• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.11a
• /
• pp.1083-1085
• /
• 2010

상호간의 보안 통신을 위해서는 서로간의 안전한 비밀키 교환이 이루어져야 한다. 이를 보장하기 위해서는 안전한 키교환 프로토콜이 사용되어야 한다. 키교환 프로토콜은 안전성을 보장함과 동시에 키의 신선도와 확신에 대한 요구사항을 모두 만족시켜야한다. 현재 대표적인 키교환 프로토콜인 Diffie-Hellman을 기본으로 하는 다양한 프로토콜이 연구 및 개발되고 있다. 최근에 연구된 EKE-E(Encrypted Key Exchange-Efficient) 프로토콜은 Diffie-Hellman 알고리즘을 통한 키교환을 제공하며 man-in-the-middle공격과 오프라인 사전공격에 대한 안정성을 보장한다. 하지만 재전송 공격에 취약성을 가진다. 본 논문에서는 최근에 제안된 키교환 프로토콜인 EKE-E의 안전성을 만족하며 재전송공격에 안전한 프로토콜을 제안한다. 동시에 연산을 줄여 보다 성능을 향상시킨다.

• Proceedings of the Korean Society of Disaster Information Conference
• /
• 2023.11a
• /
• pp.91-92
• /
• 2023

본 논문에서는 노후화된 화력발전소를 해체하고 원래의 자연환경으로 복원하는 공사가 진행되는 가운데 화력발전소 내 대형 철골구조물 중 하나인 터빈동을 발파해체공법을 적용하여 해체한 사례이다. 두께 30mm의 철골 부재를 절단하기 위해 금속제트가 발생되는 전용 장약용기를 제작하였으며, 철골 부재의 두께가 30mm 이상인 일부 철골 부재의 경우에는 가우징을 이용하여 사전취약화를 실시하였다. 또한 구조물 내부에 있는 일부 철골 부재에 대해 kicker charge를 사용하여 붕괴거동에 영향을 미치지 않도록 하였다. 발파에 사용한 전체 장약량은 175kg, 전자뇌관 165개, 장약용기 124개를 사용하여 계획된 방향으로 점진붕괴되었으며, 주변 시설물에 피해 없이 발파해체를 완료하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.11a
• /
• pp.947-948
• /
• 2023

본 논문은 보이스피싱 취약 계층을 위해 통화 내용을 신속하게 처리하여 실시간으로 범죄 여부를 판별하는 VoIP 에 특화된 시스템을 제안하였다. 실제 보이스 피싱 통화 유형을 학습한 탐지 모델을 개발하여 API 로 배포하였다. 또한 보이스피싱 위험도가 일정 수준에 도달할 경우 사용자에게 보이스피싱 가능성을 경고하는 장치를 제작하였다. 본 연구는 보이스피싱을 사전에 탐지함으로써 개인정보의 유출 및 금융 피해를 예방하고 정보 보안을 실천하는 데 기여할 것으로 기대된다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2024.05a
• /
• pp.245-247
• /
• 2024

프로그램의 버그는 해커에 의해 악용될 수 있기 때문에, 이를 사전에 발견하는 것이 매우 중요하다. 최근에는 프로그램의 취약점을 자동으로 찾기 위해 하이브리드 퍼징 기술이 연구되고 있다. 우리는 기존 하이브리드 퍼저들의 한계점인 부족한 확장성을 해결하고자, 스냅샷 기반 하이브리드 퍼저인 H-Fuzz 를 제안한다. H-Fuzz 는 스냅샷 기반 퍼징을 도입하여 하이브리드 퍼징의 확장성 부족 문제를 해결하였다. 그리고 기존 커버리지 기반 퍼저에 비해 H-Fuzz 가 버그를 발견하는데 효과적임을 실험을 통해 확인하였다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.7C
• /
• pp.997-1006
• /
• 2004

The rapid expansion of the Internet has provided users with a diverse range of services. Most Internet users create many different IDs and passwords to subscribe to various Internet services. Thus, the SSO system has been proposed to supplement vulnerable security that may arise from inefficient management system where administrators and users manage a number of ms. The SSO system can provide heightened efficiency and security to users and administrators. Recently commercialized SSO systems integrate a single agent with the broker authentication model. However, this hybrid authentication system cannot resolve problems such as those involving user pre-registration and anonymous users. It likewise cannot provide non-repudiation service between joining objects. Consequently, the hybrid system causes considerable security vulnerability. Since it cannot provide security service for the agent itself, the user's private information and SSO system may have significant security vulnerability. This paper proposed an authentication model that integrates a broker authentication model, out of various authentication models of the SSO system, with a multi-agent system. The proposed method adopts a secure multi-agent system that supplements the security vulnerability of an agent applied to the existing hybrid authentication system. The method proposes an SSO authentication model that satisfies various security requirements not provided by existing broker authentication models and hybrid authentication systems.

