• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.6
• /
• pp.3-12
• /
• 2005

To provide visitors with the various services, Many web sites distribute many ActiveX controls to them because ActiveX controls can overcome limits of HTML documents and script languages. However, PC can become dangerous if it has unsecure ActiveX controls, because they can be executed in HTML documents. Nevertheless, many web sites provide visitors with ActiveX controls whose security are not verified. Therefore, the verification is needed by third party to remove vulnerabilities in ActiveX controls. In this paper, we introduce the process and the technique to fad vulnerabilities. The existing proof codes are not valid because ActiveX controls are different from normal application and domestic environments are different from foreign environments. In this paper, we introduce the technique to prove vulnerabilities in ActiveX control.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.47-60
• /
• 2011

With the increase in the use of mobile banking service, mobile banking has become an attractive target to attackers. Even though many security measures are applied to the current mobile banking service, some threats such as physical theft or penetration to a mobile device from remote side are still remained as unsolved. With aiming to fill this void, we propose a novel approach to prevent e-financial incidents by analyzing mobile device user's input patterns. This approach helps us to distinguish between original user's usage and attacker's usage through analyzing personal input patterns such as input time-interval, finger pressure level on the touch screen. Our proposed method shows high accuracy, and is effective to prevent the e-finance incidents proactively.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.659-666
• /
• 2012

Recently, cloud computing service has become a rising issue in terms of utilizing sources more efficiently and saving costs. However, the service still has some limitations to be popularized because it lacks the verification towards security safety. In particular, the possibility to induce Denial of service is increasing as it is used as Zombie PC with exposure to security weakness of Guest OS's. This paper suggests how cloud system, which is implemented by Xen, detects intrusion caused by Denial of service using hypercall. Through the experiment, the method suggested by K-means and EM shows that two data, collected for 2 mins, 5 mins, 10mins and 20mins each, are distinguished 90% when collected for 2mins and 5mins while collected over 10mins are distinguished 100% successfully.

• Maritime Security
• /
• v.1 no.1
• /
• pp.61-92
• /
• 2020

This paper attempts to examine the changes in China's naval strategy and to analyze the goal, range, and method of each strategy during the Xi Jinping's era. Since the founding of New China, the People's Liberation of Army Navy(PLAN) has made four changes in the naval strategy. Under Xi Jinping's administration, China's naval strategy is far seas operation combined with near seas active defense. Now, China's naval strateg y is shifting from a defensive to an aggressive one, increasing the proportion of offensive weapon systems and the number of state-of-the-art warships, and the scope of the naval strategy has been specified in the second island chain including the Indian Ocean. With the changes of naval strategy, the PLAN will set a new strategic goal to secure maritime dominance and implement an assertive strategy to actively respond to the intervention and intrusion of external forces. Moreover, the PLAN will also improve its sea-based deterrence force and the maneuver force to block other countries in the long-distance maritime conflict zones. The operation method of China's future naval strateg y will gradually shift from 'interdiction' to 'rapid-response.'

• Journal of the Korea Convergence Society
• /
• v.12 no.2
• /
• pp.21-28
• /
• 2021

In this study, we propose a deep learning-based NILM technique using actual measured power data for 5 kinds of home appliances and verify its effectiveness. For about 3 weeks, the active power of the central power measuring device and five kinds of home appliances (refrigerator, induction, TV, washing machine, air cleaner) was individually measured. The preprocessing method of the measured data was introduced, and characteristics of each household appliance were analyzed through spectogram analysis. The characteristics of each household appliance are organized into a learning data set. All the power data measured by the central power measuring device and 5 kinds of home appliances were time-series mapping, and training was performed using a LSTM neural network, which is excellent for time series data prediction. An algorithm that can disaggregate five types of energies using only the power data of the main central power measuring device is proposed.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.81-90
• /
• 2020

In the real world, new types of attacks or variants are constantly emerging, but attack traffic classification models developed through artificial neural networks and supervised learning do not properly detect new types of attacks that have not been trained. Most of the previous studies overlooked this problem and focused only on improving the structure of their artificial neural networks. As a result, a number of new attacks were frequently classified as normal traffic, and attack traffic classification performance was severly degraded. On the other hand, the softmax function, which outputs the probability that each class is correctly classified in the multi-class classification as a result, also has a significant impact on the classification performance because it fails to calculate the softmax score properly for a new type of attack traffic that has not been trained. In this paper, based on this characteristic of softmax function, we propose an efficient method to improve the classification performance against new types of attacks by classifying traffic with a probability below a certain level as attacks, and demonstrate the efficiency of our approach through experiments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.3
• /
• pp.575-590
• /
• 2022

