• Journal of the Korea Society of Computer and Information
• /
• v.12 no.1 s.45
• /
• pp.161-168
• /
• 2007

Web attack uses structural, logical and coding error or web application rather than vulnerability to Web server itself. According to the Open Web Application Security Project (OWASP) published about ten types of the web application vulnerability to show the causes of hacking, the risk of hacking and the severity of damage are well known. The detection ability and response is important to deal with web hacking. Filtering methods like pattern matching and code modification are used for defense but these methods can not detect new types of attacks. Also though the security unit product like IDS or web application firewall can be used, these require a lot of money and efforts to operate and maintain, and security unit product is likely to generate false positive detection. In this research profiling method that attracts the structure of web application and the attributes of input parameters such as types and length is used, and by installing structural database of web application in advance it is possible that the lack of the validation of user input value check and the verification and attack detection is solved through using profiling identifier of database against illegal request. Integral security management system has been used in most institutes. Therefore even if additional unit security product is not applied, attacks against the web application will be able to be detected by showing the model, which the security monitoring log gathering agent of the integral security management system and the function of the detection of web application attack are combined.

• Journal of the Korean Society of Surveying, Geodesy, Photogrammetry and Cartography
• /
• v.22 no.3
• /
• pp.245-251
• /
• 2004

Recently, in a field of cadastre, a computerization of cadastral map is in progress with great growth of GSIS field. Also, the needs fer the integration of land and building information are widely increasing for integral-management and its application of various land related information. Through a revision of cadastral laws to replace the existing 2D-Cadastre with the 3D-Cadastre, a legal basis to register the position of buildings and facilities is prepared in the governmental or civil fields. This paper presented 3D-Cadastre theory that has been studied on Europe and surveyed building position directly with Totalstation at cadastral control point after choosing pilot test area, Also, the most efficient surveying method of registering building in a cadastral map is presented with comparing and analyzing building position after surveying digital orthophoto and digital map. And it is constructed a 3D information cadastral map model that can make the integral management of land, building, connecting land recorders, building management ledgers, building titles, building pictures, and related attribute information.

• Convergence Security Journal
• /
• v.11 no.1
• /
• pp.71-77
• /
• 2011

NCW(Network Centric- Warfare) encompasses the concept to use computer data processing and network linkage communications techniques, share information and furthermore, enhance the effectiveness of computer-operating systems. As IT(Information & Technology) have become developed in the recent years, the existing warfare system-centered conventional protocol is not use any longer. Instead, network-based NCW is being widely-available, today. Under this changing computer environment, it becomes important to establish algorithm and build the stable communication systems. Tools to identify malign node factors through Wireless Ad-hoc network cause a tremendous error to analyze and use paths of even benign node factors misreported to prove false without testing or indentifying such factors to an adequate level. These things can become an obstacle in the process of creating the optimum network distribution environment. In this regard, this thesis is designed to test and identify paths of benign node factors and then, present techniques to transmit data through the most significant open short path, with the tool of MP-SAR Protocol, security path search provider, in Ad-hoc NCW environment. Such techniques functions to identify and test unnecessary paths of node factors, and thus, such technique users can give an easy access to benign paths of node factors.

• Journal of KIISE:Software and Applications
• /
• v.33 no.7
• /
• pp.605-614
• /
• 2006

The success of a software development project can be determined by the use of QCD. And as a software's size and complexity increase, the importance of early quality assurance rises. Therefore, more effort should be given to prevention, as opposed to correction. In order to provide a framework for the prevention of defects, defect detection activities such as peer review and testing, along with analysis of previous defects, is required. This entails a systematization and use of quality data from previous development efforts. FMEA, which is utilized for system safety assurance, can be applied as a means of software defect prevention. SW-FMEA (Software Failure Mode Effect Analysis) attempts to prevent defects by predicting likely defects. Presently, it has been applied to requirement analysis and design. SW-FMEA utilizes measured data from development activities, and can be used for defect prevention on both the development and management sides, for example, in planning, analysis, design, peer reviews, testing, risk management, and so forth. This research discusses about related methodology and proposes defect prevention model based on SW-FMEA. Proposed model is extended SW-FMEA that focuses on system analysis and design. The model not only supports verification and validation effectively, but is useful for reducing defect detection.

• The KIPS Transactions:PartD
• /
• v.15D no.1
• /
• pp.1-14
• /
• 2008

This paper is on query processing in the mobile devices where memory capacity is limited. In case that a query against a large volume of XML data is processed in such a mobile device, techniques of fragmenting the XML data into chunks and of streaming and processing them are required. Such techniques make it possible to process queries without materializing the XML data in its entirety. The previous schemes such as XFrag[4], XFPro[5], XFLab[6] are not scalable with respect to the increase of the size of the XML data because they lack proper memory management capability. After some information on XML fragments necessary for query processing is stored, it is not deleted even after it becomes of no use. As such, when the XML fragments are dynamically generated and infinitely streamed, there could be no guarantee of normal completion of query processing. In this paper, we address scalability of query processing over dynamic XML fragment stream, proposing techniques of deleting information on XML fragments accumulated during query processing in order to extend the previous schemes. The performance experiments through implementation showed that our extended schemes considerably outperformed the previous ones in memory efficiency and scalability with respect to the size of the XML data.

