• Journal of the Korean BIBLIA Society for library and Information Science
• /
• v.33 no.1
• /
• pp.139-166
• /
• 2022

Ethical Issues increase when people engage in smart technological systems such as 5G, IoT, Cloud computing services and AI applications. Range of this research is comparison of various literacy concepts and its ethical issues in considering of 5G features and UX. 86 research papers and reports which have been published within the recent 5 years (2017-2022), relating the research subject, are investigated and analyzed. Two results show that various literacies can be grouped into four areas and that some of common issues among those areas as well as unique issues of each area are identified. Based on the literature analysis, an Operational Definition of Ethics-Literacy is presented and the model of ethics-literacy curriculum supporting ethical behavior of 5G information professionals is developed and suggested.

• The Journal of the Convergence on Culture Technology
• /
• v.8 no.3
• /
• pp.515-520
• /
• 2022

Metaverse is at the center of heated debates in many areas recently. Coupled with real world, metaverse is extending its domain into social and cultural activities in addition to economic value creation as untact activities increase. Global companies are investing in R&D for metaverse. The reason is that metaverse is supposed to create new value by converging virtual and real worlds thanks to technology advancement such as AI, big data, 3D graphic, 5G, cloud computing, etc. Thus, innovative changes are expected in the economic, social and cultural areas. However, there are many problems to be solved yet for connecting virtual world and real one. Also, epoch-making development of products and services should be done for realistic experience and profit creation using virtual space in various industries beyond untact social activities against pandemic situation. The essence, present condition, development and its application areas of metaverse will be analyzed, and expected problems researched so that the strategy and methodology for securing global competitiveness will be addressed in coming metaverse era.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.87-97
• /
• 2023

Containers are an emerging virtualization technology that can build an isolated environment more lightweight and faster than existing virtual machines. For that reason, many organizations have recently adopted them for their services. Yet, the container architecture has also exposed many security problems since all containers share the same OS kernel. In this work, we focus on the fact that an attacker can abuse host resources to make them unavailable to benign containers-also known as host resource exhaustion attacks. Then, we analyze the impact of host resource exhaustion attacks through real attack scenarios exhausting critical host resources, such as CPU, memory, disk space, process ID, and sockets in Docker, the most popular container platform. We propose five attack scenarios performed in several different host environments and container images. The result shows that three of them put other containers in denial of service.

• Korea Trade Review
• /
• v.47 no.3
• /
• pp.57-73
• /
• 2022

The process and change of convergence in the economy and industry with the development of digital technology and combining with new technologies is called Digital Transformation. Specifically, it refers to innovating existing businesses and services by utilizing information and communication technologies such as big data analysis, Internet of Things, cloud computing, and artificial intelligence. Digital transformation is changing the shape of business and has a wide impact on businesses and consumers in all industries. Among them, the big data and analytics market is emerging as one of the most important growth drivers of digital transformation. Integrating intelligent data into an existing business is one of the key tasks of digital transformation, and it is important to collect and monitor data and learn from the collected data in order to efficiently operate a data-based business. In developed countries overseas, research on new business models using various data accumulated at the level of government and private companies is being actively conducted. However, although the trade and import/export data collected in the domestic public sector is being accumulated in various types and ranges, the establishment of an analysis and utilization model is still in its infancy. Currently, we are living in an era of massive amounts of big data. We intend to discuss the value of trade big data possessed from the past to the present, and suggest a strategy to activate trade big data for trade digital transformation and a new direction for future trade big data research.

• Journal of Internet Computing and Services
• /
• v.24 no.6
• /
• pp.171-180
• /
• 2023

Hydrogen energy technology is gaining importance in the era of the Fourth Industrial Revolution, offering military advantages when applied to military vehicles due to its characteristics such as reduced greenhouse gas emissions, noise, and low vibration. Korea's military has initiated the Army Tiger 4.0 plan, focusing on hydrogen application, downsizing, and AI-based smart features. The Ministry of National Defense plans to collaborate with the Ministry of Environment to expand hydrogen charging stations nationwide, anticipating increased deployment of military hydrogen vehicles. However, considering the Jet Fire and VCE(Vapor Cloud Explosion) nature of hydrogen, ensuring safety during installation is crucial. Current military guidelines specify a minimum safety distance of 2m from adjacent buildings for charging stations. Scientific methods have been employed to quantitatively assess the accident damage range of hydrogen, proposing a minimum safety distance beyond the affected area.

