PowerPoint

SANE ()

, Prof. Dr. skim71@korea.ac.kr

1

2

2

3

3

42000. 03. : ()

2009. 12. & 2010. 08. : Successively won DC3 Digital Forensic Challenge 2009 2010

2012. 03 : (Cyber)

2015. 05 : ACM International Collegiate Programming Contest 3

2015. 08. : DEFCON CTF 2015

4

5

17 28

1,000

15520SCI(E)

Jong In Lim ()

5

6 (Nick : Pr0xy5kim), 1971

1999. 02 :

1997.61997.8 : 1998.122004.02 : KISA (Korea Internet & Security Agency)

2004.032011.02 :

2011.03 :, Prof. Dr.

6

72011HARU SECUINSIDE, Prof. Dr.

7

82011

HAckers Re-Union HAckers aRe Us

:

:

BLACK.PERL (www.bpsec.co.kr), CNSECURITY (www.cnsec.co.kr), FlyHigh, GRAYHASH (BEISTLAB, www.grayhash.com), Hackerschool (www.hackerschool.org), iNET COP (www.inetcop.net), NSHC (www.nshc.net), SEWORKS (Wowhacker, www.seworks.co), .[] HARU

8

9SANE(Security Analysis aNd Evaluation, )

, Prof. Dr.

9

10SANE(Security Analysis aNd Evaluation, )

, Prof. Dr.

10

11

11

12

(NIS, CIA)201020141075,472

12

1352

1216,000

13

14

14

15

15

16 (National Security Office, )

(NISNational Intelligence Service ( CIA))

NSRNational Security Research Institute)

(MSIPMinistry of Science, ICT & Future Planning,)

(KISAKorea Internet & Security Agency)(ETRIElectronics and Telecommunications Research Institute)

(KCCKorea Communications Commission)

16

17 (MOIMinistry of the Interior,)

(FSCFinancial Services Commission) (FSSFinancial Supervisory Service,)

(FSIFinancial Security Institute)

(MODMinistry of Defense)

(ADDAgency for Defense Development)

(SPOSupreme Prosecutors Office) NPANational Police Agency)

17

18

18

19 (NISANational Information Security Agency, 2002)

(KIISCKorea Institute of Information Security & Cryptology, 1990)www.kiisc.or.kr

(KCSAKorea Convergence Security Association, 2001)www.kocosa.org

(KISIAKorea Information Security Industry Association, 1997)www.kisia.or.kr

CONCERT (CONsortium of CERTs, 1996)www.concert.or.kr

19

20CISOKorea Council of Chief Information Security Officers 2009)www.cisokorea.org

(OPAKorea Online Privacy Association, 2011) www.opa.or.kr

(KCPPIThe Korean Council on the Protection of Personal Information, 2010)www.kcppi.or.kr

CPO (2007) www.cpoforum.or.kr

HARU (HAckers Re-Union, 2011)www.h4ru.com

20

21

21

2236 ( 28.6% )

5,701 (1 15.8% )

: 32

1,241 (124.6%) (2014)

22

23Since 1996

100%(2014)

23

24 : 8

568 (1 34.6% )(in 2014)

24

252012201630

100%

7

CYDF

25

26Talpiot

Talpiot

1979Talpiot

Talpions 36

CYDF

26

27:

CYDF

27

282015CYDF8ITRaonsecure32DEFKOR,DEFCON CTF 23

4,000 15 finalists!

CYDF

28

29

29

30

NSRCSTECKIA

KISAK-Shield, KITRIBoB, KISAITRC

201425

30

31CSTEC (Cyber Security Training and Exercise Center)

201410

NSR

KISA

20095

KISA

31

32K-Shield

2013

KISA

:

20175,000

:

32

33BoB (Best of the Best)

2012

(KITRI )

:

: HARU

:

33

34BoB (Best of the Best)

:

17,000

OS

34

35BoB (Best of the Best)

13DEFKOR 10 BoB (8) (2)

35

36

2001KISA

www.sis.or.kr

36

37ITRC (University Information Technology Research Center)

2000

MSIP

200020144157.23.6437MSIP

ITRC

37

38

38

39

2006KISAMSIP

201445

CTF

CyKor ()GoN (KAIST)PLUS ()

39

40

40

4110

SECUINSIDE HARUKISA(MSIP)NSR(NIS)KOSCOMCODEGATE SOFTFORUM KISA(MSIP) POC (Power Of Community) Hacking aNd Securityhttp://hacknsecurity.com/

HDCON (Hacking Defence CONtest) KISA(MSIP)White-Hat Hacker Contest NISFISCON (Financial Information Security CONference) FSI(FSS)INC0GNITO 10

41

422011

HARUKISA(MSIP)NSR(NIS)KOSCOM

SECUINSIDE CTF DEFCON CTF

2015 Pwn2Own(Capture The Bug)

www.secuinside.comSECUINSIDE

42

432008

SOFTFORUM KISA(MSIP)

CODEGATE CTFDEFCON CTF

www.codegate.orgCODEGATE

43

442004

KISA(MSIP)

HDCON

44

45

NIAETP (National Information Assurance. Education and Training Program)

45

46

[]

46

47 (1960)

(the 1980)

(1998)[]

47

481990 []

(Source : Algirdas Aviz ienis et al., "Fundamental Concepts of Dependability", UCLA CSD Report no. 010028)

48

SANE ()

, Prof. Dr. skim71@korea.ac.kr

49