• Convergence Security Journal
• /
• v.19 no.2
• /
• pp.129-136
• /
• 2019

The main tasks of commander and staffs in ground operations are a continuation performing the process of making decisions in various situations. Since the current decision-making process is largely dependent on qualitative methods, it is difficult to integrate with the decision-making tools associated with the 4th Industrial Revolution. The purpose of this study is to suggest the process of deriving the relative importance of the evaluation factors using the AHP with focusing on assessing the avenues of approach in IPB related to the ground operation plan. The most important aspect of IPB is the evaluation of the avenues of approach. Evaluation factors include target accessibility, observation and seasons, concealment and cover-up, ease of maneuverability, and ease of transition to adjacent access roads. The existing methods are the comparison method with evaluation factors and the analysis with the advantages and disadvantages. However, it has been criticized that they regard evaluation factors as equal importance. The results show that target accessibility has the highest score related with priority when considering the criteria.

• Convergence Security Journal
• /
• v.21 no.1
• /
• pp.93-100
• /
• 2021

Damage caused by intelligent cyber attacks not only disrupts system operations and leaks information, but also entails massive economic damage. Recently, cyber attacks have a distinct goal and use advanced attack tools and techniques to accurately infiltrate the target. In order to minimize the damage caused by such an intelligent cyber attack, it is necessary to block the cyber attack at the beginning or during the attack to prevent it from invading the target's core system. Recently, technologies for predicting cyber attack paths and analyzing risk level of cyber attack using big data or artificial intelligence technologies are being studied. In this paper, a cyber attack path analysis method using attack tree and RFI is proposed as a basic algorithm for the development of an automated cyber attack path prediction system. The attack path is visualized using the attack tree, and the priority of the path that can move to the next step is determined using the RFI technique in each attack step. Based on the proposed mechanism, it can contribute to the development of an automated cyber attack path prediction system using big data and deep learning technology.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.171-181
• /
• 2011

Proposed in this paper is the intelligent video surveillance system to effectively detect multiple loitering objects even that disappear from the out of camera's field of view and later return to a target zone. After the background and foreground are segmented using Gaussian mixture model and shadows are removed, the objects returning to the target zone is recognized using the chromaticity histogram and the duration of loitering is preserved. For more accurate measurement of the loitering behavior, the camera calibration is also applied to map the image plane to the real-world ground. Hence, the loitering behavior can be detected by considering the time duration of the object's existence in the real-world space. The experiment was performed using loitering video and all of the loitering behaviors are accurately detected.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1227-1236
• /
• 2021

Adversarial attack, one of the attacks on deep learning classification model, is attack that add indistinguishable perturbations to input data and cause deep learning classification model to misclassify the input data. There are various adversarial attack algorithms. Accordingly, many studies have been conducted to detect adversarial attack but few studies have been conducted to classify what adversarial attack algorithms to generate adversarial input. if adversarial attacks can be classified, more robust deep learning classification model can be established by analyzing differences between attacks. In this paper, we proposed a model that detects and classifies adversarial attacks by constructing a random forest classification model with input features extracted from a target deep learning model. In feature extraction, feature is extracted from a output value of hidden layer based on class predicted by the target deep learning model. Through Experiments the model proposed has shown 3.02% accuracy on clean data, 0.80% accuracy on adversarial data higher than the result of pre-existing studies and classify new adversarial attack that was not classified in pre-existing studies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.975-986
• /
• 2022

Deep learning is attracting great attention, showing excellent performance in image processing, but is vulnerable to adversarial attacks that cause the model to misclassify through perturbation on input data. Adversarial examples generated by adversarial attacks are minimally perturbated where it is difficult to identify, so visual features of the images are not generally changed. Unlikely deep learning models, people are not fooled by adversarial examples, because they classify the images based on such visual features of images. This paper proposes adversarial attack detection method using Symbolic Representation, which is a visual and symbolic features such as color, shape of the image. We detect a adversarial examples by comparing the converted Symbolic Representation from the classification results for the input image and Symbolic Representation extracted from the input images. As a result of measuring performance on adversarial examples by various attack method, detection rates differed depending on attack targets and methods, but was up to 99.02% for specific target attack.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.5
• /
• pp.57-66
• /
• 2023

In this paper, a research trend of attack graph studies for Cyber-Physical System (CPS) environments is surveyed, and we analyse the limitations of previous works and prospect the future directions. 35 among around 150 attack graph studies conducted within 5 years target CPS, and we inspect key features of CPS environment in the security aspect. Also, we categorize and analyze target studies in the aspect of modelling physical systems and considering air gaps, which are derived as key features of the security aspects of CPS. Half of 20 research that we surveyed do not reflect those two features, and other studies only consider one of the two features. In this circumstance, we examine challenges that attack graph studies on CPS environment face. Finally, we expect state-led studies or studies targeting open-spec commercial CPS will dominate.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.939-946
• /
• 2023

