• Korean Journal of Remote Sensing
• /
• v.34 no.2_2
• /
• pp.307-311
• /
• 2018

It is necessary to establish wide integrated surveillance system of marine territory to reduce damage caused by maritime security threats, marine pollution and accidents for safe and clean marine use and efficient development of marine resources. For marine surveillance, the information characteristics of space-time specific, accuracy and operability are required, and real-time information about the wide area should be provided at all times. This special issue has been published to identify the characteristics of each platform, evaluate its usability for the establishment of a wide integrated surveillance system, and present the direction for future convergence studies between platforms. Since 2015, KIOST and cooperative research team have been performing the project, "Base research for building wide integrated surveillance system of marine territory using multi-platform" that detect vessels and red tide etc. near real time by using satellite, UAV and HF Ocean Radar. The objective of this special issue is to introduce the significance for an integrated system for maritime surveillance and to create a forum for discussion on recent advances in remote sensing technology and applications for marine disasters, pollution, and accident surveillance.

• Journal of Convergence for Information Technology
• /
• v.10 no.7
• /
• pp.20-32
• /
• 2020

This study is to develop and provide a personal information protection framework that enables IoT service providers to safely and systematically operate personal information of IoT service subjects in the overall process of providing IoT devices and services. To this end, a framework for personal information framework was derived through literature survey, and FGI with experts, it was divided into three stages, each of three stages: IoT service provision process and IoT personal information processing process. The study conducted an e-mail survey of related experts using AHP techniques to determine the importance of the components of the selected personal information protection framework. As a result, in the IoT service provision process, the IoT product and service design and development stage (0.5413) is the most important, and in the IoT personal information processing process, personal information protection in the collection and retention of personal information (0.5098) is the most important. Therefore, based on this research, as the IoT service is spreading, it is expected that a safe personal information protection framework will be realized by preventing security threats and personal information infringement accidents.

• Journal of Convergence for Information Technology
• /
• v.10 no.11
• /
• pp.55-63
• /
• 2020

The IoT technology is a field that applies and converges the technologies in the existing industrial environment, instead of new technologies. The IoT technology is releasing various application services converged with other industries such as smart home, healthcare, construction, and automobile, and it is also possible to secure the work efficiency and convenience of users of IoT-based technologies. However, the security threats occurring in the IoT-based technology environment are succeeding to the vulnerability of the existing wireless network environment. And the occurrence of new and variant attacks in the combination with the ICT convergence environment, is causing damages. Thus, in the IoT technology-based environment, it would be necessary to have researches on the safe transmission of messages in the communication environment between user and device, and device and device. This thesis aims to design a safe communication protocol in the IoT-based technology environment. Regarding the suggested communication protocol, this thesis performed the safety analysis on the attack techniques occurring in the IoT technology-based environment. And through the performance evaluation of the existing PKI-based certificate issuance system and the suggested communication protocol, this thesis verified the high efficiency(about 23%) of communication procedure. Also, this thesis verified the reduced figure(about 65%) of the issued quantity of certificate compared to the existing issuance system and the certificate management technique.

• Journal of Digital Convergence
• /
• v.15 no.4
• /
• pp.285-293
• /
• 2017

They are rapidly evolving malicious attacks on smart devices, and to timely protect the smart devices from these attacks has become a very important issue. In particular, smishing attack has emerged as one of the most important threats on the smartphone. In this paper, we propose the cloud service that can fundamentally protect the user from the risk of smishing attack. The proposed scheme provides cloud messaging service that can filter text messages including URLs in the user's smart device, view and manage them through a virtual machine provided by a cloud server. The existing techniques for preventing smshing attacks protect only malicious code of a known pattern and there is the possibility of error such as FP(False Positive) or FN(False Negative). However, since the proposed method automatically filters all text messages including URLs, storing, viewing, and managing them in their own storage space on the cloud server, it can completely block the installation of malwares(malicious codes) on the user's smart device through smishing attacks.

• Korea and Global Affairs
• /
• v.3 no.2
• /
• pp.87-130
• /
• 2019

This paper aims to analyze the recent progress(current situation) and tasks of arms control in North and South Korea. To this end the paper is composed of 5 chapters titled instruction; recent progress(current situation) of arms control in South and North Korea; constraints and tasks of arms control on the Korean peninsula; and conclusion. One of the most important tasks for the establishment of a peace structure for the coexistence of the Korean people in the 21st century is the realization of military control in order to resolve the acute military confrontation situation and mutual threats. With the 2018 PyeongChang Winter Olympics, the North-South summit and the subsequent talks for peace and denuclearization on the Korean Peninsula, the North Korea-US summit, and subsequent talks are creating conditions for trust building and arms control between the two Koreas. The military trust between the two Koreas and operational arms control are being achieved through the declaration of the April 27 Panmunjom and the 'Military Agreement for the Implementation of the Panmunjom Declaration.' However, since there are constraints on the control of arms control, such as the persistence of hostility and distrust of the two Koreas, the defense treaty between the two Koreas and neighboring countries, the competition of neighboring countries and the complex interests of the Korean peninsula, Trust Building is important. We should resolve the issue of arms control between the two Koreas, taking into account the trend of international arms control over the internal and external dynamics of the Korean peninsula gradually and carefully, with a vision of long-term unification security.

