with the cyber psychological warfare of North Korea, it also try to cope with the various threaten of international conflicts to protect Korean people and national interest.