• Journal of Advanced Navigation Technology
• /
• v.27 no.1
• /
• pp.16-22
• /
• 2023

Terrorists have been attacking in the vulnerable points of aviation sector with the diverse methods of attacks. Recently, Vulnerability is increasing because the Modus Operandi of Terrorism is carried out by exploitation of people in the form of employee working in aviation sector whose role provides them with privileged access to secured locations, secured items or security sensitive information. Furthermore, cases of insider threat are rising across the world with the phenomenon of personal radicalization through internet and social network service. The government of ROK must respond to insider threat could exploit to acts of unlawful interference and the security regulations should be established to prevent from insider threat in advance refer to the acts of unlawful interference carried out in foreign countries and the recommendations by USA, UK and ICAO.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.41-52
• /
• 2024

Security audits of IPsec VPNs are crucial for identifying vulnerabilities caused by implementation flaws or misconfigurations, as well as investigating incidents. Nevertheless, auditing IPsec VPN presents noteworthy challenge due to the encryptiong of network contents which ensere confidentiality, integrity, authentications and more. Some researchers have suggested using man-in-the-middle(MITM) techniques to overcome this challenge. MITM techniques require direct participation in the network and prior knowledge of the pre-shared key for authentication. This causes temporary network disconnection for security audits, and it is impossible to analyse data collected before the audit. In this paper, we present an analysis technique aimed at ensuring network continuity without relying on a specific IPsec VPN topologies or authentication method. Therefore, it is anticipated that this approach will be effective, practical and adaptable for conducting IPsec VPN security

• The Journal of the Convergence on Culture Technology
• /
• v.10 no.3
• /
• pp.31-35
• /
• 2024

On October 7, 2023, Hamas launched a large-scale surprise attack against Israel and war broke out. On this day, in addition to supplying rockets, they directly invaded Israeli territory in multiple areas using parariders and motorcycles. Considering the security situation on the Korean Peninsula, it is meaningful to consider why Israel allowed Hamas to attack and why it failed to deter the war in advance. Deterrence can only be successful if it is supported by capability, will, communication, and credibility. Although the capability and will were sufficient, and the communication through punitive deterrence had been sufficiently communicated, the failure to deter this war was problematic in terms of credibility. In order to increase deterrence against North Korea's threat, we need to improve customized extended deterrence, convey the will of both Korea and the United States to deter, and increase credibility in deterrence capabilities and execution ability.

• Korean Security Journal
• /
• no.30
• /
• pp.61-83
• /
• 2012

Al-Qaeda follower who planned to attacks the Pentagon and the Assembly by unmanned aircraft equipped with explosives was caught in the dictionary in September 2011. In addition, high-performance unmanned aerial vehicles in the United States 'sentinel' of the technology being leaked to Iran in late 2011 was an accident. Terrorist attacks on the forces used unmanned aircraft will be the day the not too distant. The purpose of this research is to provide response plans against acts of terrorism utilizing unmanned aircrafts to prevent large losses of lives such as the terrorist attacks of September 11. Discussing in detail, this research suggests revising and newly implementing the definition and categorization of unmanned aircrafts as well as relevant punishment in current aeronautics regulations as an initial response against acts of terrorism utilizing unmanned aircrafts. This is in order to newly implement and revise current relevant regulations that inadequately address the rapidly developing and changing unmanned aircrafts which will lead to increased sense of alarm for the potential terrorists, and also to introduce a systematic tool to punish those who commit such acts by clearly establishing the grounds for punishment. Also, under the binary operating system over airspace currently implemented globally, it is impossible to identify and control the infiltration of airspace by unmanned aircrafts. Recognizing such limitations, this research suggests a combined operation of airspace for unmanned and manned aircrafts as a second way of response for acts of terrorism utilizing unmanned aircrafts. A systematic integrated operation of airspace will appropriately control unmanned/ manned aircrafts that were not previously reported or otherwise have deviated from navigation routes, and will be able to prevent terrorism attempts utilizing aircrafts beforehand.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.2
• /
• pp.842-848
• /
• 2012

In this paper, as a proper authentication method, we made it authenticate a user who has unauthorized device with using authorized device received from telecommunication company using QR code. We designed a better performance protocol which can authenticate mutually using safer and uncomplicated operations than existing user authentication system. Proposed user authentication system authenticates previously authorized mobile device without any information of client who is requesting to get access from outside, so we can basically prevent attack from hackers. In the future, we can possibly use it as user authentication method in common internet environment or we could study on user unique information instead of mobile device information.