• Journal of Wetlands Research
• /
• v.20 no.4
• /
• pp.370-382
• /
• 2018

The purpose of this study is to quantitatively and effectively evaluate the factors affecting flood damage by watershed. National Water Resource Plan(MOCT, 2001) has been developed Potential Flood Damage(PFD) which indicates flood vulnerability. But, it is only a simple grouping and it does not provide guidelines for flood control planning based on detailed evaluation of sub-components. In this study, we used PFD in the Han River basin according to the method applied in the National Water Resource Plan (existing method) and improvement based on actual flood hazard area and data. As an application method, after analyzing by yearly change(2009~2014), we compared and analyzed the tendency of the sub - components that constitute the potential and risk rather than the current grouping. As the result, it was possible to accurately evaluate the existing and improved methods, and it was possible to derive the vulnerability rankings, but the existing methods have different results from the actual watershed tendency. Therefore, the PFD of the improvement method that correctly reflects past history and watershed characteristics is more appropriate for the evaluation of flood vulnerability in the watershed. In addition, it is reasonable to establish a flood control plan referring to this and prevent flood damage in advance.

• 재활복지
• /
• v.20 no.1
• /
• pp.131-150
• /
• 2016

This study aims to compare global policies on ICT accessibility and to suggest possible solutions that help to enhance ICT accessibility for socially disadvantaged groups. The results indicated that related laws and standards in Korea are relatively well established than Asian countries' whereas they need improvements when compared to the US or the UK. Particularly, in spite of rapid development in information communication technology industry, incorporating the definition of newly developed technologies into existing laws related to ICT accessibility seemed slow that caused reluctancy of related parties to address accessibility issues the new technologies create. In addition, Korean government seems less effortful to develop policies and standards apart from web and mobile application accessibility. In order to resolve the problems, firstly, the period or process of enacting and amending laws can be shorten. Next, a government affiliated research institute can be established to do research and develop ICT accessibility related to user scenarios so that effective policies and standards could be readily provided. Even though other possible solutions can be suggested, what is more important than that is that any interested parties should sustainably make efforts to provide equal opportunities for the underserved populations.

• Journal of the Korea institute for structural maintenance and inspection
• /
• v.24 no.6
• /
• pp.34-41
• /
• 2020

In recent years, magnitude and frequency of earthquakes have increased in Korea. Damage to a bridge, which is one of the main infrastructures, can directly lead to considerable loss of human lives. Therefore, engineers need to evaluate the seismic fragility of the structure and prepare for the possible seismic damage. In particular, the number of aging bridges over 30 years of service increases, and thus the seismic analysis and fragility requires accounting for the aging and retrofit effects on the bridge. In this study, the nonlinear static and dynamic analyses were performed to evaluate the effects of the aging and FRP retrofit on a PSC bridge. The aging and FRP retrofit were applied to piers that dominate the response of the bridge during earthquakes. The maximum displacement of the bridge increased due to the aging of the pier but decreased when FRP retrofit applied to the aged pier. In addition, seismic fragility analysis was performed to evaluate the seismic behavior of the bridge combined with the seismic performance of the pier. Compared with the aged bridge, the FRP retrofit bridge showed a decrease in the seismic fragility in all levels of damage. The reduction of the seismic fragility in the FRP bridge was prominent as the value of PGA and level of damage increased.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.187-196
• /
• 2016

Android applications are inherently vulnerable to a repackaging attack such that malicious codes are easily inserted into an application and then resigned by the attacker. These days, it occurs often that such private or individual information is leaked. In principle, all Android applications are composed of user defined methods and APIs. As well as accessing to resources on platform, APIs play a role as a practical functional feature, and user defined methods play a role as a feature by using APIs. In this paper we propose a scheme to analyze sensitive APIs mostly used in malicious applications in terms of how malicious applications operate and which API they use. Based on the characteristics of target APIs, we accumulate the knowledge on such APIs using a machine learning scheme based on Naive Bayes algorithm. Resulting from the learned results, we are able to provide fine-grained numeric score on the degree of vulnerabilities of mobile applications. In doing so, we expect the proposed scheme will help mobile application developers identify the security level of applications in advance.

• Journal of dental hygiene science
• /
• v.16 no.3
• /
• pp.249-255
• /
• 2016

The Ministry of Health and Welfare in Korea has enforced the oral health promotion program for elderly in Korea. There are the denture delivery program and the fluoride application-scaling program for elderly. Donggu Public Health Center in Daejeon has delivered the fluoride application-scaling program for elderly since the demonstration project in 2009. The official dental hygienists had a prior consultation with Dong-gu branch of Korean Senior Citizens Association in Daejeon. We expanded the program through government office, welfare centers, and nursing homes. The participants were satisfied with the public relations (95.2%), scaling (99.7%), fluoride application (91.5%), toothbrushing education (98.6%), and denture cleaning education (96.6%). After a medial accident with persistent bleeding, the pre-inspection survey about systemic disease and medication was reinforced. The official dental hygienists have agonized over the low participation of the low-income group and the overlap benefit with health insurance benefit of scaling. We suggested it be needed the assessment of the public oral health program to overlap with health insurance benefit.