• Journal of KIISE
• /
• v.43 no.5
• /
• pp.596-605
• /
• 2016

Since the Denial of Service Attack against multiple targets in the Korean network in private and public sectors in 2009, Korea has spent a great amount of its budget to build strong Internet infrastructure against DDoS attacks. As a result of the investments, many major governments and corporations installed dedicated DDoS defense systems. However, even organizations equipped with the product based defense system often showed incompetency in dealing with DDoS attacks with little variations from known attack types. In contrast, by following a capacity centric DDoS detection method, defense personnel can identify various types of DDoS attacks and abnormality of the system through checking availability of service resources, regardless of the types of specific attack techniques. Thus, the defense personnel can easily derive proper response methods according to the attacks. Deviating from the existing DDoS defense framework, this research study introduces a capacity centric DDoS detection methodology and provides methods to mitigate DDoS attacks by applying the methodology.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2016.05a
• /
• pp.135-135
• /
• 2016

지구온난화가 진행되면서 태풍, 홍수, 호우 등 기후변화에 기인한 재해의 피해수준이 심해지고 범위도 날로 확대되고 있다. 한국의 경우에도 집중호우와 그로 인한 침수피해 등 자연재해로 인한 피해가 늘어나면서 자연재해에 대응할 수 있는 재난행정에 대한 관심이 높아지고 있다. 그럼에도 불구하고 복합적인 양상을 보이는 재난에 효과적으로 대처하기 위한 행정체제에 대한 연구는 아직 부족한 실정이다. 특히 재난행정이 오랫동안 발전해온 미국과 일본의 체제 각각에 대한 연구는 있어왔으나, 한미일 3개국의 재난행정체제를 체계적으로 비교하고 한국에 필요한 시사점을 도출한 연구는 많지 않았다. 따라서 본 연구는 한국의 행정체제의 발전에 오랫동안 지대한 영향을 미쳐온 미국과 일본의 재난행정체제를 분석하고 최근의 재난 양상과 관련해 한국에 필요한 시사점을 도출한다. 본 연구의 연구방법으로는 비교제도분석을 실시했다. 우선 선행연구 검토에 기반하여 재난행정체제의 비교분석에 필요한 비교틀을 구성하고, 분석틀에 기반해 한국, 미국, 그리고 일본의 재난행정체제를 비교한다. 분석결과 한국의 재난 행정체제는 미국 및 일본과 같은 재난행정의 선진국가와 비교할 때 재난관련 법률이 통합적이지 않고 분산되어 있어 상호중복 및 충돌의 소지가 있으며, 재난관리 단계에 있어서도 예방보다는 대응과 복구에 중점을 두는 것으로 나타났다. 또한 재난대응의 1차 책임소재도 불명확하며 민간네트워크도 재난에 효과적으로 대응할 수 있는 수준으로 발전되지 않은 것으로 드러났다. 이러한 문제점에 대한 개선방안으로서 미국과 일본의 재단대응체제으로부터 다음과 같은 시사점을 얻을 수 있다. 첫째, 기존의 분산되어 있는 기본법들을 통폐합하여 재난관리를 통합적으로 다루는 기본법을 제정할 필요가 있다. 둘째, 지방정부의 재난대응역량을 강화시키고 보다 많은 책임과 권한을 부여해야 한다. 셋째, 재난관련 기관들의 역할을 명확히 분담하고, 정보를 공유하며, 조정기제를 효율화하여 재난대응시 협업이 효과적으로 이루어질 수 있도록 하여야 한다. 이를 위해서는 분산적인 재난관리체제를 통합적 성격의 체제로 전환해야 한다. 넷째, 주민단위 재난대응조직과 협력의 틀을 구축하여 민관네트워크를 활성화하여야 한다.

