• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.10
• /
• pp.5062-5079
• /
• 2017

Malicious insider threats have increased recently, and methods of the threats are diversifying every day. These insider threats are becoming a significant problem in corporations and governments today. From a technology standpoint, detecting potential insider threats is difficult in early stage because it is unpredictable. In order to prevent insider threats in early stage, it is necessary to collect all of insiders' data which flow in network systems, and then analyze whether the data are potential threat or not. However, analyzing all of data makes us spend too much time and cost. In addition, we need a large repository in order to collect and manage these data. To resolve this problem, we develop an indicator-based behavior ontology (IB2O) that allows us to understand and interpret insiders' data packets, and then to detect potential threats in early stage in network systems including social networks and company networks. To show feasibility of the behavior ontology, we developed a prototype platform called Insider Threat Detecting Extractor (ITDE) for detecting potential insider threats in early stage based on the behavior ontology. Finally, we showed how the behavior ontology would help detect potential inside threats in network system. We expect that the behavior ontology will be able to contribute to detecting malicious insider threats in early stage.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.12
• /
• pp.1863-1871
• /
• 2022

In the era of Fourth Industrial Revolution, secure networking technology is playing an essential role in the defense weapon systems. Encryption technology is used for information security. The safety of cryptographic technology, according to Kerchoff's principles, is based on secure key management of cryptographic technology, not on cryptographic algorithms. However, traditional centralized key management is one of the problematic issues in battlefield environments since the frequent movement of the forces and the time-varying quality of tactical networks. Alternatively, the system resources of each node used in the IoBT(Internet of Battlefield Things) environment are limited in size, capacity, and performance, so a lightweight key management system with less computation and complexity is needed than a conventional key management algorithm. This paper proposes a novel key escrow scheme in a lightweight manner for the IoBT environment. The safety and performance of the proposed technique are verified through numerical analysis and simulations.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.2
• /
• pp.1-7
• /
• 2020

In modern society, as technology has advanced and human life area has expanded, there has been an increasing demand for high-quality voice and video communications services without restrictions on time and place. In response to this demand, satellite communications systems that provide a wide range of communications and that offer multiple access are evolving day by day. In satellite communications systems such as Digital Video Broadcasting - Return Channel Via Satellite (DVB-RCS) and Warfighter Information Network-Tactical (WIN-T), the multi-frequency time division multiple access (MF-TDMA) demand assigned multiple access (DAMA) scheme is used for efficient resource allocation. In this scheme, since the satellite terminals periodically request resources from the network controller, and the network controller dynamically allocates resources, it is necessary to arrange resource allocation information from time to time. Shortening of the alignment time is a more important factor in a satellite communications system in which a long transmission delay occurs due to long-distance transmission and reception. In this paper, we propose a sorting algorithm variable-selection scheme that shortens the sorting time by cross-selecting the sorting algorithm based on a threshold value, while setting the number of frames in the MF-TDMA DAMA satellite communications system as the threshold value.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37C no.11
• /
• pp.1094-1103
• /
• 2012

Recently, software industry regarding national defense increases system development of distributed simulation system of M&S based to overcome limit of resource and expense. It is one of key technologies for offering of mutual validation among objects and reuse of objects which are discussed for developing these systems. RTI, implementation of HLA interface specification as software providing these technologies uses Federation Object Model for exchanging information with joined federates in the federation and each federate has a characteristic that is supposed to have identical FOM in the federation. This technology is a software which is to provide the core technology which was suggested by the United state's military M&S standard framework. Simulator, virtual simulation, and inter-connection between military weapons system S/W which executes on network which is M&S's core base technology, and it is a technology which also can be used for various inter-connection between S/W such as game and on-line phone. These days although RTI is used in military war game or tactical training unit field, there is none in Korea. Also, it is used in mobile-game, distribution game, net management, robot field, and other civilian field, but the number of examples are so small and informalized. Through this developing project, we developed the core technique and RTI software and provided performance of COTS level to improve communication algorithms.

