• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.43-54
• /
• 2016

The occurrence of cyber crime is on the rise every year, and the security control center, which should play a crucial role in monitoring and early response against the cyber attacks targeting various information systems, its importance has increased accordingly. Every endeavors to prevent cyber attacks is being attempted by information security personnel of government and financial sector's security control center, threat response Center, cyber terror response center, Cert Team, SOC(Security Operator Center) and else. The ordinary method to monitor cyber attacks consists of utilizing the security system or the network security device. It is anticipated, however, to be insufficient since this is simply one dimensional way of monitoring them based on signatures. There has been considerable improvement of the security control system and researchers also have conducted a number of studies on monitoring methods to prevent threats to security. In accordance with the environment changes from ESM to SIEM, the security control system is able to be provided with more input data as well as generate the correlation analysis which integrates the processed data, by extraction and parsing, into the potential scenarios of attack or threat. This article shows case studies how to detect the threat to security in effective ways, from the initial phase of the security control system to current SIEM circumstances. Furthermore, scenarios based security control systems rather than simple monitoring is introduced, and finally methods of producing the correlation analysis and its verification methods are presented. It is expected that this result contributes to the development of cyber attack monitoring system in other security centers.

• The Journal of the Korea Contents Association
• /
• v.9 no.9
• /
• pp.235-242
• /
• 2009

This study aims to examine terrorism by biological agents. These days terrorism evolved so rapidly that more than one terror occurs a day in global society as we are on the edge of so-called New-terrorism. One of new examples of new terrorism is Bioterrorism by biological agents. In order to address Bioterrorism we should conduct a study to examine things to be prepared at ordinary times and future plans. As an effort to develop countermeasures against Bioterrorism, anti-terrorism laws should be made on Prevention phases anti-terrorism funding laws as well. Other Bioterrorism laws need to be made. On Response phases initial reaction task force should be ready for making positive initial reaction. A special hospital for CBR(Chemical, Biologlcal, and Radiological) warfare needs to be designated to practice medicine. Biological~safety-Levels should be constructed by IV levels. Effective public promotion network should be built. On Recovery phases evaluation system needs to be suggested and international cooperative network should be established.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.11 no.4
• /
• pp.133-140
• /
• 2008

The purpose of this study is to provide response methods to minimize the damage from chemical terrorism in a naturally ventilated indoor system using several types of dispersion simulations. Three chemical warfare agents such as sarin(GB), phosgene and chlorine gas which have high potential to be used in terror or to be involved with accidents were selected in this simulation. Fire dynamic simulation based on Large Eddy Simulation which is effective because of less computational effort and detailed expression of the dispersion flow was adopted to describe the dispersion behavior of these agents. When the vent speed is 0.005m/s, the heights of 0.1 agent mass fraction are 0.9m for sarin, 1.0m for phosgene and 1.1m for chlorine gas, and the maximum mass fraction are 0.27 for all three agents. However, when the vent speed is increased to 0.05m/s, the heights of 0.1 agent mass fraction become 1.6m for all three agents and maximum mass fraction inside the room increase to 0.70 for sarin, 0.58 for phosgene and 0.53 for chlorine gas. It is shown that molecular weight of the agents has an important role for dispersion, and it is important to install ventilation system with height less than 1.6m to minimize the damage from chemical toxicity.

