• Journal of Internet Computing and Services
• /
• v.25 no.1
• /
• pp.177-188
• /
• 2024

As technology evolves, Internet usage continues to grow, resulting in a geometric increase in network traffic and communication volumes. The network path selection process, which is one of the core elements of the Internet, is becoming more complex and advanced as a result, and it is important to effectively manage and analyze it, and there is a need for a representation and visualization method that can be intuitively understood. To this end, this study designs a framework that analyzes network data using BGP, a network path selection method, and applies it to the cyber common operating picture for situational awareness. After that, we analyze the visualization elements required to visualize the information and conduct an experiment to implement a simple visualization. Based on the data collected and preprocessed in the experiment, the visualization screens implemented help commanders or security personnel to effectively understand the network situation and take command and control.

• Convergence Security Journal
• /
• v.18 no.1
• /
• pp.117-128
• /
• 2018

The purpose of this paper is to analyze the behavior of North Korea's cyber attack against South Korea since 2009 based on major international security theories and suggest South Korea's policy option. For this purpose, this paper applied the behavioral domain and characteristics of 'cyber power' and 'coercion dynamics' model, which are attracting attention in international security studies. The types of cyber attacks from North Korea are classified into the following categories: power-based incarceration, leadership attacks and intrusions, military operations interference, and social anxiety and confusion. In terms of types and means of cyber power, North Korean GPS disturbance, the Ministry of Defense server hacking and EMP are hard power with high retaliation and threat and cyber money cashing and ransomware are analyzed by force in the act of persuasion and incentive in the point of robbing or asking for a large amount of money with software pawns. North Korea 's cyber attack has the character of escape from realistic sanctions based on the second nuclear test. It is important for South Korea to clearly recognize that the aggressive cyberpower of North Korea is changing in its methods and capabilities, and to ensure that North Korea's actions result in far greater losses than can be achieved. To do this, it is necessary to strengthen the cyber security and competence to simultaneously attack and defend through institutional supplement and new establishment such as cyber psychological warfare, EMP attack preparation, and enhancement of security expertise against hacking.

• Maritime Security
• /
• v.3 no.1
• /
• pp.45-72
• /
• 2021

North Korea's cyber capabilities represent a relatively new threat to global financial institutions and foreign governments, particularly the U.S and South Korean governments. Based primarily on publicly available sources, such as journalistic accounts and scholarly publications, this qualitative paper analyzes the ways in which North Korean leader Kim Jong Un has bolstered his country's asymmetric power and advanced his line of byungjin (dual development in the economy and military). Particularly by merging the cyber and maritime domains, North Korean operatives generate more revenue for the regime and helps keep the heavily sanctioned leadership in power. Despite the increased international attention to North Korean hackers, few analysts have examined the important role of cyber in the DPRK's internal political culture, specifically in advancing Kim Jong Un's byungjin line. Cyber fits into the DPRK's longstanding tradition of irregular warfare and guerilla-based armed struggle. Cyber also further advances Kim's personal reputation in the DPRK as an economic innovator and military strategist. This paper pays particular attention to the role of the DPRK's cyber operations in both ideological and maritime contexts. Recently, North Korean hackers have targeted South Korean shipbuilding industries and developed a blockchain scam, known as Marine Chain. North Korean cyber agents have increasingly paid attention to the nexus of cyber and maritime domains in their activities.

• The Journal of the Convergence on Culture Technology
• /
• v.10 no.5
• /
• pp.195-200
• /
• 2024

The purpose of this study is to propose optimized cognitive warfare strategies for the Korean Peninsula by analyzing recent war case studies. Through the analysis of the Armenia-Azerbaijan war, the Israel-Palestine conflict, the Ukraine-Russia war, and the Israel-Hamas conflict, it was found that the following aspects are crucial in conducting cognitive warfare: 1) applying methods according to objectives, 2) organizing and structuring appropriately to the objectives and means, and 3) utilizing various means from both civilian and military sectors. Based on these findings, cognitive warfare strategies optimized for the operational environment of the Korean Peninsula were suggested in terms of the three elements of military innovation. From the aspect of methodology, it is recommended to develop cognitive warfare scenarios based on legitimacy and legality, and to integrate roles according to the level of warfare. Regarding organization and structuring, the establishment of a national-level control tower and the construction of an integrated response system involving civilians, government, military, and police based on legislation are proposed. In terms of means, it is suggested to utilize various tools from the civilian, government, military, and police sectors, such as North Korean defectors, psychological warfare broadcasts against North Korea, social media, and cyber operations, for auditory, visual, and message delivery. In future battlefields characterized by hyper-connectivity and hyper-intelligence, the execution of cognitive warfare will become increasingly important. Therefore, it is necessary to continuously develop optimized cognitive warfare strategies for the Korean Peninsula through comprehensive national efforts.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.5-16
• /
• 2019

