• Journal of KIISE:Computing Practices and Letters
• /
• v.16 no.4
• /
• pp.405-414
• /
• 2010

According to the statistics of SecurityFocus in 2008, client-side attacks through the Microsoft Internet Explorer have increased by more than 50%. In this paper, we have implemented a behavior-based malicious web page detection system and a blacklist-based malicious web page filtering system. To do this, we first efficiently collected the target URLs by constructing a crawling system. The malicious URL detection system, run on a specific server, visits and renders actively the collected web pages under virtual machine environment. To detect whether each web page is malicious or not, the system state changes of the virtual machine are checked after rendering the page. If abnormal state changes are detected, we conclude the rendered web page is malicious, and insert it into the blacklist of malicious web pages. The malicious URL filtering system, run on the web client machine, filters malicious web pages based on the blacklist when a user visits web sites. We have enhanced system performance by automatically handling message boxes at the time of ULR analysis on the detection system. Experimental results show that the game sites contain up to three times more malicious pages than the other sites, and many attacks incur a file creation and a registry key modification.

• Korean Journal of Remote Sensing
• /
• v.37 no.6_2
• /
• pp.1803-1818
• /
• 2021

As the frequency of drought increases due to climate change, it is very important to have a monitoring system that can accurately determine the situation of widespread drought. However, while ground-based meteorological data has limitations in identifying all the complex droughts in Korea, satellite remote sensing data can be effectively used to identify the spatial characteristics of drought in a wide range of regions and to detect drought. This study attempted to analyze the possibility of using remote sensing data for drought identification in South Korea. In order to monitor various aspects of drought, remote sensing and ground observation data of precipitation and potential evapotranspiration, which are major variables affecting drought, were collected. The evaluation of the applicability of remote sensing data was conducted focusing on the comparison with the observation data. First, to evaluate the applicability and accuracy of remote sensing data, the correlations with observation data were analyzed, and drought indices of various aspects were calculated using precipitation and potential evapotranspiration for meteorological drought monitoring. Then, to evaluate the drought monitoring ability of remote sensing data, the drought reproducibility of the past was confirmed using the drought index. Finally, a high-resolution drought map using remote sensing data was prepared to evaluate the possibility of using remote sensing data for actual drought in South Korea. Through the application of remote sensing data, it was judged that it would be possible to identify and understand various drought conditions occurring in all regions of South Korea, including unmeasured watersheds in the future.

• Geophysics and Geophysical Exploration
• /
• v.9 no.2
• /
• pp.155-162
• /
• 2006

An abnormal seepage flow, which is mainly caused by the piping, is one of the major reasons for embankment dam failure. A leakage detection is therefore a vital part of an embankment dam's monitoring. Resistivity method, which is an efficient tool to detect leakage zones, has been used all over the world for an embankment dam's monitoring. Although the resistivity method gives us very useful information about the leakage problem, there is no more quantitative interpretation than the low resistivity zones in the 2-dimensional resistivity section are regraded simply as the anomalous seepage zones. Recently, resistivity monitoring technique is applied for the detection of leakage zones. However, its interpretation still remains in the stage of presenting the resistivity ratio itself. An increased seepage flow increases a porosity and an increasing porosity decreases the dam's stability. Therefore, the porosity is one of the major factors for an embankment dam's stability. Based on Archie's experimental formula, we try to evaluate a porosity distribution from the resistivity data which is obtained on the dam's crest. We also attempt to represent a procedure to evaluate a safety index of the embankment dam from the resistivity monitoring data.

• Journal of the Korean Geographical Society
• /
• v.37 no.5
• /
• pp.511-521
• /
• 2002

Coastal sand dunes in West coast of Korea are under stress. Due to the newly constructed Seohaean(West Coast) Highways, the number of visitors and the anthropogenic pressures will keep rising in near future. Sea level rise due to the global warming may cause a lot of damage to the natural resources and residents of coastal area. Therefore, many countries including United States are doing nationwide coastline survey using highly sophisticated methodology. In this study, high resolution IKONOS satellite images along with aerial photographs taken since 1960's have been sequentially analyzed using GIS software (Erdas Imagine 8.3). Onsite monitoring has been performed at the 31 measuring points in 10 beaches since the May of 2001 in order to measure the sand budget. Post-construction monitoring after installation of sand fences is also being done on sites regularly. Restoration works seem to be effective at this moment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.147-153
• /
• 2015

