• Convergence Security Journal
• /
• v.20 no.1
• /
• pp.69-75
• /
• 2020

The command control system, like the human brain and nervous system, is a linker that connects the Precision Guided Missile(PGR) in information surveillance and reconnaissance (ISR) and is the center of combat power. In establishing the future command and control system, the ROK military should consider not only technical but also institutional issues. The US Department of Defense establishes security policies, refines them, and organizes them into architectural documents prior to the development of the command and control system. This study examines the security architecture applied to the US military command control system and analyzes the current ROK military-related policies (regulations) to identify security requirements for the future control system. By grouping the identified security requirements, this study identifies and presents field-specific enhancements to existing security regulations.

• Journal of Internet Computing and Services
• /
• v.22 no.1
• /
• pp.41-50
• /
• 2021

Cyber Kill Chain is derived from Kill chain of traditional military terms. Kill chain means "a continuous and cyclical process from detection to destruction of military targets requiring destruction, or dividing it into several distinct actions." The kill chain has evolved the existing operational procedures to effectively deal with time-limited emergency targets that require immediate response due to changes in location and increased risk, such as nuclear weapons and missiles. It began with the military concept of incapacitating the attacker's intended purpose by preventing it from functioning at any one stage of the process of reaching it. Thus the basic concept of the cyber kill chain is that the attack performed by a cyber attacker consists of each stage, and the cyber attacker can achieve the attack goal only when each stage is successfully performed, and from a defense point of view, each stage is detailed. It is believed that if a response procedure is prepared and responded, the chain of attacks is broken, and the attack of the attacker can be neutralized or delayed. Also, from the point of view of an attack, if a specific response procedure is prepared at each stage, the chain of attacks can be successful and the target of the attack can be neutralized. The cyber command and control system is a system that is applied to both defense and attack, and should present defensive countermeasures and offensive countermeasures to neutralize the enemy's kill chain during defense, and each step-by-step procedure to neutralize the enemy when attacking. Therefore, thist paper proposed a cyber kill chain model from the perspective of defense and attack of the cyber command and control system, and also researched and presented the threat classification/analysis/prediction framework of the cyber command and control system from the defense aspect

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37C no.10
• /
• pp.986-992
• /
• 2012

As the utilization of smart mobile devices such as smartphones increases, the desire to utilize such devices to control and monitor combat situations also arises. As smart mobile devices with various ICT get integrated with various weaponry system, a new phase of future warfare can be introduced. Moreover, smartphone-based real-time information technology for joint battle command system will be converged with surveillance control to become a leading example of convergence of cyber defense and information technology. Furthermore, mobile device security technology ideal for mobile wireless network environments can be applied to military robots. The following paper will give an overview of smart mobile device usage used for military purposes in battle command system, various security threats and the mobile device security technology to correspond to such security threats.

• Journal of National Security and Military Science
• /
• s.2
• /
• pp.285-314
• /
• 2004

The forms of current war are diversified over the pan-national industry. Among these, one kind of threats which has permeated the cyber space based on the advanced information technology causes a new type of war. C4ISR, the military IT revolution, as a integrated technology innovation of Command, Control, Communications, Computer, Intelligence, Surveillance and Reconnaissance suggests that the aspect of the future war hereafter is changing much. In this paper, we design the virtual decoy system and intrusion trace marking mechanism which can capture various attempts and evidence of intrusion by hackers in cyber space, trace the penetration path and protect a system. By the suggested technique, we can identify and traceback the traces of intrusion in cyber space, or take a legal action with the seized evidence.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.10a
• /
• pp.123-126
• /
• 2013

Access control system, when operating the infrastructure manager and the permissions for the user to clearly define the terminology that is. Various IT incidents still happening frequently occur, and these incidents in order to prevent the situation of access control is needed. In this study, the Copy command by hackers hacking incidents, such as walking dangerous limits for instructions attacks in advance, and also the internal administrator accident accidental limit command to walk off the risk in advance and even if the incident occurred access to the command history log and post it as evidence through the analysis techniques that can be utilized are described.

• Convergence Security Journal
• /
• v.12 no.4
• /
• pp.57-69
• /
• 2012

C4ISR system is an important tool for military operational command and control. Therefore, it is frequently exposed to the cyber-terror attempt to paralyze the military command and control system. Generally, the information system uses IDS and firewall as major security computing tools. C4ISR system also uses them as major measures for the information protection. But the usefulness of IDS is reduced due to the frequent false-positives and false-negatives if the behavioral patterns are modified or new behavioral patterns appear. This paper presents new IDS structure which can create modified attack patterns and unexpected attack patterns automatically during IDS probing process. The proposed IDS structure is expected to enhance the information protection capability of the C4ISR system by reducing false-positives and false-negatives through the creation and verification of new attack patterns.