Modern state-of-the-art military aviation assets are operated with independent embedded real-time operating systems(RTOS). These embedded systems are made with a high level of information assurance. However, once the systems are introduced and installed on individual platforms for sustaining operational employment, the systems are not actively managed and as a result the platforms become exposed to serious threats. In this paper, we analyzed vulnerability factors in the processing of mission planning data and maintenance-related data for fighter aircraft. We defined the method and form of cyber attacks that modulate air data using these vulnerabilities. We then proposed a detection module for integrity detection. The designed module can preemptively respond to potential cyber threats targeting high - value aviation assets by checking and preemptively responding to malware infection during flight data processing of fighter aircraft.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.6
• /
• pp.802-808
• /
• 2020

The IoT(Internet of Things) is based on the development of sensor technology and high-speed communication infrastructure, and the number of IoT connected to the network is increasing more than the number of people, and the increase is also very fast. In the field of defense, IoT is being deployed in various fields such as operations, military, base defense, and informatization, and the need is also increasing. Unlike the existing PC/server information protection system, cyber threats are also increasing as IoT sensors, which are vulnerable to information protection, are increasing in the network, so it is necessary to study the platform to protect the defense information and communication network. we investigated the case of connecting wired and wireless IoT to the defense network, and presented an efficient interlocking design method of the IoT integrated independent network with enhanced security by minimizing the contact point with the defense network.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.131-139
• /
• 2023

In recent years, there have been frequent incidents of invasion of national defense networks by insiders. This trend can be said to disprove that the physical network separation policy currently applied by the Korea Ministry of National Defense can no longer guarantee military cyber security. Therefore, stronger cybersecurity measures are needed. In this regard, Zero Trust with a philosophy of never trusting and always verifying is emerging as a new alternative security paradigm. This paper analyzes the zero trust establishment trends currently being pursued by the US Department of Defense, and based on the implications derived from this, proposes a zero trust establishment plan tailored to the Korean military. The zero trust establishment plan tailored to the Korean military proposed in this paper includes a zero trust establishment strategy, a plan to organize a dedicated organization and secure budget, and a plan to secure zero trust establishment technology. Compared to cyber security based on the existing physical network separation policy, it has several advantages in terms of cyber security.

• Journal of the Korean Society of Systems Engineering
• /
• v.19 no.1
• /
• pp.39-43
• /
• 2023

In ground weapon systems, the design and analysis technology for water operation stability is a relatively unknown area compared to maritime weapon systems. Through this study, it was confirmed that our weapon system satisfies the criteria for stability on the water when considering the operational concept and operational performance. However, there is a limitation of the study that it did not perform verification tests on the actual system. Therefore, in the future research and weapon system acquisition process, a procedure to prove the stability through freeboard analysis using the actual system is required.

• Journal of Internet Computing and Services
• /
• v.22 no.1
• /
• pp.41-50
• /
• 2021

Cyber Kill Chain is derived from Kill chain of traditional military terms. Kill chain means "a continuous and cyclical process from detection to destruction of military targets requiring destruction, or dividing it into several distinct actions." The kill chain has evolved the existing operational procedures to effectively deal with time-limited emergency targets that require immediate response due to changes in location and increased risk, such as nuclear weapons and missiles. It began with the military concept of incapacitating the attacker's intended purpose by preventing it from functioning at any one stage of the process of reaching it. Thus the basic concept of the cyber kill chain is that the attack performed by a cyber attacker consists of each stage, and the cyber attacker can achieve the attack goal only when each stage is successfully performed, and from a defense point of view, each stage is detailed. It is believed that if a response procedure is prepared and responded, the chain of attacks is broken, and the attack of the attacker can be neutralized or delayed. Also, from the point of view of an attack, if a specific response procedure is prepared at each stage, the chain of attacks can be successful and the target of the attack can be neutralized. The cyber command and control system is a system that is applied to both defense and attack, and should present defensive countermeasures and offensive countermeasures to neutralize the enemy's kill chain during defense, and each step-by-step procedure to neutralize the enemy when attacking. Therefore, thist paper proposed a cyber kill chain model from the perspective of defense and attack of the cyber command and control system, and also researched and presented the threat classification/analysis/prediction framework of the cyber command and control system from the defense aspect

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.153-161
• /
• 2017

The gain a decision by a prediction supposition future combat. Take a future combat by the method fighting of U.S. Army in the Irak war. A make combat progress is from real time information to precision bombing for a guided weapon by GPS, a intelligence satellite, a pilotless scout plane, real time simultaneous and unification combat power are the kernel element of gain a decision fighting power by network in the ground, sky, marine, universe, cyberspace. The NCW is in a sense network center war organic be connected by networking a factor of operation. Any where networking information collection, command and decision, blow system. The Study on the improvement plan for Military combat power by base of NCW abainst the future War. Construct an integrate intelligence network apply to future combat.