• Journal of Korea Multimedia Society
• /
• v.8 no.4
• /
• pp.525-535
• /
• 2005

A password-based authenticated tripartite key exchange protocol based on A. Joux's protocol was proposed. By using encryption scheme with shared password, we can resolve man-in-the-middle attack and lack of authentication problems. We also suggested a scheme to avoid the offline dictionary attack to which symmetric encryption schemes are vulnerable. The proposed protocol does not require a trusted party which is required in certificate or identity based authentication schemes. Therefore in a ad hoc network which is difficult to install network infrastructure, the proposed protocol would be very useful. The proposed protocol is more efficient in computation aspect than any existing password-based authenticated tripartite key exchange protocols. When it is used as a base line protocol of tree based group key exchange protocol, the computational weak points of the proposed protocol are compensated.

• Journal of Digital Convergence
• /
• v.15 no.9
• /
• pp.241-248
• /
• 2017

There are various problems in the process of developing the game. Especially, there is a lot of problems in testing the balance of the value of each object. This causes problems such as an increase in development cost and a delay in development time. Therefore, if there is a tool or simulator that can test the mutual value balance of each object in advance, this problem can be solved. However, currently there are few simulators, tools, and platforms that can analyze and evaluate the mutual value balance between these objects. In this paper, I designed a platform to evaluate and test the mutual value balance between these objects based on mock battle. The designed platform tests and evaluates the abilities of each object according to their attack and defense strengths. So, this reduces development costs and shortens development time.

• The KIPS Transactions:PartC
• /
• v.16C no.2
• /
• pp.183-188
• /
• 2009

Wireless sensor networks will be broadly deployed in the real world and widely utilized for various applications. A prerequisite for secure communication among the sensor nodes is that the nodes should share a session key to bootstrap their trust relationship. The open problems are how to verify the identity of communicating nodes and how to minimize any information about the keys disclosed to the other side during key agreement. At any rate, any one of the existing schemes cannot perfectly solve these problems due to some drawbacks. Accordingly, we propose a new pre-distribution scheme with the following merits. First, it supports authentication services. Second, each node can only find some indices of key spaces that are shared with the other side, without revealing unshared key information. Lastly, it substantially improves resilience of network against node capture. Performance and security analyses have proven that our scheme is suitable for sensor networks in terms of performance and security aspects.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.2
• /
• pp.285-294
• /
• 2014

As the utilization rate of smart device increases, various applications for smart device have been developed. Since these applications can contain important data related to user behaviors in digital forensic perspective, the analysis of them should be conducted in advance. However, lots of applications get to have new data format or type when they are updated. Therefore, whether the applications are updated or not should be checked one by one, and if they are, whether their data are changed should be also analyzed. But observing application data repeatedly is a time-consuming task, and that is why the effective method for dealing with this problem is needed. This paper suggests the automatic system which gets updated information and checks changed data by collecting application information.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.47 no.4
• /
• pp.63-72
• /
• 2010

This paper proposes a new authentication protocol for the LR-WPAN. In order to guarantee the reliability and safety of a protocol, this protocol uses the hierarchical authentication approach. In addition, in order to reduce the impact of the denial of service attack, the proposed protocol performs the authentication between a parent router and a joiner device prior to the authentication between a trust center and the joiner device. Moreover, this protocol reduces the authentication delay by decreasing the number of message exchanges during authentication procedure. This paper evaluates the safety of the proposed protocol by the security analysis and reliability of the proposed protocol by the GNY analysis. This paper also compares the number of message exchanges of the ZigBee authentication protocol and the proposed protocol when denial of service attack occurs to evaluate the resistance of the proposed protocol against the denial of service attack. We also analyze the delay for authentication of the joiner device through the implementation of both protocols. Those results show that the proposed protocol effectively protects networks from the denial of service attack and reduces the time for authenticating the joiner device up to maximum 30% as the number of hops increases.