• Journal of Internet Computing and Services
• /
• v.22 no.3
• /
• pp.53-58
• /
• 2021

There is little research on actual business activities in the field of security control. Therefore, in this paper, we intend to present a practical research methodology that can contribute to the calculation of the size of the appropriate input personnel through the modeling of the threat information detection response time of the security control and to analyze the effectiveness of the latest security solutions. The total threat information detection response time performed by the security control center is defined as TIDRT (Total Intelligence Detection & Response Time). The total threat information detection response time (TIDRT) is composed of the sum of the internal intelligence detection & response time (IIDRT) and the external intelligence detection & response time (EIDRT). The internal threat information detection response time (IIDRT) can be calculated as the sum of the five steps required. The ultimate goal of this study is to model the major business activities of the security control center with an equation to calculate the cyber threat information detection response time calculation formula of the security control center. In Chapter 2, previous studies are examined, and in Chapter 3, the calculation formula of the total threat information detection response time is modeled. Chapter 4 concludes with a conclusion.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.19 no.1
• /
• pp.143-158
• /
• 1994

X.435 is the EDI communication protocol published by CCITT and ISO/IEC in 1990. The message types and abstract services of EDI-MS are specified in X.435 recommendation. In this paper, the design methodology on implementation of MSIB in the case that MHS-MS is required to be extended into EDI-MS has been studied. The design methodology presented in this paper is the one using the mapping function of the object relation. This methodology considers the EDI message types and characterictics. The proposed design methodology han an advantage that is able to design the component tables of MSIB satisfying the third normal form and it does not require the normalization processing. The MSIB constructed by the proposed method can store and retrieve multi-values efficiently.

• The Journal of the Korea Contents Association
• /
• v.9 no.4
• /
• pp.34-44
• /
• 2009

Integrating 3D data acquired in multiple views is one of the most important techniques in 3D modeling. However, due to the presence of surface scanning noise and the modification of vertices consisting of surface, the existing integration methods are inadequate to some applications. In this paper, we propose a method of integrating surfaces by using the local surface topology. We first find all boundary vertex pairs satisfying a prescribed geometric condition on adjacent surfaces and then compute 2D planes suitable to each vertex pairs. Using each vertex pair and neighbouring boundary vertices projected to their 2d plane, we produce polygons and divide them to the triangles which will be inserted to empty space between the adjacent surfaces. A proposed method use local surface topology and not modify the vertices consisting of surface to integrate several of surfaces to one surface, so that it is robust and simple. We also integrate the transformed textures to a 2D image plane computed by using a cylindrical projection to composite 3D textured model. The textures will be integrated according to the partition lines which considering attribute of face object. Experimental results on real object data show that the suggested method is simple and robust.

• The KIPS Transactions:PartD
• /
• v.19D no.1
• /
• pp.81-94
• /
• 2012

FORM(Feature-Oriented Reuse Method) is one of representative product line engineering methods. The essence of FORM is the FORM architecture models, which can be reused in the development of multiple products of a software product line. The FORM architecture models, however, have the following problems when applied in practice. First, they are not standardized models like UML(Unified Modeling Language) and therefore they can be constructed only through a specific modeling tool. Second, they do not represent architectural variability explicitly. Instead their variability is only managed through a mapping from a feature model. To address these two problems, we developed at first a method for representing the FORM architecture models using UML, which enables the FORM architecture models to be constructed through various available UML modeling tools. Also, we developed an effective method for representing as well as managing the variability of the FORM architecture models through a mapping from a feature model.

• Journal of the Korea Society for Simulation
• /
• v.21 no.3
• /
• pp.17-24
• /
• 2012

This paper suggests Effectiveness Evaluation Methods of DDoS attacks countermeasures model by simulation. According to the security objectives that are suggested by NIST(National Institute of Standards and Technology), It represents a hierarchical Effectiveness Evaluation Model. we calculated the weights of factors that security objectives, security controls, performance indicator through AHP(Analytic Hierarchy Process) analysis. Subsequently, we implemented Arena Simulation Model for the calculation of function points at the performance indicator. The detection and protection algorithm involve methods of critical-level setting, signature and anomaly(statistic) based detection techniques for Network Layer 4, 7 attacks. Proposed Effectiveness Evaluation Model can be diversely used to evaluate effectiveness of countermeasures and techniques for new security threats each organization.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.12
• /
• pp.481-490
• /
• 2016