• Journal of Internet Computing and Services
• /
• v.25 no.1
• /
• pp.157-166
• /
• 2024

The Army TIGER System, which is being deployed to implement a future combat system, is expected to bring innovative changes to the army's combat methods and comabt execution capability such as mobility, networking and intelligence. To this end, the Army will introduce various systems using drones, robots, unmanned vehicles, AI(Artificial Intelligence), etc. and utilize them in combat. The use of various unmanned vehicles and AI is expected to result in the introduction of equipment with new technologies into the army and an increase in various types of transmitted information, i.e. data. However, currently in the military, there is an acceleration in research and combat experimentations on warfigthing options using Army TIGER forces system for specific functions. On the other hand, the current reality is that research on cyber threats measures targeting information systems related to the increasing number of unmanned systems, data production, and transmission from unmanned systems, as well as the establishment of cloud centers and AI command and control center driven by the new force systems, is not being pursued. Accordingly this paper analyzes the structure and characteristics of the Army TIGER force integration system and makes suggestions for necessity of building, available cyber defense solutions and Army TIGER integrated cyber protections system that can respond to cyber threats in the future.

• Journal of Internet Computing and Services
• /
• v.21 no.1
• /
• pp.45-55
• /
• 2020

Due to the development of information and communication technology, the number of new / variant malicious codes is increasing rapidly every year, and various types of malicious codes are spreading due to the development of Internet of things and cloud computing technology. In this paper, we propose a malware analysis method based on string information that can be used regardless of operating system environment and represents library call information related to malicious behavior. Attackers can easily create malware using existing code or by using automated authoring tools, and the generated malware operates in a similar way to existing malware. Since most of the strings that can be extracted from malicious code are composed of information closely related to malicious behavior, it is processed by weighting data features using text mining based method to extract them as effective features for malware analysis. Based on the processed data, a model is constructed using various machine learning algorithms to perform experiments on detection of malicious status and classification of malicious groups. Data has been compared and verified against all files used on Windows and Linux operating systems. The accuracy of malicious detection is about 93.5%, the accuracy of group classification is about 90%. The proposed technique has a wide range of applications because it is relatively simple, fast, and operating system independent as a single model because it is not necessary to build a model for each group when classifying malicious groups. In addition, since the string information is extracted through static analysis, it can be processed faster than the analysis method that directly executes the code.

• The Journal of Korean Institute of Next Generation Computing
• /
• v.13 no.6
• /
• pp.7-20
• /
• 2017

The advancement of cloud and big data and the considerable growth of traffic have increased the complexity and problems in the management inefficiency of existing networks. The software-defined networking (SDN) environment has been developed to solve this problem. SDN enables us to control network equipment through programming by separating the transmission and control functions of the equipment. Accordingly, several studies have been conducted to improve the performance of SDN controllers, such as the method of connecting existing legacy equipment with SDN, the packet management method for efficient data communication, and the method of distributing controller load in a centralized architecture. However, there is insufficient research on the control of SDN in terms of the quality of network-using applications. To support the establishment and change of the routing paths that meet the required network service quality, we require a mechanism to identify network requirements based on a contract for application network service quality and to collect information about the current network status and identify the violations of network service quality. This study proposes a method of identifying the quality violations of network paths through ontology to ensure the network service quality of applications and provide efficient services in an SDN environment.

• Journal of Internet Computing and Services
• /
• v.24 no.6
• /
• pp.137-144
• /
• 2023

Cyberattack technology is evolving to an unpredictable degree, and it is a situation that can happen 'at any time' rather than 'someday'. Infrastructure that is becoming hyper-connected and global due to cloud computing and the Internet of Things is an environment where cyberattacks can be more damaging than ever, and cyberattacks are still ongoing. Even if damage occurs due to external influences such as cyberattacks or natural disasters, intelligent self-recovery must evolve from a cyber resilience perspective to minimize downtime of cyber assets (OS, WEB, WAS, DB). In this paper, we propose an intelligent self-recovery technology to ensure sustainable cyber resilience when cyber assets fail to function properly due to a cyberattack. The original and updated history of cyber assets is managed in real-time using timeslot design and snapshot backup technology. It is necessary to secure technology that can automatically detect damage situations in conjunction with a commercialized file integrity monitoring program and minimize downtime of cyber assets by analyzing the correlation of backup data to damaged files on an intelligent basis to self-recover to an optimal state. In the future, we plan to research a pilot system that applies the unique functions of self-recovery technology and an operating model that can learn and analyze self-recovery strategies appropriate for cyber assets in damaged states.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.933-940
• /
• 2015

IT environments such as IoT, SNS, BigData, Cloud computing are changing rapidly. These technologies add new technologies to some of existing technologies and increase the complexity of Information System. Accordingly, they require enhancing the security function for new IT services. Information Security Pre-inspection aims to assure stability and reliability for user and supplier of new IT services by proposing development stage which considers security from design phase. Existing 'Information Security Pre-inspection' (22 domains, 74 control items, 129 detail items) consist of 6 stage (Requirements Definition, Design, Training, Implementation, Test, Sustain). Pilot tests were executed for one of IT development companies to verify its effectiveness. Consequently, for some inspection items, some improvement requirements and reconstitution needs appeared. This paper conducts a study on activation of 'Information Security Pre-inspection' which aims to construct prevention system for new information system. As a result, an improved 'Information Security Pre-inspection' is suggested. This has 16 domains, 54 inspection items, 76 detail items which include some improvement requirements and reconstitution needs.