In the hyper-connected network, which network equipment is diverse and network structure is complex, the attack surface has also increased. In this environment, MTD(Moving Target Defense) technology is being researched as a method to fundamentally defend against cyber attacks by actively changing the attack surface. network-based MTD technologies are being widely studied. However, in order for network address mutation technology to be applied within the existing fixed IP-based system, research is needed to determine what impact it will have. In this paper, we studied the impact of applying network address mutation technology to the existing network protection system. As a result of the study, factors to be considered when firewall, NAC, IPS, and network address mutation technologies are operated together were derived, and elements that must be managed in network address mutation technology for interoperability with the network analysis system were suggested.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.3-8
• /
• 2023

The Fourth Industrial Revolution is bringing about great changes in many industrial fields, and among them, active research is being conducted on convergence technology using artificial intelligence. Among them, the demand is increasing day by day in the field of object recognition using artificial intelligence and digital transformation using recognition results. In this paper, we proposed an optimal learning model construction method to accurately recognize letters, symbols, and lines in images and save the recognition results as files in a standardized format so that they can be used in simulations. In order to recognize letters, symbols, and lines in images, the characteristics of each recognition target were analyzed and the optimal recognition technique was selected. Next, a method to build an optimal learning model was proposed to improve the recognition rate for each recognition target. The recognition results were confirmed by setting different order and weights for character, symbol, and line recognition, and a plan for recognition post-processing was also prepared. The final recognition results were saved in a standardized format that can be used for various processing such as simulation. The excellent performance of building the optimal learning model proposed in this paper was confirmed through experiments.

• Korean Journal of Remote Sensing
• /
• v.38 no.3
• /
• pp.283-298
• /
• 2022

As Synthetic Aperture Radar (SAR) image can be acquired regardless of the weather and day or night, it is highly recommended to be used for Automatic Target Recognition (ATR) in the fields of surveillance, reconnaissance, and national security. However, there are some limitations in terms of cost and operation to build various and vast amounts of target images for the SAR-ATR system. Recently, interest in the development of an ATR system based on simulated SAR images using a target model is increasing. Attributed Scattering Center (ASC) matching and template matching mainly used in SAR-ATR are applied to target classification. The method based on ASC matching was developed by World View Vector (WVV) feature reconstruction and Weighted Bipartite Graph Matching (WBGM). The template matching was carried out by calculating the correlation coefficient between two simulated images reconstructed with adjacent points to each other. For the performance analysis of the two proposed methods, the Synthetic and Measured Paired Labeled Experiment (SAMPLE) dataset was used, which has been recently published by the U.S. Defense Advanced Research Projects Agency (DARPA). We conducted experiments under standard operating conditions, partial target occlusion, and random occlusion. The performance of the ASC matching is generally superior to that of the template matching. Under the standard operating condition, the average recognition rate of the ASC matching is 85.1%, and the rate of the template matching is 74.4%. Also, the ASC matching has less performance variation across 10 targets. The ASC matching performed about 10% higher than the template matching according to the amount of target partial occlusion, and even with 60% random occlusion, the recognition rate was 73.4%.

• Korean Security Journal
• /
• no.49
• /
• pp.157-183
• /
• 2016

Countries across the globe, including those in Europe, are waging a "war against terrorism" as international terrorist groups such as ISIS and lone-wolf terrorists have unleashed various large-scale attacks on rail infrastructure. Anti-South Korean sentiment exists in Muslim-majority countries because the nation has cooperated with the US for its military interventions in the Middle East, and ISIS has threatened to target South Korea four times since September 9, 2015. In addition, North Korea has been left isolated in the international community with its missile and nuclear tests, while further escalating inter-Korean tension and threatening to strike major facilities and attack important figures in the South. These situations imply that South Korea is no longer immune to terrorist attacks. If the nation fails to prevent or deter such terrorist attacks against rail networks, massive casualties, property damage and social confusion would be unavoidable, deteriorating national and international trust in its counter-terrorism policies. This may lead to a national crisis involving decreases in the number of tourists, dampened interest of foreign investors, and capital flight. This study aims to propose policy measures to enhance railroad security checks, based on the work of railroad police officers, for the sake of protecting citizens and public safety. The suggestions include an incremental expansion of railroad security checks; growth of the railroad police force and adjustment of their policing distribution with other police officers; enhancement of security systems across important rail networks; improvement of the Railroad Safety Act; Southeast Asia, including the corresponding strengthening of the national crackdown illegal immigrants, and plans for pre-emptive and regular cooperation among organizations related to the promotion of security checks and the prevention of terrorist attacks.