Since the DoS(Denial of Service) attack is still an important vulnerable element in many web service sites, sites including public institution should try their best in constructing defensive systems. Recently, DDoS(Distributed Denial of Service) has been raised by prompting mass network traffic that uses NTP's monlist function or DoS attack has been made related to the DNS infrastructure which is impossible for direct defense. For instance, in June 2013, there has been an outbreak of an infringement accident where Computing and Information Agency was the target. There was a DNS application DoS attack which made the public institution's Information System impossible to run its normal services. Like this, since there is a high possibility in having an extensive damage due to the characteristics of DDoS in attacking unspecific information service and not being limited to a particular information system, efforts have to be made in order to minimize cyber threats. This thesis proposes a method for using TTL (Time To Live) value in IP header to detect DDoS attack with IP spoofing, which occurs when data is transmitted under the agreed regulation between the international and domestic information system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.605-616
• /
• 2020

Obfuscation technology delays the analysis of a program by modifying internal logic such as data structure and control flow while maintaining the program's functionality. However, the application of such obfuscation technology to malicious code frequently occurs to reduce the detection rate of malware in antivirus software. The obfuscation technology applied to protect software intellectual property is applied to the malicious code in reverse, which not only lowers the detection rate of the malicious code but also makes it difficult to analyze and thus makes it difficult to identify the functionality of the malicious code. The study of reverse obfuscation techniques that can be closely restored should also continue. This paper analyzes the characteristics of obfuscated code with the option of Pack the Output File and Import Protection among detailed obfuscation technologies provided by VMProtect 3.4.0, a popular tool among commercial obfuscation tools. We present a de-obfuscation algorithm.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2019.05a
• /
• pp.131-131
• /
• 2019

최근 기후변화와 여름철 고온 등으로 인한 녹조현상, 각종 사고로 인한 화학물질 및 유류 유출 등 수질오염과 관련된 사회적 관심이 높아지고 있다. 특히, 화학사고로 인한 유해화학물질 유출은 접촉시 인체에 악영향을 끼치며, 대기 수질 토양을 오염시키고 주변 농작물의 변색이나 괴사를 유발하는 등 발생 시 적절한 조치와 대응이 필요하다. 환경부에서는 유해화학물질 유출사고로 인한 국민건강 및 환경상의 위해를 예방하기 위해 화학물질관리법과 화학물질 등록 및 평가에 관한 법률을 제정하여 유해화학물질을 관리하고 사고에 대응하고 있다. 그러나, 화학사고 발생 시 현장인력에 의존해 공장 인근의 먼지, 악취 등을 감시하거나 화학물질의 유출이 우려되는 곳에 제한적으로 검출센서를 설치해 사고를 감시하고 있으나 미설치 지역에 대한 능동적 탐지가 어렵고, 공간적 분포 탐지가 불가능하여 초동 대응에 한계가 있다. 한편 최근 초분광 영상을 활용하여 물질 고유의 특성을 분석함으로써 토지피복, 식생, 수질 등의 식별에 활용되고 있어 화학물질 감지 가능성도 보여주고 있다. 하지만, 초분광 센서를 활용한 하천의 화학물질 감지를 위한 연구는 아직 미비한 실정이다. 이에 본 연구에서는 우선 유해화학물질의 일종인 황산, 염화티오닐, 톨루엔을 대상으로 지점 분광복사계로 촬영하여 각각의 화학물질이 갖는 분광특성을 수집하여 초분광 영상으로 상호 구분이 가능한 지 확인하고자 하였다. 이상치 검출 및 신뢰도 높은 자료를 구축하기 위해 다회 반복촬영하였으며 반사도의 표준화를 위해 백색판을 동시에 측정하고 이를 정규화하여 분광 라이브러리를 구축한 결과, 대상 화학물질 별 식별이 가능하다는 결과를 도출하였다. 이러한 가능성에 기반하여 추가적인 유해화학물질 분광 라이브러리 데이터베이스를 구축하면, 사고물질의 식별 및 농도를 즉각적으로 확인하고 실시간 모니터링에 적용하여 신속하게 화학사고 발생여부 감지 및 대응에 활용될 것으로 기대한다.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2023.05a
• /
• pp.277-277
• /
• 2023

