• Proceedings of the CALSEC Conference
• /
• 1999.11a
• /
• pp.95-100
• /
• 1999

인터넷의 급속한 보급과 공용망을 통한 전자상거래 등의 활용이 늘어나면서 무결성 보장과 보안장치의 필요성이 부각되고 있다. 무결성 보장을 위하여 여러 가지 방법들이 사용되고 있으며 특히 해쉬함수를 이용한 메시지 인증 방법이 다양한 형태로 응용되어 사용되고 있다. 최근 공용망의 보안취약성을 개선하여 사설망과 같은 환경을 구성하기 위해 가상사설망(VPN)의 개념이 제안되었다. 특히 IP계층에서 VPN을 구성하는 표준으로 IETF에서 제안된 IPsec은 암호화와 무결성기능을 포함한 VPN구성 방법으로 최근 활발히 연구되고 있다. 본 논문에서는 IPsec에 따라 실제로 호스트간의 통신 암호화와 해쉬함수를 이용한 무결성 검증 기능을 제공하는 VPN을 구현하였다.

• Journal of Environmental Impact Assessment
• /
• v.24 no.2
• /
• pp.190-203
• /
• 2015

VRI(Vulnerability-Resilience Index), which is defined as a function of 3 variables: climate exposure, sensitivity, and adaptive capacity, has been quantified for the case of Typhoon which is one of the extreme weathers that will become more serious as climate change proceeds. Because VRI is only indicating the relative importance of vulnerability between regions, the VRI quantification is prerequisite for the effective adaptation policy for climate in Korea. For this purpose, damage statistics such as amount of damage, occurrence frequency, and major damaged districts caused by Typhoon over the past 20 years, has been employed. According to the VRI definition, we first calculated VRI over every district in the case of both with and without weighting factors of climate exposure proxy variables. For the quantitative estimation of weighting factors, we calculated correlation coefficients (R) for each of the proxy variables against damage statistics of Typhoon, and then used R as weighting factors of proxy variables. The results without applying weighting factors indicates some biases between VRI and damage statistics in some regions, but most of biases has been improved by applying weighting factors. Finally, due to the relations between VRI and damage statistics, we are able to quantify VRI expressed as a unit of KRW, showing that VRI=1 is approximately corresponding to 500 hundred million KRW. This methodology of VRI quantification employed in this study, can be also practically applied to the number of future climate scenario studies over Korea.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.1
• /
• pp.115-125
• /
• 2011

Cryptographic hash functions are also called one-way functions and they ensure the integrity of communication data and command by detecting or blocking forgery. Also hash functions can be used with other security protocols for signature, authentication, and key distribution. The SHA-1 was widely used until it was found to be cryptographically broken by Wang, et. al, 2005. For this reason, NIST launched the SHA-3 competition in November 2007 to develop new secure hash function by 2012. Many SHA-3 hash functions were proposed and currently in review process. To choose new SHA-3 hash function among the proposed hash functions, there have been many efforts to analyze the cryptographic secureness, hardware/software characteristics on each proposed one. However there are few research efforts on the SHA-3 from the point of power consumption, which is a crucial metric on hardware module. In this paper, we analyze the power consumption characteristics of the SHA-3 hash functions when they are made in the form of ASIC hardware module. Also we propose power efficient hardware architecture on Luffa, which is strong candidate as a new SHA-3 hash function. Our proposed low power architecture for Luffa achieves 10% less power consumption than previous Luffa hardware architecture.

• Proceedings of the Korean Information Science Society Conference
• /
• 2000.04a
• /
• pp.668-670
• /
• 2000

공개키 암호 알고리즘의 암호화 함수는 한 방향으로의 계산은 매우 쉬우나, 역 계산은 매우 어렵다는 일방향성과 특별한 정보를 가지면 역 계산이 가능하다는 트랩도어(trapdoor)성질이 있어야 하기 때문에 NP 문제나 계산상 풀기 어려운 수학 문제에 기반하여 연구되고 있다. 본 논문에서는 정수 계획법이라는 NP-완전 문제를 이용한 새로운 공개키 암호 알고리즘을 제안한다. 이 알고리즘의 키 생성 방식은 기존의 배낭꾸리기 암호 TTMXPA의 방식과 유사히지만 기존 시스템의 공격 대상이었던 비밀키가 가지는 취약성을 보완하였다.

• The KIPS Transactions:PartC
• /
• v.11C no.5
• /
• pp.595-604
• /
• 2004

By the help of expansion of computer network and rapid growth of Internet, the information infrastructure is now able to provide a wide range of services. Especially open architecture - the inherent nature of Internet - has not only got in the way of offering QoS service, managing networks, but also made the users vulnerable to both the threat of backing and the issue of information leak. Thus, people recognized the importance of both taking active, prompt and real-time action against intrusion threat, and at the same time, analyzing the similar patterns of in-trusion already known. There are now many researches underway on Intrusion Detection System(IDS). The paper carries research on the in-trusion detection system which hired supervised learning algorithm and Fuzzy membership function especially with Neuro-Fuzzy model in order to improve its performance. It modifies tansigmoid transfer function of Neural Networks into fuzzy membership function, so that it can reduce the uncertainty of anomaly intrusion detection. Finally, the fuzzy logic suggested here has been applied to a network-based anomaly intrusion detection system, tested against intrusion data offered by DARPA 2000 Intrusion Data Sets, and proven that it overcomes the shortcomings that Anomaly Intrusion Detection usually has.

