• Korean Security Journal
• /
• no.14
• /
• pp.517-534
• /
• 2007

Since the beginning of human society, there have always been struggles and competitions for survival and prosperity, terrorism is not a recent phenomenon, however in modern times it has progressed to reflect the advances in civilization and power structures. At the time of the 9.11 terrorist attacks in the U.S. A., a new world order was in the process of being established after the breakdown of the Cold War era. The attacks drove both the Western and the Islamic worlds into heightened fear of terrorism and war, which threatened the quality of life of the whole mankind. Through two war campaigns against the Islamic world, it seems the U.S. has been pushing its own militaristic security road map of the Greater Middle East democratic initiative, justifying it as a means to retaliate and eradicate the terrorist threats towards themselves. However, with its five-year lopsided victories that cost the nation almost four thousand military casualties, and the war expenses that could match the Vietnam war, the U.S. does not yet seem to be totally emancipated from the fears of terrorism. Terrorism, in itself, is a means of resisting forced rules a form of alternative competition by the weak against the strong, and a way of expressing a dismissive response against dictatorial ideas or orders which allow for no normal changes. Intrinsically, the nature of terrorism is a reaction opposing power logics. Confronted with the absolute military power of the U.S., the Islamic strategies of terrorism have begun to rapidly evolve into a new stage. The new strategies take advantage of their civilization and circumstances, they train and inspire their front-line fighters on the Internet, and issue their orders through the clandestine network of the Al Qaeda operatives. These spontaneously generated strategies have been gained speed among the second, and third Islamic generations, many of whom are now spread throughout western societies. This represents a failure of the power-driven, one-sided overseas security initiatives by the U.S., and is creating a culture of fear and distrust in western societies. It is feared that the U.S. war campaigns have made the clash of religions far worse than before, and may ever lead to global ethnic separations and large-scale population movements. Eventually, it may result in the terrorist groups, enlarged and secretly supported by the huge sums of oil money, driving all mankind into a series of irreparable catastrophes.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.6
• /
• pp.1129-1135
• /
• 2016

The NH-NongHyup network and servers were paralyzed in 2011, in the 2013 3.20 cyber attack happened and classified documents of Korea Hydro & Nuclear Power Co. Ltd were leaked on december in 2015. All of them were conducted by a foreign country. These attacks were planned for a long time compared to the script kids attacks and the techniques used were very complex and sophisticated. However, no successful solution has been implemented to defend an APT attacks(Advanced Persistent Threat Attacks) thus far. We will use big data analytics to analyze whether or not APT attacks has occurred. This research is based on the data collected through ISAC monitoring among 3 hierarchical Korean Defense System. First, we will introduce related research about big data analytics and machine learning. Then, we design two big data analytics models to detect an APT attacks. Lastly, we will present an effective response method to address a detected APT attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.7
• /
• pp.1329-1345
• /
• 2011

After the 9.11 terror attack, lawful Interception (LI) has emerged as an important tool for anti-terrorist activity. Law enforcement agents and administrative government bodies effectively monitor suspicious target users of permanent IP-based network devices by LI in Packet Data Networks (PDNs). However, it is difficult to perform LI in monitoring migrating users from a location to another, who change their IPs due to the proliferation of portable Internet devices enabling 3G IP Multimedia Subsystems (IMS). The existing, manual handover technique in 3G IMS makes it even more difficult to continue the LI activities due to time-lag reissuance of LI authority warrants when the target users move to a new LI jurisdiction via a roaming service. Our proposed model is a seamless LI handover mechanism in 3G IMS to support mobility detection of the target users. The LI warrants are transferred to the new LI agent automatically with the target users when they move to a new LI jurisdiction. Thus, time-lag human intervention of reissuance of the LI warrants is removed and enables the LI authorities to continue monitoring. In the simulation of our proposed mechanism, the quality of lawful interception achieves a mean score of over 97.5% out of the possible 100% maximum score, whereas the quality of the existing mechanism has a mean score of 22.725%.

• Journal of the Korea Convergence Society
• /
• v.9 no.7
• /
• pp.55-62
• /
• 2018

Recently, as the threat of cyber crime increases, the importance of security control to cope with cyber attacks on the information systems in the first place such as real-time detection is increasing. In the name of security control center, cyber terror response center and infringement response center, institutional control personnel are making efforts to prevent cyber attacks. Especially, we are detecting infringement accident by using network security equipment or utilizing control system, but it's not enough to prevent infringement accident by just controlling based on device-driven simple patterns. Therefore, the security control system is continuously being upgraded, and the development and research on the detection method are being actively carried out by the prevention activity against the threat of infringement. In this paper, we have defined the method of detecting infringement of major component module in order to improve the problem of existing infringement detection method. Through the performance tests for each module, we propose measures for effective security control and study effective infringement threat detection method by upgrading the control system using Security Information Event Management (SIEM).

• Convergence Security Journal
• /
• v.16 no.6_1
• /
• pp.43-50
• /
• 2016

As North Korea has a sufficient ability to attack our society's vulnerable computer network, various large-scale cyber attacks are expected to be tried. North Korea's cyber military strength is known a world-class level. The number of its cyber agents is increasing consistently. Recently North Korea's cyber attack has been made regardless of trick and target. But up to now North Korea's cyber attack is more of an exploration than a real attack. Its purpose was to check how fast Korea found a problem and recovered from it. In future, cyber attack that damages substantially is highly probable. In case of an attack against national infrastructure like traffic, financial and energy services, the extent of the damage will be great beyond imagination. In this paper, characteristics of recent North Korea's cyber attack is addressed in depth and countermeasures such as the enactment of cyber terror prevention law, simulation training enforcement, private and public cooperation system construction, cyber security infrastructure expansion, etc. are proposed.

• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.53-59
• /
• 2013

As the hacking technology for cyber-terror and financial fraud evolves, the research and development for advanced and standardized information security technology is growing to be more and more important. In this paper, the domestic level of technology and standardization for information security as compared to advanced country is diagnosed, and future policy is presented by analyzing the influence effect for market and technology. The information security is classified into information security-based & user protection, network & system security, and application security & evaluation validation with details of OTP-based validation, smart-phone app security, and mobile electronic finance, etc. The analytic results indicate that domestic level is some poor for advanced country, the technological development and standardization capability for smart-phone app security and mobile electronic finance is needed, and finally the government's supporting policy for the future Internet is urgently needed.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.43-54
• /
• 2016

The occurrence of cyber crime is on the rise every year, and the security control center, which should play a crucial role in monitoring and early response against the cyber attacks targeting various information systems, its importance has increased accordingly. Every endeavors to prevent cyber attacks is being attempted by information security personnel of government and financial sector's security control center, threat response Center, cyber terror response center, Cert Team, SOC(Security Operator Center) and else. The ordinary method to monitor cyber attacks consists of utilizing the security system or the network security device. It is anticipated, however, to be insufficient since this is simply one dimensional way of monitoring them based on signatures. There has been considerable improvement of the security control system and researchers also have conducted a number of studies on monitoring methods to prevent threats to security. In accordance with the environment changes from ESM to SIEM, the security control system is able to be provided with more input data as well as generate the correlation analysis which integrates the processed data, by extraction and parsing, into the potential scenarios of attack or threat. This article shows case studies how to detect the threat to security in effective ways, from the initial phase of the security control system to current SIEM circumstances. Furthermore, scenarios based security control systems rather than simple monitoring is introduced, and finally methods of producing the correlation analysis and its verification methods are presented. It is expected that this result contributes to the development of cyber attack monitoring system in other security centers.

• Convergence Security Journal
• /
• v.14 no.6_1
• /
• pp.129-138
• /
• 2014

South Korea should correspond to the primary threat to North Korea's nuclear weapons. It is necessary to have countermeasures to solve the realistic problems of North Korea's nuclear weapons. We can intensify military pact between the United States and Korea and at the same time strengthening the current military power. Currently, we take note the threat North Korea's missile. We can not control the development of a nuclear weapon and there are possibilities that North Korea have successfully miniaturized nuclear enough to carry by the missile. We should overview and check the Korea's missile defenses system. While the direction of the overall missile defense system deployment with a focus on lower and upper air defense network. And discuss defense research should be to build a system that can be protected with a key strategic facilities and cities. While North Korea have nuclear weapon, the main issues related to North Korea's nuclear threat. The six party talks countries try to solve the problem by the international and diplomatic approach. At the same time we should make somewhat to defend measures such as military defenses of Kill chain system to protect our country. Kill Chain is on of the effective defense system. We know that North Korea do not abandon to develop nuclear weapons by diplomatic efforts. We should performed in fact by a variety of military suppression method.

• Korean Security Journal
• /
• no.50
• /
• pp.175-206
• /
• 2017

The current study described the history of Islamic extremism and the recent expansion of international Islamic extremism in Indonesia. For doing so, both content analysis of the existing written documents and qualitative interviews were conducted. For the content analysis, media reports and research articles were collected and utilized. For qualitative interviews, Indonesian students and workers in Korea, Korean spouses married to Indonesian, and Korean missionaries in Indonesia were contacted and interviewed. Qualitative interview was conducted between 30 minutes and 2 hours. On the spot, interviews were recorded and later transcribed into written documents. Due to the difficulty of identification of population and the uneasiness of accessability to th study subjects, convenient sampling and snowball sampling were used. According to the results, Islamic extremism in Indonesia had a deep historical root and generally shared similar historical experience with other muslim countries such as Afghanistan, Pakistan, Egypt, and Saudi Arabia where Islamic extremism was deeply rooted in. That is, Islamic extremism began as a reaction to the western imperialism, after independence, Islamic extremism elements were marginalized in the process of construction of the modern nation-state, and Islamic extremist movement was radicalized and became violent during the Soviet-Afghan War. In addition, after 9.11, Islamic extremism in Indonesia was connected to international Islamic extremism network and integrated into such global movement. Such a historical development of Indonesian Islamic extremism was quite organized and robust. Meanwhile, the eastward infiltration and expansion of international Islamic extremism such as IS and Al Qaeda was observed in Indonesia. Particularly, such a worrisome expansion was more clearly visible in the marginalized and underdeveloped countrysides in Indonesia. Such expansion in Indonesia could negatively affect on the security of South Korea. Geographically, Indonesia is proximate to South Korea. This geographical proximity could be a direct security threat to the Korean society, as if Islamic extremism in North Africa and Middle East becomes a direct security threat to Europe. Considering the presence of a large size of Indonesian immigrant workers and communities in South Korea, such a concern is very realistic. The arrest of an Indonesian Islamic extremism supporter in November, 2016, could be a harbinger of the coming trend of Islamic extremism expansion inside South Korea. The Indonesian Islamic community in South Korea could be a passage of Indonesian Islamic extremism into the South Korean society. In this context, it is timely and necessary to pay an attention to the recent trend of Islamic extremism expansion in Indonesia.