최근 기후변화의 영향으로 호우의 발생빈도가 증가하고 있는 추세이며, 도시지역의 호우는 돌발적이고 국지적인 특성을 가지고 있어 인명과 재산피해 역시 증가하고 있으며, 급격한 도시화로 인한 구조적으로 홍수에 취약한 실정이다. 국지성 도시호우는 저층(1 km 내외)에서 형성되는 강우가 지배적이며, 기존의 대형레이더는 높은 산 정상에 설치되어 1.5 km 이상의 강우관측을 중심으로 운영됨에 따라 저층강우의 탐지 및 변동성 관측에 취약하여, 이에 대형 레이더에서 뿐만 아니라 도시단위의 국지성 호우관측에 대응할 수 있는 소형 레이더 기반 고정밀 강우관측 마련 및 운영 기술이 필요하다. 현재 K-water는 부산 에코델타 스마트시티에 도시 물재해 플랫폼 구현의 일환으로 돌발강우사전 탐지 및 도시의 신속·정확한 강우 관측을 위하여 높은 시공간 해상도를 제공하는 이중편파X 밴드 소형 강우레이더를 설치하고, 효율적 운용을 위해 각 고도각에서의 빔 차폐율을 확인하고 이를 고려한 최적 관측전략을 수립하였다. 또한 Z-Phi 방법을 이용한 반사도 감쇠 보정 기술을 개발하였으며, 강우 추정을 위해 하이브리드 고도면 합성 기법(HSR) 기법을 적용하고 검증하였다. 이후 소형 레이더의 정량적 추정강수를 이용하여 강우예측 정보를 생산하기 위해 이류모델을 적용하고, 비슬산과 소형 합성 레이더 추정강수로 선행 10분에서 180분까지 예측할 수 있도록 개발하였다. 또한, 지상강우관측 자료와의 정확도 비교 평가를 수행하고, 행정구역 및 표준유역의 예측 평균강우량을 생산하여 부산 에코델타 스마트시티 도시 물재해 통합관리 시스템과 연계운영을 위한 후속 과업을 수행중에 있다.

• Korean Journal of Remote Sensing
• /
• v.29 no.1
• /
• pp.57-68
• /
• 2013

Large-scale coastal construction projects, such as land reclamation and dykes, were constructed from the late twentieth century in Yoobu-Do region. Land reclamation combined with the dynamics of tidal currents may have accelerated local sedimentation and erosion resulting in rapid reformation of coastal topography. This study presents the results of the topography changes around Yoobu-Do by large-scale coastal constructions using time-series waterline extraction technique of Landsat TM/ETM+ data acquired from 1998 to 2012. Furthermore, the Freeman-Durden decomposition was applied to fully polarimetric RADARSAT-2 SAR data in order to analyze the scattering mechanisms of the deposited surface. According to the case study, the deposition areas were over 4.5 $km^2$ and distributed in the east, northeast, and west of Yoobu-Do. In the eastern deposition area, it was found that the scattering mechanism was difference from other deposition areas possibly indicating that different types of soil were deposited.

• Korean Journal of Remote Sensing
• /
• v.30 no.5
• /
• pp.559-570
• /
• 2014

Backscatter signal observed from the space-borne Light Detection And Ranging (LIDAR) system is providing unique 3-dimensional spatial distribution as well as temporal variations for atmospheric aerosols. In this study, the continuous observations for aerosol profiles were analyzed during a years of 2012 by using a Cloud-Aerosol LIDAR with Orthogonal Polarization (CALIOP), carried on the Cloud-Aerosol LIDAR and Infrared Pathfinder Satellite Observation (CALIPSO) satellite. The statistical analysis on the particulate extinction coefficient and depolarization ratio for each altitude was conducted according to time and space in order to estimate the variation of optical properties of aerosols over Northeast Asia ($E110^{\circ}-140^{\circ}$, $N20^{\circ}$ $-50^{\circ}$). The most frequent altitudes of aerosols are clearly identified and seasonal mean aerosol profiles vary with season. Since relatively high particle depolarization ratios (>0.5) are found during all seasons, it is considered that the non-spherical aerosols mixed with pollution are mainly exists over study area. This study forms initial regional 3-dimensional aerosol information, which will be extended and improved over time for estimation of aerosol climatology and event cases.