Recently, organizations are increasing their investment to protect information resources from information security(IS) threats through the adoption of IS policies and technologies. However, IS incidents occur in a variety of ways, such as intrusions from outside the organization and exposure to the inside. Our study presented the negative effects of IS role stress on organizational insiders and suggested factors from the organizational and individual perspectives for mitigating IS role stress. We conducted a survey on employees of companies that introduced and applied IS policies to their work and tested the hypothesis using 329 samples. As a result, IS organization justice reduced IS role stress and strengthened IS positive psychological capital, thereby affecting the IS compliance intention of employees. Also, IS positive psychological capital moderated the relationship between IS stress and IS compliance intention. This study contributes to the achievement of internal IS goals by suggesting the conditions that affect the IS compliance behavior of employees in terms of the organizational environment and individual characteristics

• Journal of Internet of Things and Convergence
• /
• v.8 no.2
• /
• pp.7-12
• /
• 2022

The main cause of cable accidents is the accelerated deterioration of the cable itself or internal and external electrical, mechanical, chemical, thermal, moisture intrusion, etc., which reduces insulation performance and causes insulation breakdown, leading to cable accidents. Insulation deterioration can occur even when there is no change in the appearance of the cable, so there is a difficulty in preventing cable accidents due to insulation deterioration. Since cable accidents can occur in areas with poor insulation due to the effects of overvoltage and overcurrent, it is necessary to comprehensively analyze transformers and circuit breakers, and ground faults caused by phase-to-phase imbalance. Ground fault accidents due to insulation breakdown of cables can occur due to defects in the cable itself and poor cable construction, as well as operational influences, arcs during operation of electrical equipment (switchers, circuit breakers, etc.). analysis is needed. This study intends to examine the causes of cable accidents through analysis of cable accidents that occurred in a manufacturing factory.

• Journal of the Society of Disaster Information
• /
• v.18 no.1
• /
• pp.154-162
• /
• 2022

Purpose: The government intends to come up with measures to revitalize safety management at construction sites to shift safety management at construction sites from human capabilities to system-oriented management systems using advanced technologies AIoT and Mobile technologies. Method: The construction site safety management monitoring system using AIoT and Mobile technology conducted an experiment on the effectiveness of the construction site by applying three algorithms: virtual fence, fire monitoring, and recognition of not wearing a safety helmet. Result: The number of workers in the experiment was 215 and 7.61 virtual fence intrusion was 3.5% compared to the number of subjects and 0.16 fire detection were 0.07% compared to the subjects, and the average monthly rate of not wearing a safety helmet was 8.79, 4.05% compared to the subjects. Conclusion: It was found that the construction site safety management monitoring system using AIoT and Mobile technology has a valid effect on the construction site.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2023.05a
• /
• pp.342-342
• /
• 2023

메콩강을 공유하는 6개국은 주로 강의 개발과 수자원의 활용을 통해 경제성장을 이룩하고 있다. 하지만, 각국의 산업화나 경제성장의 수준, 메콩강에 대한 의존도와 관심, 전략 등이 서로 달라 개발에 따른 국가 간 수자원 공유, 환경피해, 지역보존 등의 문제들이 발생하고 있다. 메콩지역의 국가 중 베트남은 하천유역의 많은 부분이 국가공유하천으로 인접국가의 유역개발에 따라 다양한 물 분쟁이 발생할 수 있으며, 잦은 홍수피해가 발생하고, 낙후된 사회인프라로 인해 이수 및 수질오염과 관련된 물 문제 역시 지역적으로 발생하고 있다. 해당지역의 물 문제해결을 위한 정책결정의 지원을 위해서는 수리·수문학적 기초 또는 상세 분석이 필요하며, 본 연구에서는 매년 홍수와 대규모 범람, 비효율적 댐운영으로 인한 가뭄, 염수침입 등의 물 문제가 발생하는 Ca River 유역을 대상유역으로 선정하고 K-series SW 기반의 홍수범람 해석을 수행하였다. K-water에서 개발된 다양한 K-Series SW 중 연구대상유역인 Ca River 하류 유역에 대한 적용에 적합한 모형을 기존 현황조사 등을 바탕으로 1차원 하천흐름해석을 위한 K-River, 2차원 홍수범람해석을 위한 K-Flood 모형을 선정하고 분석을 수행하였다. 2010년과 2013년의 홍수기를 대상으로 K-River모형을 이용하여 Ca river 하류의 수리학적 현상을 해석하였으며, 해당 결과를 기반으로 K-Flood 모형을 이용한 2차원 홍수범람해석을 수행하고 실제 범람지도와의 비교를 수행하였다. 그리고 결과검토를 통해 모의 결과가 수위에 대해 높은 재현성을 보이고 있으며 범람면적과 침수심의 모의결과가 실제 침수양상과 비슷한 양상을 보임을 확인하였다.