• Korean Security Journal
• /
• no.7
• /
• pp.95-124
• /
• 2004

It can be said that 'the September 11th Terrorist Attacks' in 2001 were not only the indiscriminate attacks on innocent people but also the whole - political, economical and military - attacks on human life. Also, 'the September 11th Terrorist Attacks' can be regarded as the significant events in the history of world, which were on the peak of the super-terrorism or new-terrorism that had emerged from the 1980s. However, if one would have analysed the developments of terrorism from the 1970s, they could have been foreknown without difficulty. The finding from this study can be summarized as the followings, First, in spite that the USA responsive system against terrorism had been assessed as perfect before 'the September 11th Terrorist Attacks', the fragilities were found in the aspects of the response on the new-terrorism or super-terrorism. The previous responsive system before 'the September 11th Terrorist Attacks' had the following defects as the followings: (1) it was impossible to establish the integrated strategy, because the organizations related to the response against terrorism had not integrated; (2) there were some weakness to collect and diffuse the informations related to terrorism; (3) the security system for the domestic airline service in USA and the responsive system of air defense against terrors on aircraft were very fragile. For these reasons, USA government established the 'Department of Homeland Security' of which the President is the head so that the many organizations related to terrorism were integrated into a single management system. And, it legislated a new act to protect security from terrors, which legalized of the wiretapping in spite of the risk of encroachment upon personal rights, increased the jail terms upon terrorists, froze the bank related to terrorist organization, and could censor e-mails. Second, it seem that Korean responsive system against terrors more fragile than that of USA. One of the reasons is that people have some perception that Korea is a safe zone from terrors, because there were little attacks from international terrorists in Korea. This can be found from the fact that the legal arrangement against terrorism is only the President's instruction No. 47. Under this responsive system against terrorism dependent on only the President's instruction, it is expected that there would be a poor response against terrors due to the lack of unified and integrated responsive agency as like the case of USA before 'the September 11th Terrorist Attacks'. And, where there is no legal countermeasure, it is impossible to expect the binding force on the outside of administrative agencies and the performances to prevent and hinder the terrorist actions can not but be limited. That is to say, the current responsive system can not counteract effectively against the new-terrorism and super-terrorism. Third, although there were some changes in Korean government's policies against terrorism. there still are problems. One of the most important problems is that the new responsive system against terrorism in Korea, different from that of USA, is not a permanent agency but a meeting body that is organized by a commission. This commission is controled by the Prime Minister and the substantial tasks are under the National Intelligence Service. Under this configuration, there can be the lack of strong leadership and control. Additionally, because there is no statute to response against terrorism, it is impossible to prevent and counteract effectively against terrorism. The above summarized suggests that, because the contemporary super-terrorism or new-terrorism makes numerous casualties of unspecified persons and enormous nationwide damages, the thorough prevention against terrorism is the most important challenge, and that the full range of legal and institutional arrangements for the ex post counteraction should be established. In order to do so, it is necessary for the government to make legal and institutional arrangements such as the permanent agency for protection from terrorism in which the related departments cooperates with together and the development of efficient anti-terror programs, and to show its willingness and ability that it can counteract upon any type of domestic and foreign terrorism so that obtain the active supports and confidence from citizens.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.6
• /
• pp.1129-1135
• /
• 2016

The NH-NongHyup network and servers were paralyzed in 2011, in the 2013 3.20 cyber attack happened and classified documents of Korea Hydro & Nuclear Power Co. Ltd were leaked on december in 2015. All of them were conducted by a foreign country. These attacks were planned for a long time compared to the script kids attacks and the techniques used were very complex and sophisticated. However, no successful solution has been implemented to defend an APT attacks(Advanced Persistent Threat Attacks) thus far. We will use big data analytics to analyze whether or not APT attacks has occurred. This research is based on the data collected through ISAC monitoring among 3 hierarchical Korean Defense System. First, we will introduce related research about big data analytics and machine learning. Then, we design two big data analytics models to detect an APT attacks. Lastly, we will present an effective response method to address a detected APT attacks.

• Proceedings of the Korea Contents Association Conference
• /
• 2009.05a
• /
• pp.608-613
• /
• 2009

This study aims to examine terrorism by biological agents. These days terrorism evolved so rapidly that more than one terror occurs a day in global society as we are on the edge of so-called New-terrorism. One of new examples of new terrorism is Bioterrorism by biological agents. In order to address Bioterrorism we should conduct a study to examine things to be prepared at ordinary times and future plans. As an effort to develop countermeasures against Bioterrorism, anti-terrorism laws should be made on Prevention phases anti-terrorism funding laws as well. Other Bioterrorism laws need to be made. On Response phases initial reaction task force should be ready for making positive initial reaction. A special hospital for CBR(Chemical, Biological, and Radiological) warfare needs to be designated to practice medicine. Biological-Safety-Levels should be constructed by IV levels. Effective public promotion network should be built. On Recovery phases evaluation system needs to be suggested and international cooperative network should be established.

• Journal of Digital Convergence
• /
• v.13 no.4
• /
• pp.211-217
• /
• 2015

Recently, school violence problem has increased serious. And this is not only an individual issue but also this is a social problem. Realistically, not only physical violence, cyber violence using the smartphone is very serious. And if the elementary school students are exposed to cyber violence, it becomes even more serious problem. Therefore, we proposed an Smart Monitoring app that protect the smart safety such as as a countermeasure against cyber violence to elementary school students. This Conversion Smart app can support grasp service for children using location based service on the smartphone when he will come to the home. And it can support another service that abuse or vulgar language in messenger. Grasps the degree of use of the language that is prohibited friendship in elementary school through this process, it can be derived. And we have future works that is the search rate and response time an inappropriate word on the proposed system.