• The Journal of Engineering Geology
• /
• v.19 no.1
• /
• pp.99-108
• /
• 2009

Since the preexisting evaluation methods of landslide susceptibility take somehow long time to determine the slope stability based on the field survey and laboratory analysis, there are several problems to acquire immediate evaluation results in the field. In order to overcome the previously mentioned problems and incorrect evaluation results induced by some subjective evaluation criteria and methods, this study tried to develop a method of landslide susceptibility by a quantitative and objective evaluation approach based on the field survey. Therefore, this study developed an evaluation chart for landslide susceptibility on natural terrain using the AHP analysis method to predict landslide hazards on the field sites. The AHP analysis was performed by a questionnaire to several specialists who understands mechanism and influential factors of landslide. Based on the questionnaire, weighting values of criteria and alternatives to influence landslide triggering were determined by the AHP analysis. According to the scoring results of the analysed weighting values, slope angle is the most significant factor. Permeability, water contents, porosity, lithology, and elevation have the significance to the landslide susceptibility in a descending order. Based on the assigned scores of each criterion and alternatives of the criteria, an evaluation chart for landslide susceptibility was suggested. The evaluation chart makes it possible for a geologist to evaluate landslide susceptibility with a total score summed up each alternative score.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11b
• /
• pp.979-981
• /
• 2005

"버퍼에 대한 바운드 체크를 하지 않는다"라는 작은 취약성 하나가 버퍼 오버플로우라는 큰 위협을 만들어냈다. 그러나 그것을 단지 C언어의 무결성 문제로 단정 지어 버릴 수도 없는 문제이다. 일반적으로 버퍼 오버플로우 공격은 메모리에 할당된 버퍼의 경계를 넘는 데이터를 입력하여 프로그램의 함수복귀주소를 조작하고 공격자가 원하는 코드를 삽입하여 이루어진다. 이러한 버퍼 오버플로우에 대한 여러가지 대응책들이 나왔지만 약간의 문제점들을 가지고 있다. 그래서 본 논문에서는 운영체제의 세그멘테이션 기법을 이용하여 그 공격에 대응할 수 있는 한 가지 방법을 제시하고자 한다. 기존의 스택가드(카나리아 버전)의 문제점인 우회공격과 카나리아 워드를 추측하여 이루어지는 공격 그리고 MineZone RAD의 문제가 되는 DRAMA 등에 있어서도 효과적으로 방어할 수 있을 것으로 기대한다. 또한 스택가드(Memguard 버전)에서 이곳저곳에 산재되어 관리하기 어려운 함수복귀주소를 별도의 세그먼트 테이블로 쉽게 관리할 수 있을 것이다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.10 no.6
• /
• pp.201-208
• /
• 2010

The classical iterated hash function is vulnerable to a multi-collision attack. Gauravaram et al. proposed 3C and 3C+ hash functions, in which an accumulation chain is added to usual Merkle-Damgard changing. Their goal is to design composition schemes resistant to generic attacks of Joux's type, but Joscak and Tuma have shown that 3C and 3C+ schemes are not better than Merkle-Damgard scheme in term of security against multi-collision attacks under some mild assumptions. In this dissertation, in order to increase security of 3C hash function, we proposed secure double pipe hash function which was effectively using XOR and XNOR operations per blocks of message. We seek to improve on the work of Lucks in a way. Proposed secure double pipe hash function takes resistance to multi-block collision, fixed point and pre-image attacks.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.5
• /
• pp.325-331
• /
• 2016

This research developed a flood fragility curve of bridges considering the debris impacts. Damage and failures of civil infrastructure due to natural disasters can cause casualties as well as social and economic losses. Fragility analysis is an effective tool to help better understand the vulnerability of a structure to possible extreme events, such as earthquakes and floods. In particular, flood-induced failures of bridges are relatively common in Korea, because of the mountainous regions and summer concentrated rainfall. The main failure reasons during floods are reported to be debris impact and scour; however, research regarding debris impacts is considered challenging due to various uncertainties that affect the failure probability. This study introduces a fragility analysis methodology for evaluating the structural vulnerability due to debris impacts during floods. The proposed method describes how the essential components in fragility analysis are considered, including limit-state function, intensity measure of the debris impact, and finite element model. A numerical example of the proposed fragility analysis is presented using a bridge pier system under a debris impact.

• Journal of the Computational Structural Engineering Institute of Korea
• /
• v.29 no.5
• /
• pp.413-419
• /
• 2016

Damage of infrastructures by an earthquake causes the secondary damage through the world at large more than the damage of the structures themselves. Amomg them, underground utility tunnel structures comes under the special life line: communication, gas, electricity and etc. and it has a need to evaluate its fragility to an earthquake exactly. Therefore, the destruction ability according to peak ground acceleration of earthquakes for the underground utility tunnels is evaluated in this paper. As an input ground motion for evaluating seismic fragilities, real earthquakes and artificial seismic waves which could be generated in the Korean peninsula are used. And as a seismic analysis method, response displacement method and time history analyzing method are used. An limit state which determines whether destruction is based on the bending moment and shear deformation. A method used to deduct seismic fragility curve is method of maximum likelihood and the distribution function is assumed to the log normal distribution. It could evaluate the damage of underground utility tunnels to an earthquake and could be applied as basic data for seismic design of underground utility tunnel structures.