• Journal of Information Technology and Architecture
• /
• v.11 no.1
• /
• pp.11-23
• /
• 2014

Kill Chain is getting attention due to North Korea's recent nuclear test and missile launches and has emerged the need for an early build up. In order to build a materialized kill chain, you should review the unique kill chain to support operations effectively using various sensors and striking weapon system. Especially, you need a suitable network to reduce a reaction time against the enemy attack under joint operations environment etc. Currently there are many communication ways(e.g. data link, voice, video and text message) used in operations through satellite, wired and wireless and so on. Now, this paper contains analysis on various means for target information exchange which are used in the kill chain. And appropriate network of the kill chain for target information transmission is addressed to confirm feasibility of its alternatives, which is developed using AHP(Analytic Hierarchy Process). Finally, this paper is suggesting network and means of its building up for target information transmission of kill chain which can be implemented under the situation of joint battle field.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.05a
• /
• pp.123-125
• /
• 2015

Wireless ad hoc network which is comprised of wireless nodes that have the limited communication range is utilized to monitoring disaster area, tracing object, and tactical system. But in the case of wireless node on the ground, a network performance decrease because wireless channel is affected from obstacle or the node deployment is restricted. In this paper, we consider wireless network based on UAV(Unmanned Aerial Vehicle) which has little spatial constraint and quickly deploy a position. We implement test-bed included ground nodes and UAV, and measure throughput and PDR(Packet Delivery Ratio) according to the usage of UAV. We show that network performance is improved by relaying data on UAV.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38C no.11
• /
• pp.955-965
• /
• 2013

The joint tactical information distribution system (JTIDS) is used as the communication terminal of Link-16 by the United States armed forces, north atlantic treaty organization (NATO), and other allied forces. A portion of Link-16 frequencies may be shortly remapped to other systems owing to the growing demand for frequencies, especially in civil aviation, which is witnessing a constant increase in air traffic. This will affect the performance of Link-16. Therefore, in this paper, we analyze the effect of frequency band reduction on the performance of Link-16 waveform under partial-band noise jamming with Nakagami fading, via simulation and numerical analysis. The multi-net and anti-jamming performance of Link-16 with frequency remapping is compared with that of conventional Link-16 systems. The results show that the performance of Link-16 waveform is degraded with the reduction in frequencies. Nonetheless, Link-16 retains its jam resistance, and it can support multiple users in the same time slots.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.1C
• /
• pp.81-89
• /
• 2003

For improving the performance of noise suppression in tactical communication environments, an enhanced MELP vocoder is suggested, in which an acoustic noise suppressor is integrated into the front end of the MELP algorithm, and an FEC code into the channel side of the MELP algorithm. The acoustic noise suppressor is the modified IS-127 EVRC noise suppressor which is adapted for the MELP vocoder. As for FEC, the turbo code, which consists of rate-113 encoding and BCJR-MAP decoding algorithm, is utilized. In acoustic noise environments, the lower the SNR becomes, the more the effects of noise suppression is increased. Moreover, The suggested system has greater noise suppression effects in stationary noise than in non-stationary noise, and shows its superiority by 0.24 in MOS test to the original MELP vocoder. When the interleave size is one MELP frame, BER 10-6 is accomplished at channel bit SNR 4.2 ㏈. The iteration of decoding at 3 times is suboptimal in its complexity vs. performance. Synthetic quality is realized as more than MOS 2.5 at channel bit SNR 2 ㏈ in subjective voice quality test, when the interleave size is one MELP frame and the iteration of decoding is more than 3 times.

• Convergence Security Journal
• /
• v.11 no.1
• /
• pp.71-77
• /
• 2011

NCW(Network Centric- Warfare) encompasses the concept to use computer data processing and network linkage communications techniques, share information and furthermore, enhance the effectiveness of computer-operating systems. As IT(Information & Technology) have become developed in the recent years, the existing warfare system-centered conventional protocol is not use any longer. Instead, network-based NCW is being widely-available, today. Under this changing computer environment, it becomes important to establish algorithm and build the stable communication systems. Tools to identify malign node factors through Wireless Ad-hoc network cause a tremendous error to analyze and use paths of even benign node factors misreported to prove false without testing or indentifying such factors to an adequate level. These things can become an obstacle in the process of creating the optimum network distribution environment. In this regard, this thesis is designed to test and identify paths of benign node factors and then, present techniques to transmit data through the most significant open short path, with the tool of MP-SAR Protocol, security path search provider, in Ad-hoc NCW environment. Such techniques functions to identify and test unnecessary paths of node factors, and thus, such technique users can give an easy access to benign paths of node factors.