• Korean Security Journal
• /
• no.11
• /
• pp.61-86
• /
• 2006

Various terrorism in modern society against nation's dignitaries are constantly existing. They damage severely to the society and the nation's security, and they cause disorganizations of social and national rule orders. In order to provide the key figures' perfect protection, the threatening terroizing environment for primary leaders and the route of terrorism should be intercepted. Effective methods of these are summarized as follow. First, recent terrorism against the primary leaders are mostly assassinations, bomb attacks, and suicide bomb attacks, which terminate in a moment. Therefore, security service agents should keep in mind that protection is the best, and government's anti-terrorism agencies should develop policies and set the directions within a new paradigm to the advance anti-terrorism. Second, advance prevention activities against nation's VIP terrorism should be strengthened, such as strengthening security informational activities, constructing cooperative systems of domestic and international facilities, considering continuous system to prevent terrorism, and intensifying safety counterplans of human and material weak points. Third, international cooperative system should be set to apply economical and political sanctions to nations which support terror organizations in direct or indirect ways, and this system needs to strengthen the punishment against terrorists. Fourth, security systems to protect nation's primary leaders should complement, and developing programs for coping with the terrorism and establishing laws for anti-terrorism should be made. Also, educational training of agents who perform anti-terrorism duties should be strengthened, and scientific techniques and equipment for security should be made to protect primary leaders from terrorism.

• The Journal of the Korea Contents Association
• /
• v.13 no.3
• /
• pp.141-151
• /
• 2013

With the spread of Personal Computers(PC) in the 1980's, many people started to deal businesses with PC. From late 1990's, the Internet age with PC have started and many people have showed keen interest in cyber-space and now they are utilizing it. Since 2000's the use of cyber-space have skyrocketed and it caused significant changes to humans' life. There was a huge prosperity to us but the new kind of crime, cyber-crime, was raised. Unlike past physical type of crimes, those cyber-crimes take place in the cyber-space and they have special features of non-facing, anonymity, specialty, technologic, repetition, continuation. Those cyber-crimes are continually growing since 2003 and in 2010 it almost doubled compared to 2003. General cyber-crimes like phishing-scam pornography circulation was most of them and notably perpetrators of them are younger generation. Recently cyber-crimes are showing the trend of advancing more and more and cyber-bullying, fraud like phishing scam are on the rise. The police are responding by making 'Cyber Terror Response Center', but it does not work effectively with the problems of breakup of prevention and investigation unit, procedure of investigation and the system itself. So, I suggest practical use of private security to remedy our police's weakness and to prevent cyber-crimes. Preventing solutions of cyber-crime with private security are physical defense of large-scale servers and vital computers, building of Back-up system to prevent vital data loss, and building of cyber-crime preventing system combining software and hardware.

• Korean Security Journal
• /
• no.22
• /
• pp.37-64
• /
• 2010

Since the September 11, 2001, the motives and objectives of terrorism that have been targeted at hard targets such as key national facilities have now shifted towards soft targets such as subways, department stores, and tourist hotels; the attacks on these soft targets are steadily increasing. Simultaneous, unconventional, and indiscriminate terrorist attacks on civilians has also increased. In November, 2010, nearly forty states of the G20 and B20 (Business 20) will join in international summits to be hosted in Seoul. This coming July, an additional 350 troops will be deployed to Afghanistan for the sustainment of public security. Such events are sensitive topics, and there is the possibility of terrorist movement. Korea has successfully hosted various international events such as the APEC and ASEM Summits, and the 2002 Korea-Japan World Cup. The experiences from these events must be applied to ensure the safety of public facilities against the dangers of terrorism. First, counter-terrorism center must be established for the long-term, above the General Officer level to ensure the safety and efficiency of multilateral, international summits, as well as promoting policies and legislation aimed at preventing terrorism. Second, a terrorist threat management system must be secured and safety measures must be emphasized. Third, a fundamental structure must be established for the prevention of terrorism on public facilities, as well as legal and government action against the new threat of IED. Fourth, the police and fire fighting networks' must have a firm rapid response posture on the scene of an attack. Fifth, the state of mentality on the recognition of terrorist threats must be changed and restructured by promoting to and educating the population. Sixth, prevention measures must be established via research and academia. Seventh, for the guarantee of security in public facilities, safety management should employ cutting edge technology such as the 3D SICS and further develop and apply such technology. All methods and resources must be fully utilized for the establishment and strengthening terrorism prevention measures.