• Korean Security Journal
• /
• no.53
• /
• pp.109-133
• /
• 2017

The purpose of this study is to provide a general trends in recent terrorism in North America and Europe over the last five years. In particular the terrorism which occurred after 2012 shows the transition in trends as terrorists attacks civilians and public places(soft target) rather than targeting national facilities or specific people. For instance, the Parris terror attack and Barcelona vehicle attack shows this changes clearly. The terrorists appeared to attack ordinary people in urban places with high population density. Although the trends are changing, there are still few studies focusing on the current situation, and most of the previous studies have focused on changing in strategies and counter-terrorism in each country after the 9.11 terror. Meanwhile, studies examining the trends of terrorism have been limited to analyzing few cases or using relatively monolithic data of Global Terrorism Data(GTD). While the types of terrorism that occur recent years including 'new terrorism' in many respects, it seems to be difficult to classify with GTD data and/or case studies. Therefore, it is necessary to construct new data that perhaps grasp the recent trend of terrorism from different perspectives. In this point of view, this Based on this, this study collects terrorism data from North America and Europe for the past five years, by using the National Intelligence Service's annual report on terrorism as a sampling framework and analyse the trends and changes. The result shows similarities in the methods of attack, and the type of weapon they used. As vehicle attacks has been raised in few years, damage area has been widen and casualties also have been increased.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.6
• /
• pp.1129-1135
• /
• 2016

The NH-NongHyup network and servers were paralyzed in 2011, in the 2013 3.20 cyber attack happened and classified documents of Korea Hydro & Nuclear Power Co. Ltd were leaked on december in 2015. All of them were conducted by a foreign country. These attacks were planned for a long time compared to the script kids attacks and the techniques used were very complex and sophisticated. However, no successful solution has been implemented to defend an APT attacks(Advanced Persistent Threat Attacks) thus far. We will use big data analytics to analyze whether or not APT attacks has occurred. This research is based on the data collected through ISAC monitoring among 3 hierarchical Korean Defense System. First, we will introduce related research about big data analytics and machine learning. Then, we design two big data analytics models to detect an APT attacks. Lastly, we will present an effective response method to address a detected APT attacks.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.317-320
• /
• 2016

The NH-NongHyup network and servers were paralyzed in 2011, in the 2013 3.20 cyber attack happened and Classified documents of Korea Hydro & Nuclear Power Co. Ltd were leaked on December in 2015. All of them were conducted by a foreign country. These attacks were planned for a long time compared to the script kids attacks and the techniques used were very complex and sophisticated. However, no successful solution has been implemented to defend an APT attack thus far. Therefore, we will use big data analytics to analyze whether or not APT attack has occurred in order to defend against the manipulative attackers. This research is based on the data collected through ISAC monitoring among 3 hierarchical Korean defense system. First, we will introduce related research about big data analytics and machine learning. Then, we design two big data analytics models to detect an APT attack and evaluate the models' accuracy and other results. Lastly, we will present an effective response method to address a detected APT attack.

• Review of KIISC
• /
• v.20 no.4
• /
• pp.21-27
• /
• 2010

인터넷 및 컴퓨터 시스템의 급격한 발전으로 인해 네트워크를 통한 서비스 제공이 금융, 교통, 산업, 방송, 의료 등 사회기반에 전반적으로 사용되고 있다. 이와 함께 네트워크의 취약점을 악용한 사이버 공격이 증가하고 있어 사회 전반적인 부분에 피해를 입힐 수 있는 중대한 위협요인으로 등장하고 있다. 이와 같은 사이버 공격이 테러리즘 등 특정 목적과 결부될 경우 국가 안전보장에 대한 위기를 초래하는 등 심각한 문제가 될 수 있다. 따라서 본 논문에서는 사이버테러의 개요 및 국내 외 사이버테러 동향에 대해 알아보고, 각 국가별 대응방안에 대해 알아본다.

• Journal of the Society of Disaster Information
• /
• v.17 no.4
• /
• pp.848-863
• /
• 2021

Purpose: On August 16, 2021, the Taliban established the Taliban regime after conquering capital Kabul of the Afghan by using the strong alliance of international terrorist organizations. The Taliban carried out terrorism targeting the Korean people, including the kidnapping of Kim Seon-il in 2004, the abduction of a member of the Saemmul Church in 2007, and the attack on Korean Provincial Reconstruction Team in 2009. Therefore, this research has shown the possibility of Taliban terrorism in Korea. Method: Based on the statistical data on terrorism that occurred in Afghanistan, Taliban's various terrorist activities such as tactics, strategies, and weapons are examined. Consequently, the target facilities and the type of terrorist attacks are analyzed. Result: The Taliban are targeting the Afghan government as their main target of attack, and IS and the Taliban differ in their selection of targets for terrorism. Conclusion: From the result of this research, we recommend Korea need to reinforce the counter terrorism system in soft targets. Because If the Taliban, which has seized control of Afghanistan, and IS, which has established a worldwide terrorism network, cooperate to threaten domestic multi-use facilities with bombing, the Republic of Korea may face a terrorist crisis with insufficient resources and counter-terrorism related countermeasures.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39A no.11
• /
• pp.660-674
• /
• 2014

