• Journal of computational fluids engineering
• /
• v.18 no.1
• /
• pp.28-35
• /
• 2013

Behavior of the side force generated at high angles of attack by two ogive-cylinder bodies of revolution with nose fineness ratio of 2.3 (B1) and 3.5 (B2) and the effect of a strip placed close the nose tip of each body (B1S and B2S) are analyzed through the wind tunnel test at ReD=200,000 and a=42~60 deg. The side force generated by B1 is increased by placing a strip. The side force generated by B2 is in the starboard direction and its magnitude is higher than that of the B1S. The effect of the strips with various dimensions placed on B2 is investigated. It is found that the 4-layer strip placed on the starboard reversed the direction of the side force into port direction. It is confirmed by numerical simulations that the strip promotes the flow separation and increases the average pressure on the side where it is placed and consequently produces the side force in the corresponding direction.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.1
• /
• pp.484-510
• /
• 2017

Network security is rapidly developing, but so are attack methods. Network worms are one of the most widely used attack methods and have are able to propagate quickly. As an active defense approach to network worms, the honeynet technique has long been limited by the closed architecture of traditional network devices. In this paper, we propose a closed loop defense system of worms based on a Software-Defined Networking (SDN) technology, called Worm-Hunter. The flexibility of SDN in network building is introduced to structure the network infrastructures of Worm-Hunter. By using well-designed flow tables, Worm-Hunter is able to easily deploy different honeynet systems with different network structures and dynamically. When anomalous traffic is detected by the analyzer in Worm-Hunter, it can be redirected into the honeynet and then safely analyzed. Throughout the process, attackers will not be aware that they are caught, and all of the attack behavior is recorded in the system for further analysis. Finally, we verify the system via experiments. The experiments show that Worm-Hunter is able to build multiple honeynet systems on one physical platform. Meanwhile, all of the honeynet systems with the same topology operate without interference.

• Wind and Structures
• /
• v.21 no.1
• /
• pp.105-117
• /
• 2015

This paper presents a numerical characterization of real railway overhead cables based on computational fluid dynamics (CFD). Complete analysis of the aerodynamic coefficients of this type of cross section yields a more accurate modelling of pressure loads acting on moving cables than provided by current approaches used in design. Thus, the characterization of certain selected commercial cables is carried out in this work for different wind speeds and angles of attack. The aerodynamic lift and drag coefficients are herein determined for two different types of grooved cables, which establish a relevant data set for the railway industry. Finally, the influence of this characterization on the fluid-structure interaction (FSI) is proved, the static behavior of a catenary system is studied by means of the finite element method (FEM) in order to analyze the effect of different wind angles of attack on the stiffness distribution.

• ETRI Journal
• /
• v.33 no.5
• /
• pp.770-779
• /
• 2011

Security quad and cube (SQC) is a network attack analyzer that is capable of aggregating many different events into a single significant incident and visualizing these events in order to identify suspicious or illegitimate behavior. A network administrator recognizes network anomalies by analyzing the traffic data and alert messages generated in the security devices; however, it takes a lot of time to inspect and analyze them because the security devices generate an overwhelming amount of logs and security events. In this paper, we propose SQC, an efficient method for analyzing network security through visualization. The proposed method monitors anomalies occurring in an entire network and displays detailed information of the attacks. In addition, by providing a detailed analysis of network attacks, this method can more precisely detect and distinguish them from normal events.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1105-1114
• /
• 2021

Due to the recent surge in popularity of cryptocurrency, the threat of cryptojacking, a malicious code for mining cryptocurrencies, is increasing. In particular, web-based cryptojacking is easy to attack because the victim can mine cryptocurrencies using the victim's PC resources just by accessing the website and simply adding mining scripts. The cryptojacking attack causes poor performance and malfunction. It can also cause hardware failure due to overheating and aging caused by mining. Cryptojacking is difficult for victims to recognize the damage, so research is needed to efficiently detect and block cryptojacking. In this work, we take representative distinct symptoms of cryptojacking as an indicator and propose a new architecture. We utilized the K-Nearst Neighbors(KNN) model, which trained computer performance indicators as behavior-based dynamic analysis techniques. In addition, a K-means model, which trained the frequency of malicious script words for script similarity-based static analysis techniques, was utilized. The KNN model had 99.6% accuracy, and the K-means model had a silhouette coefficient of 0.61 for normal clusters.

