• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.209-221
• /
• 2023

Due to the rapid spread of the COVID-19 virus in December 2019, the working environment was rapidly converted to telecommuting. However, since the defense industry is an organization that handles technology related to the military, the network separation policy is applied, so there are many restrictions on the application of telecommuting. Telecommuting is a global change and an urgent task considering the rapidly changing environment in the future. Currently, in order for defense companies to implement telecommuting, VPN, VDI, and network interlocking systems must be applied as essential elements. Eventually, some contact points will inevitably occur, which will increase security vulnerabilities, and strong security management is important. Therefore, in this paper, attack types are selected and threats are analyzed based on the attack tactics of the MITER ATT&CK Framework, which is periodically announced by MITER in the US to systematically detect and respond to cyber attacks. Then, by applying STRIDE threat modeling, security threats are classified and specific security requirements are presented.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.24 no.5
• /
• pp.537-544
• /
• 2021

Cyber threats can bypass existing cyber-protection systems and are rapidly developing by exploiting new technologies such as artificial intelligence. In order to respond to such cyber threats, it is important to improve the ability to detect unknown cyber threats by correlating heterogeneous cyber protection systems. In this paper, to enhance cyber-attack response capabilities, we proposed command and control that enables rapid decision-making and response before the attack objectives are achieved, using Lockheed Martin's cyber kill chain and MITRE ATT&CK to analyze the purpose and intention of the attacker.

• Proceedings of the Korean Society for Technology of Plasticity Conference
• /
• 2001.10a
• /
• pp.166-169
• /
• 2001

22,000 Ton hydraulic press was developed using wire winding method. The hydraulic press consists of three piece of frame type. The outer layers of yoke-column frame and main cylinder linear were wound with piano wire(1mm${\times}$4mm) under controlled tension and the total length of wound wire was about 450Km. The developed hydraulic press is used for the forming of heat plate with ultra-large size. To obtain large force with relative small apparatus, high pressure of $1,500 Kgf/cm^2$ was supplied to main cylinder through pressure amplification by booster pump. Therefore sealing technique of main cylinder is so crucial that the seals were made of mitre ring type with super-elastic metal. The press total weight is about 150 tons, which is quite light and compact relative to that of conventional hydraulic press.

• Convergence Security Journal
• /
• v.1 no.1
• /
• pp.21-29
• /
• 2001

For multiple attacks through large networks e.g., internet, IDS had better be installed over several hosts and collect all the audit data from them with appropriate synthesis. We propose a new distributed intrusion detection system called SPIDER II which is the upgraded version of the previous standalone IDS - SPIDER I. As like the previous version, SPIDER II has been implemented on Linux Accel 6.1 in CNU C. After planting intrusion detection engines over several target hosts as active agents, the administration module of SPIDER II receives all the logs from agents and analyzes hem. For the world-wide standardization on IDS, SPIDER II is compatible with MITRE's CVE(Common Vulnerabilities and Exposures).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1407-1417
• /
• 2012

In order to protect a software system from security attacks, it is important to remove the software security weaknesses through the entire life cycle of software development. To remove the software weaknesses more effectively, software weaknesses are prioritized and sorted continuously. In this paper, we introduce the existing scoring systems for software weakness and software vulnerability, and propose a new quantitative standard for the scoring system, which helps evaluate the importance of software weakness objectively. We also demonstrate the practicability of the proposed standard by scoring 2011 CWE/SANS Top 25 list with the proposed standard and comparing it to the original score of MITRE.

• Journal of Advanced Navigation Technology
• /
• v.12 no.6
• /
• pp.567-573
• /
• 2008

According to the ICAO's Global Air Navigation Plan for CNS/ATM - Communications, Navigation, and Surveillance - systems, employing digital technologies, including satellite systems together with various levels of automation, are to be applied in support of a seamless global air traffic management system. For the future navigation, the focus of future implementation efforts can be placed entirely on an expected gradual migration toward GNSS-based navigation, Korea has been considered various options for airspace GNSS augmentation system: GBAS, SBAS and GRAS. This paper discusses current status and future trend of GNSS airspace navigation systems, and presents the results of possible augmentation options and scenarios to analyze system availabilities which could lead to the conclusion of the best program for Korea. The results showed that Korea could have sufficient availabilities from en-route to CAT-I approach with ABAS and GBAS. The study was in cooperated with MITRE, an American research company.