RFID system has been used in a variety of services. So, a lot of attacks like a free ride on the service, leakage of property or personal information are known. Therefore, the solutions that address these attacks have been proposed. Among the attacks, mafia fraud, a kind of relay attack, can not be addressed by common authentication protocol. So, Hancke and Kuhn used distance bounding protocol for RFID authentication. After that, Munilla and Peinado modified HK protocol by adding void challenge. So the mafia fraud success probability of adversary is lower than probability of HK protocol. Ahn et al. proposed a protocol that reduces number of a hash computation and traffic than MP protocol. Here, we show that MP protocol can not defend the terrorist fraud and is vulnerable to noise. And we show that also AYBN protocol is vulnerable to mafia fraud and key leakage. Moreover, we propose a new protocol and our experimental results show that our protocol is secure to terrorist and mafia fraud.

• Korean Security Journal
• /
• no.20
• /
• pp.271-289
• /
• 2009

In e-terrorism, terrorists use cyber spaces including the internet in order to strike terror into the heart of a nation. It is revealed that recently happening terror cases use cyber spaces as a strategic tool. This research aims to investigate efficient countermeasures against various types of terror attacks made by terrorists and their cyber networking, in order to contribute to the prevention of terrors from a modern standpoint. Based on the results of the investigation, relevant problems are suggested such that terrors are not cases happening in a specific country only because they take place in cyber spaces, that hacking incidents frequently happen in Korea which is used as a footstool by foreign hackers, and that Korea has poor professional security manpower and foundational facilities in comparison with other advanced countries. Answers to the problems include cultivating cyber information manpower to cope with e-terrorism, making an appropriate budget, setting up networks to integrate and systematize anti-e-terrorism organizations, and intensifying the collection of information of cyber attacks and the analysis of the information.

• The Korean Journal of Air & Space Law and Policy
• /
• v.28 no.2
• /
• pp.37-61
• /
• 2013

In modern international law, the absence of legal definition regarding drone(Unmanned Aerial Vehicle) has made legal scholars work on an typical analogy between aircraft codified in the international document and drone. The wording of the Convention on International Civil Aviation is limited to two categories of aircraft, such as civil aircraft and state aircraft, whereas military aircraft is not legally defined. As such it is, the current practices of the State regarding the drone flight over foreign territory have proven a hypothese that drone is being deemed as military aircraft. Principal usage of drone lies in reconnaissance and surveillance mission as well as so-called targeted killing, which is prohibited if the killing is treacherous. Claimed war against terrorism, however, is providing a legal rationale that targeted killing is not treacherous, and that the targeted person is not civilian but combatant. In such context, armed attack of drone is deemed legal and justified. Consequently, such attack is legal in the general context of the war. The rules that govern targeting do not turn on the type of weapon system used, and there is no prohibition under the laws of war on the use of technologically advanced weapons systems in armed conflict so long as they are employed in conformity with applicable laws of war. Drones may present interesting new challenges because of their sophistication and the technological advantage they convey to their operators.

• Convergence Security Journal
• /
• v.16 no.3_2
• /
• pp.33-42
• /
• 2016

While evolving information-oriented society provides a lot of benefits to the human life, new types of threats have been increasing. Particularly, cyber terrorism, happen on the network that is composed of a computer system and information communication network, and the mean and scale of damage has reached a serious level. In other words, it is hard to locate cyber terror since it occurs in the virtual space, not in the real world, so identifying "Who is attacking?" (Non-visibility, non-formulas), or "Where the attack takes place?" (trans-nation) are hard. Hackers, individuals or even a small group of people, who carried out the cyber terror are posing new threats that could intimidate national security and the pace and magnitude of threats keep evolving. Scale and capability of North Korea's cyber terrorism are assessed as world-class level. Recently, North Korea is focusing on strengthen their cyber terrorism force. So improving a response system for cyber terror is a key necessity as North Korea's has emerged as a direct threat to South Korean security. Therefore, Korea has to redeem both legal and institutional systems immediately to perform as a unified control tower for preemptive response to cyber terrors arise from North Korea and neighboring countries.

• The Monthly Technology and Standards
• /
• s.68
• /
• pp.23-24
• /
• 2007