• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.577-589
• /
• 2023

Ministry of National Defense plans to harness AI as a key technology to bolster overall defense capability for cultivation of an advanced strong military based on science and technology based on Defense Innovation 4.0 Plan. However, security threats due to the characteristics of AI can be a real threat to AI-based defense information system. In order to solve them, systematic security activities must be carried out from the development stage. This paper proposes security activities and considerations that must be carried out at each stage of AI-based defense information system. Through this, It is expected to contribute to preventing security threats caused by the application of AI technology to the defense field and securing the safety and reliability of defense information system.

• Convergence Security Journal
• /
• v.15 no.6_1
• /
• pp.69-78
• /
• 2015

Methods that industrial spies use to smuggle core technology out are becoming more intelligent, technological, and complex, thus resulting in more serious damages. In particular, defense industries in which involve national core technology as well as institutions including labor force are industries that are in a greater need of the convergence security. Defense Industry develops, experiments, and produces defense security supplies for national security protection. Defense industry involves a number of security elements such as military secret, industrial secret, core technology labor force, defense industry supply, critical national facility, and information communication system. Defense industry security is a complex of military security and industrial security which is convergence security that integrates all security elements of defense industry. Therefore, defense industry security is a typical ideal model for convergence security. Research on defense industry security is relatively insufficient compared to research of security in other industrial fields. In order to prevent core technology of denfese industry from leaking and to protect technical professionals and institutions, research and action on defense industry security from convergence security perspective are therefore essential at this point of time.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.12
• /
• pp.265-270
• /
• 2019

In order to protect the advancement of defense technology that has a tremendous e?ect on both the national security and the economy, the Republic of Korea established the Defense Technology Security Act in 2015. As the new enactment brought changes to the landscape of the defense industry and defense industrial security, a new examination of the concept of the defense industrial security has now become necessary. Even after taking into consideration the undisclosed nature of defense industrial security research, and the fact that only the limited number of firms participates in the subject matter, scientific studies related to the topic have not been active. However, with the new enactment of the Defense Technology Security Act, it is necessary to expand the scope of security and to redefine the concept of defense industrial security. In this paper, we analyzed the research works on related technology protection policies and our environment of the defense industry in order to conceptualize defense industrial security. The established concepts are expected to provide a systematic way to protect the confidential and defense technology.

• Journal of National Security and Military Science
• /
• s.9
• /
• pp.191-206
• /
• 2011

This study is presented a scheme that information security research institutions located within the central area can be participated actively m national defense information security industry. The many of information security company are located in the central region(Daejeon) and there are many research institutes. However, the participation rate of the Defense Information Security Industry is not high compared to other provinces. Although a variety of reasons, there are no the Defense Privacy Office that could have a role in protocol and the information about the industry. In addition, the Department of Defense related to national defense information security industry have not information about research institutions in the central region and are not well to identify the characteristics of institutional technology and research. So in this paper we presented some of the alternatives. 1) Building Pool involved in information security research according to the characteristics of each agency 2) Constitute the research community between Research institutions and the company 3) Build the technology cooperation between research institutions and the defense research institutes 4) Utilization of industry/university/research institutes related to Information Security Industry 5) Make strategic alliances among research institutes based on technical expertise.

• Journal of Information Technology Services
• /
• v.12 no.4
• /
• pp.77-90
• /
• 2013

As Cyber threats are rising, the scope of information Security (IS) is extending from technical protection of a single information system to organizational comprehensive IS capability. The ministry of National Defense (MND) has established the IS evaluation for defense organization in 'the Directive for Defense Informatization Affairs.' However, no information about an evaluation method, process and organization is provided. We surveyed information security management system (ISMS) and related best practices in public sector and other countries, and analysed the military information security affairs. Thus, this paper recommends the IS evaluation method and process. The trial IS evaluation is in progress this year and the MND will expand this IS evaluation to the entire organization.

• The KIPS Transactions:PartC
• /
• v.18C no.5
• /
• pp.317-326
• /
• 2011

This study is meaningful in that it standardizes various security and defense policies and devices, newly defines characteristics of defense policies and defense techniques, and specify and report various kinds of security polities and devices in order for administrators or users to add and apply the policies when introducing new security policies including the implementation of existing network infra and applying additionally. Therefore, this study aims to divide the policies into ONSU-MF(One Network Security Unit-Multi Function) that classifies one network security device-based policies and OSD-MD(One Security Device-Multi Defense), which implements various security methods by using one security device, and suggest network security infra improvement mechanism through the standardization implementation technique integrating the two methods.

• Journal of Internet Computing and Services
• /
• v.16 no.5
• /
• pp.1-9
• /
• 2015

As attacks in cyber space become advanced and complex, monotonous defense approach of one-one matching manner between attack and defense may be limited to defend them. More efficient defense method is required. This paper proposes multi layers security scheme that can support to defend assets against diverse cyber attacks in systematical and adaptive. We model multi layers security scheme based on Defense Zone including several defense layers and also discuss essential technical elements necessary to realize multi layers security scheme such as cyber threats analysis and automated assignment of defense techniques. Also effects of multi layers security scheme and its applicability are explained. In future, for embodiment of multi layers security scheme, researches about detailed architecture design for Defense Zone, automated method to select the best defense technique against attack and modeling normal state of asset for attack detection are needed.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.12
• /
• pp.5116-5134
• /
• 2015

In this paper, due to the network security defense is mainly static defense, a dynamic classification network security defense strategy model is proposed by analyzing the security situation of complex computer network. According to the network security impact parameters, eight security elements and classification standard are obtained. At the same time, the dynamic classification algorithm based on fuzzy theory is also presented. The experimental analysis results show that the proposed model and algorithm are feasible and effective. The model is a good way to solve a safety problem that the static defense cannot cope with tactics and lack of dynamic change.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1183-1192
• /
• 2022

Information and Information processing systems must maintain a certain level of security during the total life cycle of Information. To maintain a certain level of security, security management processes are applied to software, automobile development, and the U.S. federal government information system over a life cycle, but theme of no similar security management process in Korea. This paper proposes a Korean-style security risk management framework to maintain a certain level of security in the total life cycle of information and information processing system in the defense sector. By applied to the defense field, we intend to present the direction of defense security work in the future and induce an shift in security paradigm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.111-122
• /
• 2021

With the spread of technology in the 4th Industrial Revolution, the defense industry in South Korea is getting developed into an industrial structure in which high-tech technologies are concentrated. As the importance of defense technology has gradually increased, the government has enacted the Defense Technology Security Act and required to build a protection system for institutions that possess or manage defense technology. In order for the target institution to introduce a protection system, it is necessary to identify the defense technologies that are protected and to ensure systematic data management. In order to cope with this, we derived master data items for data management and analyzed the implementation types of defense technology master data system suitable for the defense industry environments. The derived method identified the defense technology master data, such as primary and secondary master data, and through AHP analysis, Co-existence type was suitable as the target model for the master data management system. We expect that stronger defense technology security policy will be implemented through the defense technology MDM system.