• Journal of Platform Technology
• /
• v.9 no.3
• /
• pp.3-17
• /
• 2021

Advanced persistent threat (APT) attacks are attacks aimed at a particular entity as a set of latent and persistent computer hacking processes. These APT attacks are usually carried out through various methods, including spam mail and disguised banner advertising. The same name is also used for files, since most of them are distributed via spam mail disguised as invoices, shipment documents, and purchase orders. In addition, such Infostealer attacks were the most frequently discovered malicious code in the first week of February 2021. CDR is a 'Content Disarm & Reconstruction' technology that can prevent the risk of malware infection by removing potential security threats from files and recombining them into safe files. Gartner, a global IT advisory organization, recommends CDR as a solution to attacks in the form of attachments. There is a program using CDR techniques released as open source is called 'Dangerzone'. The program supports the extension of most document files, but does not support the extension of HWP files that are widely used in Korea. In addition, Gmail blocks malicious URLs first, but it does not block malicious URLs in mail systems such as Naver and Daum, so malicious URLs can be easily distributed. Based on this problem, we developed a 'Dangerzone' program that supports the HWP extension to prevent APT attacks, and a Chrome extension that performs URL checking in Naver and Daum mail and blocking banner ads.

• Maritime Security
• /
• v.1 no.1
• /
• pp.311-343
• /
• 2020

Because of the global warming, the Arctic Ocean is expected to be ice-free by the year 2035. When the Arctic Ocean will be opened, a number of national interests will become more salient as experiencing a shortened sailing distance and decreasing navigation expense, possibility of natural resources transport by sea from Arctic Circle, and indirect-profit making by building a herb port in Asia. To secure the national interests and support the free activities of people in this region, R.O.K government is trying to make advanced policies. In order to carry out the naval tasks in the Arctic Ocean, using the operational characteristics(mobility, flexibility, sustainability, presence of capabilities, projection) is necessary. To this end, ROK Navy should analyze the operational environment (O.E.) by its capability(weakness and strength), opportunity, and threat. R.O.K. Navy should make an effort over the following issues to implement the tasks in the Arctic Ocean: first, Navy needs to map out her own plan (Roadmap) under the direction of government policies and makes crews participate in the education·training programs in home and abroad for future polar experts. Third, to develop the forces and materials for the tasks in cold, far operations area, Navy should use domestic well-experienced shipbuilding skills and techniques of the fourth industrial revolution. Next, improving the combined operations capabilities and military trust with other countries in the Arctic region to cover the large area with lack of forces' number and to resolve the ports of call issues. Lastly, preparation in advance to execute a variety of missions against military and non-traditional threats such as epidemics, HA/DR, SOLAS, in the future operation area is required.

• Journal of Software Assessment and Valuation
• /
• v.16 no.1
• /
• pp.65-79
• /
• 2020

As Programmable Logic Controllers (PLCs), popular components in industrial control systems (ICS), are incorporated with the technologies such as micro-controllers, real-time operating systems, and communication capabilities. As the latest PLCs have been connected to the Internet, they are becoming a main target of cyber threats. This paper proposes two sanitizers that improve the security of uC/OS-II based firmware for a PLC. That is, we devise BU sanitizer for detecting out-of-bounds accesses to buffers and UaF sanitizer for fixing use-after-free bugs in the firmware. They can sanitize the binary firmware image generated in a desktop PC before downloading it to the PLC. The BU sanitizer can also detect the violation of control flow integrity using both call graph and symbols of functions in the firmware image. We have implemented the proposed two sanitizers as a prototype system on a PLC running uC/OS-II and demonstrated the effectiveness of them by performing experiments as well as comparing them with the existing sanitizers. These findings can be used to detect and mitigate unintended vulnerabilities during the firmware development phase.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.1-13
• /
• 2022

As the information and communication environment develops, the environment of military facilities is also development remarkably. In proportion to this, cyber threats are also increasing, and in particular, APT attacks, which are difficult to prevent with existing signature-based cyber defense systems, are frequently targeting military and national infrastructure. It is important to identify attack groups for appropriate response, but it is very difficult to identify them due to the nature of cyber attacks conducted in secret using methods such as anti-forensics. In the past, after an attack was detected, a security expert had to perform high-level analysis for a long time based on the large amount of evidence collected to get a clue about the attack group. To solve this problem, in this paper, we proposed an automation technique that can classify an attack group within a short time after detection. In case of APT attacks, compared to general cyber attacks, the number of attacks is small, there is not much known data, and it is designed to bypass signature-based cyber defense techniques. As an attack model, we used MITRE ATT&CK® which modeled many parts of cyber attacks. We design an impact score considering the versatility of the attack techniques and proposed a group similarity score based on this. Experimental results show that the proposed method classified the attack group with a 72.62% probability based on Top-5 accuracy.

• Smart Media Journal
• /
• v.12 no.9
• /
• pp.9-18
• /
• 2023

Black box cryptography is a cryptographic scheme based on a hardware encryption device, operating under the assumption that the device and the user can be trusted. However, with the increasing use of cryptographic algorithms on unreliable open platforms, the threats to black box cryptography systems have become even more significant. As a consequence, white box cryptography have been proposed to securely operate cryptographic algorithms on open platforms by hiding encryption keys during the encryption process, making it difficult for attackers to extract the keys. However, unlike traditional cryptography, white box-based encryption lacks established specifications, making challenging verify its structural security. To promote the safer utilization of white box cryptography, CHES organizes The WhibOx Contest periodically, which conducts safety analyses of various white box cryptographic techniques. Among these, the Differential Computation Analysis (DCA) attack proposed by Bos in 2016 is widely utilized in safety analyses and represents a powerful attack technique against robust white box block ciphers. Therefore, this paper analyzes the research trends in white box block ciphers and provides a summary of DCA attacks and relevant countermeasures. adhering to the format of a research paper.