The Air Force Research Laboratory (AFRL) is fortunate to have one of its subject matter experts (SMEs) working hand-in-hand with South Korea as it looks to advance its cybersecurity capabilities. This SME acquired his expertise prior to his affiliation with AFRL. In recognition of his knowledge, South Korea’s cybersecurity endeavors spurred an invitation to Syracuse University Professor Dr. Joon Park. Dr. Park now supports the AFRL’s Information Directorate (AFRL/RI) in Rome, NY, under the auspices of the Air Force Office of Scientific Research (AFOSR) funded National Research Council (NRC) Research Associateship Programs (RAP). Through RAP, he is a senior research fellow on a multi-year extended sabbatical. Over the past decades, Dr. Park has been involved with theoretical and practical research and education in information and systems security. He has been integral in establishing Syracuse University as a National Security Agency and Department of Homeland Security-designated Center of Academic Excellence in Information Assurance (IA) both for education and research. He is also the principal investigator for the Department of Defense Information Assurance Scholarship Program at Syracuse University.
Although Dr. Park’s RAP activities primarily aim to contribute to the Directorate’s cyber assurance research and facilitate collaboration with Syracuse University, the broad and in-depth impact in cybersecurity that he achieved as a university professor had already positioned him as a forerunner in the field. During his first year of RAP tenure, Dr. Park’s work at Syracuse University allowed him to create a series of seminars and tutorials for South Korea’s world-class universities and multi-national flagship information technology (IT) companies, such as Korea Advanced Institute of Science and Technology, Yonsei University, Korea Institute of Science and Technology, and Samsung Electronics.
Embracing advanced technology and emphasizing high vigilance are two mindsets that go together in South Korea. With 95% of its households having a permanent Internet connection, the country is leading the world in what it means to be “wired.” This strong measure of progress is blended with apprehension because of South Korea’s locale; it is a region of unsurpassed armament. Similarly, cyberspace exhibits the properties of progress and, with the ever-presence of threats, the potential for peril. Unlike kinetic weapons that invoke the fear of immediate physical harm, attacks within cyberspace have an invisible quality; therefore, defending against them is more diffuse. Being a high-profile occupant of cyberspace has meant that South Korea’s interests in securing its Internet presence have spanned its government, military, industrial, and civilian sectors. Recently, Dr. Park has played a key role in its efforts.
He leads research seminars in South Korea, which are intended for IA researchers, security administrators, and IT system developers, that explore how to apply information security technologies and approaches to real-life systems and services. Based on the demand by the current technology trends and evolution, Dr. Park presents the evolution of security challenges, potential solutions, and related issues in popular IT services, including cloud computing, online social networking, biometrics, and mission-critical systems.
His IA tutorials cover the principal concepts and approaches in information security for executive decision makers within organizations and general IT practitioners. His comprehensive
approach considers not only technical solutions, but also nontechnical issues related to information security management, including principal concepts of information security, system
vulnerabilities, information security policies, models, mechanisms, and evaluation.
The outcome of Dr. Park’s South Korean endeavors exceeded expectations. The goal for his trips was education and dissemination, but he achieved much more. He generated enthusiasm, and enthusiasm can be infectious. As a professor whose primary research and teaching area is information security, he has been trying to share his research outcomes and teaching philosophy so that, ultimately, the cybersecurity knowledge and practice can make a positive impact on the entire society. Dr. Park’s presentations in South Korea were based on work he accomplished prior to his RAP tenure at AFRL, but the spreading of cybersecurity understanding to South Korea has been aligned with AFRL’s interests. Dr. Park’s activities follow closely upon AFRL’s recent investment in
South Korea’s Pohang University of Science and Technology. The university completed a research grant through AFOSR’s Asian Office of Aerospace Research and Development.
The Pohang University effort entitled “Distributed Detection of Attacks/Intrusions and Prevention of Resource-Starvation Attacks in Mobile Ad Hoc Networks” is aimed squarely at
improving mission-based cyber defense; it sought to assure mission-essential functions by preserving scarce battery power during attack avoidance in wireless settings. The research has
synergies with AFRL’s similar endeavors to adapt concepts from the domain of fault-tolerant computing to achieve information assurance in an in-house, AFOSR-funded effort called “Fault
Tolerance for Fight Through (FTFT).” In particular, an AFRL-developed protocol to tolerate attacker-caused faults in mobile wireless units while preserving the units’ battery power
underscored the complementary nature of threat avoidance and surviving the threat, which was exhibited by the respective Korean and AFRL research.
Dr. Park has provided exemplary support to the FTFT effort through his innovation in creating novel approaches for component survivability at runtime in mission-critical distributed systems. His approaches embrace the early adoption of emerging—yet unproven—technology; the rapid recovery of component failure; and the use of commercial-off-the shelf components. Dr. Park‘s compelling demonstrations of his ideas bring AFRL closer to creating cyberspace foundations that are trusted, resilient, and affordable. Leveraging from the research gains achieved in discovering fight-through schemes, he is addressing trust and privacy issues in online social networks. Today, the adoption of online social media and their applications have expanded in kind and size to unprecedented levels and continue to grow at accelerated rates. The creation and deployment of social media is one of the main forces behind the evolution and expansion of the Internet and mobile media. Social media accounts for the majority of Internet traffic while its content comprises the greater part of the daily published multi-media on the Internet. These technologies
have a profound impact on society; yet, they can have detrimental outcomes if used maliciously. Inadvertent usage of online social networks may compromise the user’s privacy.
Additionally, researchers note that an oppressive regime, for example, could misuse its users’ social network to cause a dramatic loss in society’s trust of technology. Such a regime could then assert more political control because the loss of trust would undermine the network’s ability to form linkages among people. Dr. Park’s investigations in the building and maintaining of trust in social networks holds promise for finding a guiding science to better understand the evolution of this technology—a technology that is a microcosm of the Internet and mobile media.
Defense of cyberspace is challenging. The seemingly endless breadth of cyberspace coupled with the technological depth of its composition can divide defensive approaches to be either overarching or highly specific. To abstract away details for the purpose of tractability, overarching approaches can suffer because simplistic models for threats, vulnerabilities, and exploits tend to yield defenses that are too optimistic. Approaches that deal with specific threats, vulnerabilities, and exploits may be more credible, but can quickly lose their meaningfulness as technology changes. Whether approaches are near- or far- term, FTFT’s maintains two goals: the ability to survive and the ability to fight-through. Maintaining such a stance requires a healthy dose of skepticism of a technology’s ability to be defensible.
Dr. Park’s tangible recent research contributions to AFRL/ RI have been through FTFT; yet, if enthusiasm is indeed infectious, then the FTFT effort, and therefore AFRL/RI, is also a beneficiary of his South Korean experiences. A primary part of any research is a proper perspective. Dr. Park’s infusion of the in-house research, his renewed perspective that embraces advanced technology, and his emphasis on high vigilance is a sound prospect for the future of cybersecurity in South Korea and abroad.