• Wind and Structures
• /
• v.31 no.6
• /
• pp.509-522
• /
• 2020

Wind load is the principal cause for a large number of the collapse of transmission lines around the world. The transmission line is traditionally designed for wind load according to a linear equivalent method, in which dynamic effects of wind are not appropriately included. Therefore, in the present study, incremental dynamic analysis is utilized to investigate the stability behavior of a 400 kV transmission line under wind load. In that case, the effects of vibration of cables and aerodynamic damping of cables were considered on the stability behavior of the transmission line. Superposition of the harmonic waves method was used to calculate the wind load. The corresponding wind speed to the beginning of the transmission line collapse was determined by incremental dynamic analysis. Also, the effect of the yawed wind was studied to determine the critical attack angle by the incremental dynamic method. The results show the collapse mechanisms of the transmission line and the maximum supportable wind speed, which is predicted 6m/s less than the design wind speed of the studied transmission line. Based on the numerical modeling results, a retrofitting method has been proposed to prevent failure of the tower members under design wind speed.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.2
• /
• pp.295-311
• /
• 2023

Cloud computing has evolved significantly, intending to provide users with fast, dependable, and low-cost services. With its development, malicious users have become increasingly capable of attacking both its internal and external security. To ensure the security of cloud services, encryption, authorization, firewalls, and intrusion detection systems have been employed. However, these single monitoring agents, are complex, time-consuming, and they do not detect ransomware and zero-day vulnerabilities on their own. An innovative Record and Replay-based hybrid Honeynet (R2NET) system has been developed to address this issue. Combining honeynet with Record and Replay (RR) technology, the system allows fine-grained analysis by delaying time-consuming analysis to the replay step. In addition, a machine learning algorithm is utilized to cluster the logs of attackers and store them in a database. So, the accessing time for analyzing the attack may be reduced which in turn increases the efficiency of the proposed framework. The R2NET framework is compared with existing methods such as EEHH net, HoneyDoc, Honeynet system, and AHDS. The proposed system achieves 7.60%, 9.78%%, 18.47%, and 31.52% more accuracy than EEHH net, HoneyDoc, Honeynet system, and AHDS methods.

• Computers and Concrete
• /
• v.20 no.2
• /
• pp.185-196
• /
• 2017

Durability problems initiated from steel corrosion are unseen but critical issues, so that many researches are focused on chloride penetration evaluation. Even if RC (Reinforced Concrete) structures are exposed to normal environment, chloride ingress varies with concrete surface conditions and exposed period. This paper presents an analysis technique for chloride behavior evaluation considering time effect on diffusion and surface conditions assumed as double-layered system. For evaluation of deteriorated surface condition, field investigation was performed for concrete pavement exposed to deicing agent for 18 years. In order to consider enhanced surface concrete, chloride profiles in surface-impregnated concretes exposed to chloride attack for 2 years from previous research were investigated. Through reverse analysis, effectively deteriorated/enhanced depth of surface and the related reduced/enlarged diffusion coefficient in the depth are simulated. The proposed analysis technique was evaluated to handle the chloride behavior more accurately considering changes of chloride ingress within surface layer and decreased diffusion coefficient with time. For the concrete surface exposed to deicing agent, the deteriorated depth and enlarged diffusion coefficient are evaluated to be 12.5~15.0 mm and 200% increasing diffusion coefficient, respectively. The results in concrete containing enhanced cover show 10.0~12.5 mm of impregnated depth and 85% reduction of chloride diffusion in tidal and submerged conditions.

• Journal of Convergence for Information Technology
• /
• v.11 no.4
• /
• pp.55-63
• /
• 2021

Recently, the incidence rate of malicious codes is over tens of thousands of cases, and it is known that it is almost impossible to detect/respond all of them. This study proposes a method for detecting multiple behavior patterns based on a graph database as a new method for dealing with malicious codes. Traditional dynamic analysis techniques and has applied a method to design and analyze graphs of representative associations malware pattern(process, PE, registry, etc.), another new graph model. As a result of the pattern verification, it was confirmed that the behavior of the basic malicious pattern was detected and the variant attack behavior(at least 5 steps), which was difficult to analyze in the past. In addition, as a result of the performance analysis, it was confirmed that the performance was improved by about 9.84 times or more compared to the relational database for complex patterns of 5 or more steps.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.267-279
• /
• 2017

This study emulated unscheduled phishing e-mails over a long period of time by imitating the manner in which external hackers attacked a group of employees in a company. We then measured and analyzed the recipient's ability to identify and respond to phishing e-mails as training progressed. In addition, we analyzed the changes in participants' response behavior when changing the external control condition between the training. As a result of the analysis, it was confirmed that the training duration had a positive (+) relationship with the employees' ability to identify phishing e-mails and the infection rate, and more employees read emails and infected with phishing attacks using social issues and seasonal events. It was also confirmed that reinforcement of internal control policy on infected persons affects positively (+) on the phishing attack response behavior of employees. Based on these results, we would like to suggest the right training method for each organization to enhance the ability of employees to cope with phishing attacks.