• Journal of Digital Contents Society
• /
• v.19 no.6
• /
• pp.1185-1195
• /
• 2018

Industrial Control System (ICS) is a system that carry out monitoring and controls of industrial control process and is applied in infrastructure such as water, power, and gas. Recently, cyber attacks such as Brutal Kangaroo, Emotional Simian, and Stuxnet 3.0 have been continuously increasing in ICS, and these security risks cause damage of human life and massive financial losses. Attacks on the control layer among the attack methods for ICS can malfunction devices of the field device layer by manipulating control commands. Therefore, in this paper, we propose a mechanism that apply the SDN between the control layer and the field device layer in the industrial control system and to determine whether the control command is legitimate or not and we show simulation results on a simply composed control system.

• Journal of Internet Computing and Services
• /
• v.25 no.1
• /
• pp.157-166
• /
• 2024

The Army TIGER System, which is being deployed to implement a future combat system, is expected to bring innovative changes to the army's combat methods and comabt execution capability such as mobility, networking and intelligence. To this end, the Army will introduce various systems using drones, robots, unmanned vehicles, AI(Artificial Intelligence), etc. and utilize them in combat. The use of various unmanned vehicles and AI is expected to result in the introduction of equipment with new technologies into the army and an increase in various types of transmitted information, i.e. data. However, currently in the military, there is an acceleration in research and combat experimentations on warfigthing options using Army TIGER forces system for specific functions. On the other hand, the current reality is that research on cyber threats measures targeting information systems related to the increasing number of unmanned systems, data production, and transmission from unmanned systems, as well as the establishment of cloud centers and AI command and control center driven by the new force systems, is not being pursued. Accordingly this paper analyzes the structure and characteristics of the Army TIGER force integration system and makes suggestions for necessity of building, available cyber defense solutions and Army TIGER integrated cyber protections system that can respond to cyber threats in the future.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.26 no.3
• /
• pp.281-301
• /
• 2023

The shipboard combat system is a key system for naval combat that supports a command and control process cycle consisting of Detect - Control - Engage in real time to ensure ship viability and conduct combat missions. Modern combat systems were developed on the basis of Open Architecture(OA) to maximize acceptance of latest technology and interoperability between systems, and actively introduced the COTS(Commercial-of-the-shelf). However, as a result of that, vulnerabilities inherent in COTS SW and HW also occurred in the combat system. The importance of combat system cybersecurity is being emphasized but cybersecurity research reflecting the characteristics of the combat system is still lacking in Korea. Therefore, in this paper, we systematically identify combat system threats by applying Data Flow Diagram, Microsoft STRIDE threat modelling methodology. The threats were analyzed using the Attack Tree & Misuse case. Finally we derived the applicable security requirements which can be used at stages of planning and designing combat system and verified security requirements through NIST 800-53 security control items.

• Journal of Positioning, Navigation, and Timing
• /
• v.12 no.4
• /
• pp.437-445
• /
• 2023

A space system refers to a network of sensors, ground systems, and space-craft operating in space. The security of space systems relies on information systems and networks that support the design, launch, and operation of space missions. Characteristics of space operations, including command and control (C2) between space-craft (including satellites) and ground communication, also depend on wireless frequency and communication channels. Attackers can potentially engage in malicious activities such as destruction, disruption, and degradation of systems, networks, communication channels, and space operations. These malicious cyber activities include sensor spoofing, system damage, denial of service attacks, jamming of unauthorized commands, and injection of malicious code. Such activities ultimately lead to a decrease in the lifespan and functionality of space systems, and may result in damage to space-craft and, lead to loss of control. The Cybersecurity Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) matrix, proposed by Massachusetts Institute of Technology Research and Engineering (MITRE), consists of the following stages: Reconnaissance, Resource Development, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Command & Control, Exfiltration, and Impact. This paper identifies cybersecurity activities in space systems and satellite navigation systems through the National Institute of Standards and Technology (NIST)'s standard documents, former U.S. President Trump's executive orders, and presents risk management activities. This paper also explores cybersecurity's tactics attack techniques within the context of space systems (space-craft) by referencing the Sparta ATT&CK Matrix. In this paper, security threats in space systems analyzed, focusing on the cybersecurity attack tactics, techniques, and countermeasures of space-craft presented by Space Attack Research and Tactic Analysis (SPARTA). Through this study, cybersecurity attack tactics, techniques, and countermeasures existing in space-craft are identified, and an understanding of the direction of application in the design and implementation of safe small satellites is provided.