• Journal of Digital Convergence
• /
• v.17 no.8
• /
• pp.221-228
• /
• 2019

The importance of security for virtualization products has been increased with the activation policy of cloud computing and it is necessary to analyze cyber security threats and develop security requirements for virtualization products to provide with more secure cloud environments. This paper is a preliminary study with the purpose of developing security functional requirements through analyzing security features and cyber security threats as well as comparison of foreign countries' cases for virtualization products. To do this, the paper compares evaluation schemes for virtualization products in US and UK foreign countries, and analyzes the cyber security threats, security objectives and security requirements in both countries. Furthermore, it proposes the essential checking items and processes for developing security functional requirements about security features of virtualization products to contribute to its more secure development and the establishment of related security evaluation standards.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.7
• /
• pp.613-621
• /
• 2019

Recently, with the development of the Internet of Things (IoT) and cloud computing technologies, security threats have increased as malicious codes infect IoT devices, and new malware spreads ransomware to cloud servers. In this study, we propose a threat-detection technique that checks obfuscated script patterns to compensate for the shortcomings of conventional signature-based and behavior-based detection methods. Proposed is a malicious code-detection technique that is based on malicious script-pattern analysis that can detect zero-day attacks while maintaining the existing detection rate by registering and checking derived distribution patterns after analyzing the types of malicious scripts distributed through websites. To verify the performance of the proposed technique, a prototype system was developed to collect a total of 390 malicious websites and experiment with 10 major malicious script-distribution patterns derived from analysis. The technique showed an average detection rate of about 86% of all items, while maintaining the existing detection speed based on the detection rule and also detecting zero-day attacks.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.35-45
• /
• 2020

Cyber attacks on the aviation weapon system, a state-of-the-art asset, have become a reality and are approaching as a constant threat. However, due to the characteristics of embedded software of the current aviation weapon system, it is managed and operated without connection to the network in peacetime, so the response management to cyber attacks is relatively weak. Therefore, when a cyber attack becomes a reality, it is urgent to prepare and evaluate measures for the adverse effects that such attack will have on the execution of the Air Tasking Order(ATO). In this paper, we propose a framework for operational impact assessment in order to avoid confusion in ATO execution and systematic response to cyber attacks on aviation weapons systems. The proposed framework is designed to minimize the negative impact on operations against cyber attacks that may occur under no warning by analyzing the impact on air operations for each aviation weapon system and standardizing countermeasures for this. In addition, it supports the operational commander to make a quick decision to command for the execution of the operation even in a situation where a cyber attack occurs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.3
• /
• pp.565-573
• /
• 2022

Current mobile communication system is in the mid-process of conversion from 4G LTE to 5G network. According to the generalization of mobile communication services, personal information such as user's identifiers and location information is transmitted through a mobile communication network. The importance of security technology is growing according to the characteristics of wireless mobile communication networks, the use of wireless shared channels is inevitable, and security technology cannot be applied to all network system elements in order to satisfy the bandwidth and speed requirements. In particular, for security threat analysis, researches are being conducted on various attack types and vulnerability analysis through rogue base stations or attacker UE to make user services impossible in the case of 5G networks. In this paper, we established a 5G network testbed using open sources. And we analyzed three security vulnerabilities related to NAS COUNT and confirmed the validity of two vulnerabilities based on the testbed or analyzing the 3GPP standard.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.10
• /
• pp.1525-1530
• /
• 2022

BGP(Border Gateway Protocol) is a routing protocol that is actively used in inter-AS routing on the Internet. However, BGP routing protocol is vulnerable to BGP hijacking attacks that hijack the network by impersonating normal BGP sessions. BGP Hijacking attacks can lead to causing intercept IP traffic or interference with the normal service operation. Recently, BGP hijacking attacks, which have often occurred overseas, have also occurred in Korea. It means threatening the security of the Internet. In this paper, we analyze the overall process of attack through representative attack cases and virtual scenarios of BGP hijacking and based on the results of analyzing the application status of security technology to prevent BGP hijacking attacks by Korea and global major ISPs. It covers the technical proposal of ISPs and autonomous system operators should take to defend against BGP hijacking attacks.