Bluetooth utilizes a symmetric key that is exchanged at the first pairing to establish a secure channel. There are four authentication modes which enables device authentication, Just work, Passkey Entry, Out of Band, and Numeric Comparison. Up to now, Just work has been considered as the authentication mode that is vulnerable to Man-In-The-Middle (MITM) Attack. In addition, it is possible to intentionally change any authentication mode to Just work mode, in order to succeed in MITM Attack under Just work mode. However, this kind of attacks have just worked under the assumption that users should not notice that authentication mode was changed. In this paper, We analyze the specification of Secure Simple Pairing, LE Legacy Pairing and LE Secure Connection Pairing. When using Passkey Entry mode on each approach, it seems the MITM attack is possible. Also it offers Passkey Entry MITM attack that does not require assumptions about the user's fault, because it isn't change verification process of the authentication mode unlike traditional attacks. We implement the proposed MITM attacks. Also we presents a scenario in which an attack can be exploited and a countermeasure.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2017.05a
• /
• pp.326-326
• /
• 2017

개수로에서 비에너지(specific energy)는 수로바닥을 기준으로 단위무게의 물이 가지는 에너지로 정의되며 흐름의 위치수두와 속도수두의 합으로 표현된다. 비에너지는 수로단면의 변화에 따른 수심의 변화를 해석하기 위하여 사용되는 중요한 개념이다. 사각형 개수로에서의 비에너지 관계식은 3차방정식의 형태이며, 해석적으로 3개의 해(3개의 수심)를 가지나, 물리적인 의미를 가지는 해는 2개이며 나머지 하나의 해는 음수이므로 물리적인 의미를 가지지 않는다. 물리적인 의미를 가지는 2개의 해는 각각 흐름이 상류(subcritical flow)인 경우와 사류(supercritical flow)인 경우에 대한 수심이다. 즉, 일정한 유량이 흐르는 조건에서 동일한 비에너지를 가지는 수심이 상류와 사류에 각각 존재하는데, 이 2개의 수심을 대응수심(alternate depths)이라 정의한다. 이러한 사각형 개수로에 대한 비에너지 관계식은 3차방정식이므로 그 해석해를 구할 수 있어, 수로단면의 변화에 따른 흐름의 변화를 비교적 쉽게 해석할 수 있다. 사각형 개수로가 아닌 경우의 비에너지 관계식을 이론적으로 고찰하는 연구는 찾아보기 힘들다. 이에 본 연구에서는 포물선형 개수로에 대해서 비에너지 관계식을 유도하였다. 유도된 비에너지 관계식은 비선형 음함수의 형태로 해석적으로 해를 구할 수 없다. 유도된 관계식의 해법으로 2차의 정밀도를 가지는 Newton-Raphson방법을 이용하였으며, 계산의 초기치는 상용화된 Excel에서 쉽게 구할 수 있는 회귀식을 이용하여 구하였다. 적용 예를 통해, 단순 회귀식을 이용하는 경우에는 정해와의 상대오차가 2 - 8% 내외였는데, 본 연구에서 제안하는 방법을 사용하는 경우에는 동일한 조건에서 상대오차가 0.25% 내외를 보였다. 즉 본 연구에서 제시하고 있는 양해법을 이용하면, 포물선형 개수로 흐름의 대응수심을 용이하게 그리고 정확도가 매우 높게 산정할 수 있다.

• The Journal of the Korea Contents Association
• /
• v.19 no.1
• /
• pp.108-116
• /
• 2019

In this paper, we propose a method to apply artificial intelligence technology efficiently to integrated security control technology. In other words, by applying machine learning learning to artificial intelligence based on big data collected in integrated security control system, cyber attacks are detected and appropriately responded. As technology develops, many large capacity Is limited to analyzing individual logs. The analysis method should also be applied to the integrated security control more quickly because it needs to correlate the logs of various heterogeneous security devices rather than one log. We have newly proposed an integrated security service model based on artificial intelligence, which analyzes and responds to these behaviors gradually evolves and matures through effective learning methods. We sought a solution to the key problems expected in the proposed model. And we developed a learning method based on normal behavior based learning model to strengthen the response ability against unidentified abnormal behavior threat. In addition, future research directions for security management that can efficiently support analysis and correspondence of security personnel through proposed security service model are suggested.