• Journal of the Korea Institute of Building Construction
• /
• v.16 no.1
• /
• pp.77-85
• /
• 2016

This study provides the numerical model to assess retrofit and strengthen levels in the dispersal and combat facilities. First of all, it is verified that direct-hitting projectiles are more destructive to the structures rather than close-falling bombs with explosion tests. The protective capacity of dispersal and combat facilities, which are modeled with soil uncertainty and structural field data, is analyzed through finite element method. With structural survivability and facility data, the logistic regression model is drawn. This model could be used to determine the level of the retrofit and strengthen in the dispersal and combat facilities of contact areas. For more reliable model, it could be better to identify more significant factors and adapt non-linear model. In addition, for adapting this model on the spot, appropriate strengthen levels should be determined by hands on staffs associated with military facilities.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.1
• /
• pp.190-196
• /
• 2020

FRACAS(Failure Reporting, Analysis and Corrective Action System) has been applied in various industries to improve the reliability of the systems. FRACAS is effective in improving reliability by repeating failure analysis, proper corrective action, and result verification for identified failures. However, FRACAS has many limitations in terms of process, data collection and management to be integrated into the existing development environment. In the domestic defense industry, studies on the development of FRACAS system and process improvement have been conducted to solve the difficulties of applying FRACAS, but most of them are concentrated in the operation/maintenance phase. Since FRACAS should be conducted in consideration of TLCSM(Total Life Cycle System Management), it is necessary to study the reference architecture so that FRACAS can be applied from the early design phase. In this paper, we studied the TLCSM-based integrated architecture considering the system life cycle phases, FRACAS closed-loop process, and FRACAS essentials in order to effectively apply FRACAS throughout the life cycle of defense systems. The proposed architecture was used as a reference model for FRACAS in a shipboard combat system.

• The KIPS Transactions:PartD
• /
• v.16D no.5
• /
• pp.767-790
• /
• 2009

Setting up a priorityfor an embedded system is greatly significant because a release plan at the early stage of product developments can properly be established through right decision making procedures based on the priorities. For instance, both dependencies among requirements and the aspects of product developers should be considered into the priorities to improve the embedded system. Especially, trade-offs among the requirements, which are quite different depending on H/W and S/W architecture styles they use, should be acknowledged without exception. However, the selection process on the priority has hitherto been fairly systematic in the existing environment where hardware and software are not being considered at once. Therefore, this paper suggests an dependency and aspect-based model and process for the requirements of the priority. For this, the paper analyzes the trade-offs between the requirements depending on the disparate Architecture styles of H/W and S/W, and it also reflects the viewpoints of the developers. For thelast thing, the model and process suggested will be applied to the case of the development of both cell phones and cameras to gain authenticity and reliability. In conclusion, the danger occurring when the release plan is constructed can be minimized by screening the priorities that optimizes the embedded system more explicitly.

• Journal of Korea Port Economic Association
• /
• v.25 no.3
• /
• pp.229-250
• /
• 2009

This paper aims to implement an empirical research about the efficiency of America and Northeast Asia pots, and to suggest an effective strategy which can operate these ports more well. This study tries to apply the Data Envelopment Analysis(DEA) model to America and Northeast Asia ports. DEA is a methodology of comparing the relative efficiency of each decision making unit(DMU) by comparing it with other DMUs having similar input and output structure, and is specially very useful when a form of production function of each DMU such as a port is not known. DEA provides the extent of inefficiency of DMUs, which is practically useful information (like the efficiency score and reference sets) required to improve efficiency. This paper analyzed the relative efficiency of 35 ports in America and Northeast Asia for 3 years from 2005 to 2007 through DEA-CCR, DEA-BCC model and scale efficiency. Accordingly, this paper evaluates the efficiency of America and Northeast Asia ports, grasps the position at the present time, and suggests an advanced direction in future.

• Journal of the Korean Society of Child Welfare
• /
• no.59
• /
• pp.183-208
• /
• 2017

The purpose of this study was to identify groups depending on the change trajectory of child maltreatment in childhood and early adolescence. For this study, the data from waves two through six (2011-2015) of the Korean Children and Youth Panel Survey (KCYPS) were used. Participants included first-grade (n=2,300) and fourth-grade (n=2,325) elementary school students. A latent class growth model (LCGM) using Mplus 7.21 was adopted to classify the types of developmental trajectories of child maltreatment. The main results were as follows: First, in physical abuse, childhood from the second to the sixth grades was classified into four groups: decreased, low maintenance, increased, and no maltreatment type. In addition, early adolescence from the fifth grade of elementary school to the third grade of middle school was also classified into the same types. Second, in emotional abuse, childhood was classified into three groups: decreased, increased, and no maltreatment type. Early adolescence was classified into four groups: decreased, low maintenance, increased, and no maltreatment type. Third, in neglect, childhood was classified into four groups: maintenance, low decreasing, low increasing, and no maltreatment type. Early adolescence was classified into three groups: maintenance, low increasing, and no maltreatment type. According to the change of child maltreatment by developmental period, physical abuse continued from childhood to early adolescence, whereas emotional abuse and neglect increased in early adolescence compared to childhood. This study is meaningful in classifying latent classes depending on maltreatment types. Theoretical and practical implications were suggested based on the study results.