• The Korean Journal of Applied Statistics
• /
• v.35 no.5
• /
• pp.603-617
• /
• 2022

Following the September 11, 2001 terrorist attacks, the United States declared war on terror and invaded Afghanistan and Iraq, winning quickly. However, interest in analyzing terrorist activities has developed as a result of a significant amount of time being spent on the post-war stabilization effort, which failed to minimize the number of terrorist activities that occurred later. Based on terrorist data from 2003 to 2010, this study utilized a Bayesian hierarchical model to forecast the terrorist threat in 2011. The model depicts spatiotemporal dependence with predictors such as population and religion by autonomous district. The military commander in charge of the region can utilize the forecast value based on the our model to prevent terrorism by deploying forces efficiently.

• Journal of Information Technology Applications and Management
• /
• v.29 no.4
• /
• pp.1-16
• /
• 2022

This study analyzed the policy dilemma for ICT SMEs venture companies that changed after COVID-19 based on the results of the cognitive map analysis for ICT SMEs venture policies. First, as a result of analyzing the cognitive map of ICT SMEs venture companies that have changed since COVID-19, ICT venture companies are expanding support for ICT venture companies due to the threat of COVID-19. However, in order to convert COVID-19 into an opportunity factor, it also shows a policy direction to achieve innovative growth by creating a new market through non-face-to-face industry revitalization based on digital transformation (digital new deal). As a result of the study, the policy measures of supporting DNA-centered convergence innovation technology, digital transformation (digital new deal), fostering ICT startups (K-Global project), and expanding support for ICT SMEs did not have a policy dilemma. However, although many support has been expanded for ICT SMEs due to COVID-19, it is difficult to find and foster ICT start-up companies, and globalization problems are occurring due to the decrease in exports to COVID-19, making it difficult to create new markets. There is a negative (-) perception of causality that ICT SMEs venture companies may face risks as jobs decrease and innovative growth cannot be led to the revitalization of the non-face-to-face industry. Therefore, it was found that both the flow of causal relationship between the expansion of support for ICT SMEs and the high growth of ICT SMEs is not + and has a policy dilemma in part.

• Journal of the Korean Society of Systems Engineering
• /
• v.18 no.2
• /
• pp.108-116
• /
• 2022

Accurately predicting wartime resources requirements and preparing war supplies in peacetime is an important task that can determine the outcome of the war by guaranteeing the duration of the operation. The wartime warship damage rate is a measure of estimating the battle damage of our warships in the process of performing battles to achieve the war goal. In the previously studied wartime warship damage rate estimation method, when damage occurs, long-term repair is required due to the complexity and specificity of the ship structure. Only the case of a complete defeat at the level of sinking was defined as a damage, and even if it was impossible to perform a maritime operation mission, it was not estimated as a damage if the level of sinking was not reached. Therefore, in order to improve the reliability of the wartime warship damage rate, the equipment damage assessment level can be estimated based on the warhead weight of the threat weapon system, the vulnerability rate of the warship's equipment, and the warship's hull. In the future, it is expected that the estimation methodology proposed in this study will be used as a simulation logic when developing a model for analyzing the wartime resources requirements for the warship's equipment and hull.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.487-498
• /
• 2023

Security incidents using vulnerabilities in cloud services occur, but it is difficult to collect and analyze traces of incidents in cloud environments with complex and diverse service models. As a result, the importance of cloud forensics research has emerged, and infringement response scenarios must be designed from the perspective of cloud service users (CSUs) and cloud service providers (CSPs) based on representative security threat cases in the public cloud service model. This simulated hacking-based proactive cloud infringement response framework can be used to respond to the cloud service critical resource attack process from the viewpoint of vulnerability detection before cyberattacks occur on the cloud, and can also be expected for data acquisition. Therefore, in this paper, we propose a framework for preventive cloud infringement based on simulated hacking by analyzing and utilizing Cloudfox, a cloud penetration test tool.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.383-389
• /
• 2023

The development of quantum computers and the emergence of quantum algorithms such as Shor's algorithm and Grover's algorithm pose a significant threat to the security of existing cipher systems. Quantum algorithms can efficiently perform mathematical operations that take a long time on traditional computers. This characteristic can significantly reduce the time it takes to break modern cipher systems that rely on mathematical problems. To prepare for quantum attacks based on these algorithms, existing ciphers must be implemented as quantum circuits. Many ciphers have already been implemented as quantum circuits, analyzing quantum resources required for attacks and verifying the quantum strength of the cipher. In this paper, we present quantum circuits for LED lightweight block ciphers and explain each function of quantum circuits. Thereafter, the resources for the LED quantum circuit are estimated and evaluated by comparing them with other lightweight block ciphers.