• 한국정보컨버전스학회:학술대회논문집
• /
• 2008.06a
• /
• pp.63-70
• /
• 2008

The authors, Tom Karygiannis of NIST, and Bernard Eydt, Greg Barber, Lynn Bunn, and Ted Phillips of Booz Allen Hamilton, wish to thank Steven Fick, Rick Korchak, Kate Remley, Jeff Guerrieri, Dylan Williams, Karen Scarfone, and Tim Grance of NIST, and Kenneth Waldrop and Beth Mallory of Booz Allen Hamilton. These individuals reviewed drafts of this document and contributed to its technical content. The authors would also like to express their thanks to several experts for their critical review and feedback on drafts of the publication. These experts include V.C. Kumar of Texas Instruments; Simson Garfinkel of the Naval Postgraduate School; Peter Sand of the Department of Homeland Security; Erika McCallister of MITRE; and several professionals supporting Automatic Identification Technology(AIT) program offices within the Department of Defense(DoD), especially Nicholas Tsougas, Fred Naigle, Vince Pontani, Jere Engelman, and Kathleen Smith. During the public comment period we received helpful comments from the following Federal Government agencies: the US Departments of Defense, Health and Human Services, Homeland Security, Labor, and State; the Office of the Director of National Intelligence; the Office of Management and Budget; and the General Services Administration. We also received several helpful contributions from commercial industry, including comments from EPCglobal, VeriSign, and Priway. Finally, the authors wish to thank the following individuals for their comments and assistance: Brian Tiplady, Daniel Bailey, Paul Dodd, Craig K. Harmon, William MacGregor, Ted Winograd, Russell Lange, Perry F. Wilson, John Pescatore, Ronald Dugger, Stephan Engberg, Morten Borup Harning, Matt Sexton, Brian Cute, Asterios Tsibertzopoulos, Mike Francis, Joshua Slob in, Jack Harris, and Judith Myerson.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.1
• /
• pp.59-74
• /
• 2020

The web space where web applications run is the cyber information warfare of attackers and defenders due to the open HTML. In the cyber attack space, about 84% of worldwide attacks exploit vulnerabilities in web applications and software. It is very difficult to detect web vulnerability attacks with security products such as web firewalls, and high labor costs are required for security verification and assurance of web applications. Therefore, rapid vulnerability detection and response in web space by automated software is a key and effective cyber attack defense strategy. In this paper, we establish a security risk management model by intensively analyzing security threats against web applications and software, and propose a method to effectively diagnose web and application vulnerabilities. The testing results on the commercial service are analyzed to prove that our approach is more effective than the other existing methods.

• Journal of the Korean Home Economics Association
• /
• v.12 no.34
• /
• pp.743-769
• /
• 1974

Au debut I'habit Iiturgique ne differait de I'habit de fete du simple citoyen que par sa richesse. C'est seulement quand, dans la vie courante, on adopta la robe courte que le vetememt liturgique commenca a se distinguer, meme par la forme, du costume civil. Les ornements liturgiques, en effet, ne sont qu'une forme stylisee de l'habit de fete de la fin de l'Empire Romain (du IIIeme au Veme siecle). Pour une ceremonie religieuse on se presente bien habille. Le meme sentiment de respect des choses sacrees a amene deja, vers la fin de l'antiquite chretienne, a donner au pretre un vetememt liturgique special. Pour celebrer la messe, le pretre revet par-dessus sa soutane un costume special, compose de l'amict, de l'aube, du cordon, du manipule, de l'etole et de la chasuble. Aux messes solennelles, les eveques ajoutent a ces ornements des bas et sandales, des gants, la tunique et la dalmatique avee la mitre ; en certain cas, les archeveques y joingnent le pallium. Aux messes solennelles, le diacre porte sur ; l'aube le manipule et la tunique. De ces pieces du costume liturgique, on dira brievement, apres leur emploi et leur forme actel, l'origine et l'histoire, mais seulement apres avoir marque les lignes generales parition et des transformations du costume liturgique dans son ensemble. L'evolution du costume liturgique a partir du XIIIeme siecle peut se resumer en quelques mots en raison souvent de la lourdeur des riches etoffes (velours et brocarts) et de l'importance donne a la decoration, toujours par rechereche d'une plus grande commodite on a abandonne lentement d'abord, puis rapidement adapte a partir du XVI eme siecle, les formes amples pour des formes courtes et etriquees. Il faut faire quelques exceptions qui marquent l'influence des gouts decoratifs de gouts epoque : La periode de 1700 a 1850 marque la complete decadence du costum liturgique. On a depuis essaye de lui rendre sa beaute et aussi sa signification symbolique, par un retour aux etoffes et a la decoration de la deuxieme partie du moyen age. Souhations que, sous la direction des liturgistes, en respectant l'essentiel de la liturgie aujourd'hui, avec le concours d'artistes epris du sens liturgique et des connaisseurs des tradtions et de toutes les ressources actuelles on trouve des costumes liturgiques adaptes a notre temps dans un style plus simple et correspondant au besoins actuels.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2006.05a
• /
• pp.981-985
• /
• 2006

Wibro is stand for Wireless Broadband Internet called as Portable Internet, Wireless Broadband Internet or Wireless High-Speed Internet. This provides hish-speed internet service anytime, anywhere, from anyone and device with seamless mobility and the band is located between Mobile phone and wireless LAN. Wibro service should support handover to maintain connection continuously in movement because the service is based on If system which is different from cellular system. Current Mitre Mobility system and general Mobile If system has got a problem of delayed speed and lost packets during handover. IETF protocol has been proposed for minimizing this problem and its standardization is under process, mainly focused on Mip4, Mip6 and Mipshop WG. This article studies and analyzes an effective method of minimizing handover delay to improve the problem of WiBro system and its revitalization & outlook.